[refs #54] Fix issue ability and comment redirect after update

2011-12-22 11:41:37 +04:00 · 2011-12-22 11:41:37 +04:00 · e2144e0fdb
parent 3ab55d34b8
commit e2144e0fdb
3 changed files with 18 additions and 12 deletions
--- a/app/controllers/comments_controller.rb
+++ b/app/controllers/comments_controller.rb
@ -31,7 +31,8 @@ class CommentsController < ApplicationController
  def update
    if @comment.update_attributes(params[:comment])
      flash[:notice] = I18n.t("flash.comment.saved")
-      redirect_to :back
+      #redirect_to :back
+      redirect_to show_issue_path(@comment.commentable.project, @comment.commentable.serial_id)
    else
      flash[:error] = I18n.t("flash.comment.saved_error")
      render :action => 'new'
--- a/app/controllers/issues_controller.rb
+++ b/app/controllers/issues_controller.rb
@ -1,17 +1,13 @@
 class IssuesController < ApplicationController
  before_filter :authenticate_user!
  before_filter :find_project, :except => [:destroy]
-  before_filter :find_issue_by_serial_id, :only => [:show, :edit]
+  before_filter :find_and_authorize_by_serial_id, :only => [:show, :edit]
+  before_filter :set_issue_stub, :only => [:new, :create]

  load_and_authorize_resource :except => [:show, :edit, :index]
-  authorize_resource :only => [:show, :edit]
-  #authorize_resource :through => :project, :only => [:index], :shallow => true
  authorize_resource :project, :only => [:index]
  autocomplete :user, :uname

-  def show
-  end
-
  def index
    @issues = @project.issues.paginate :per_page => 10, :page => params[:page]
  end
@ -63,7 +59,12 @@ class IssuesController < ApplicationController
    @project = Project.find(params[:project_id])
  end

-  def find_issue_by_serial_id
+  def find_and_authorize_by_serial_id
    @issue = @project.issues.where(:serial_id => params[:serial_id])[0]
+    authorize! params[:action].to_sym, @issue
+  end
+
+  def set_issue_stub
+    @issue = Issue.new(:project => @project)
  end
 end
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@ -96,11 +96,13 @@ class Ability
          repository.platform.relations.exists?(:role => 'admin', :object_type => 'User', :object_id => user.id)
        end

-        can [:show, :index], Issue do |issue|
+        can [:read, :index], Issue do |issue|
+          puts "SHIT\n"*10
          issue.status == 'open'
        end
-        #can [:show, :index], Issue, with_project_id_in_relations_with(:object_type => 'User', :object_id => user.id) do |issue|
-        can [:show, :index], Issue do |issue|
+        #can [:read], Issue, :status => 'open'
+        #can [:show], Issue, with_project_id_in_relations_with(:object_type => 'User', :object_id => user.id)
+        can [:read, :index], Issue do |issue|
          issue.project.relations.exists?(:object_type => 'User', :object_id => user.id)
        end
        can [:create, :new], Issue do |issue|
@ -118,7 +120,9 @@ class Ability
          comment.commentable.project.relations.exists?(:role => 'admin', :object_type => 'User', :object_id => user.id)
        end
        #
-        cannot [:index, :edit, :update, :create, :new, :show], Issue do |issue|
+        cannot [:index, :edit, :update, :create, :new, :read], Issue do |issue|
+          puts "FUCK\n"*10
+          puts !issue.project.has_issues
          !issue.project.has_issues
        end
        cannot [:edit, :update, :create, :new, :destroy], Comment do |comment|