BigW Consortium Gitlab

snippets_controller.rb 3.16 KB
Newer Older
1
class Projects::SnippetsController < Projects::ApplicationController
2
  include ToggleAwardEmoji
3
  include SpammableActions
4

5
  before_action :module_enabled
6
  before_action :snippet, only: [:show, :edit, :destroy, :update, :raw, :toggle_award_emoji, :mark_as_spam]
7 8

  # Allow read any snippet
9
  before_action :authorize_read_project_snippet!, except: [:new, :create, :index]
10 11

  # Allow write(create) snippet
12
  before_action :authorize_create_project_snippet!, only: [:new, :create]
13 14

  # Allow modify snippet
15
  before_action :authorize_update_project_snippet!, only: [:edit, :update]
16 17

  # Allow destroy snippet
18
  before_action :authorize_admin_project_snippet!, only: [:destroy]
19 20 21 22

  respond_to :html

  def index
23 24
    @snippets = SnippetsFinder.new.execute(
      current_user,
25
      filter: :by_project,
26 27 28
      project: @project,
      scope: params[:scope]
    )
29 30 31 32
    @snippets = @snippets.page(params[:page])
    if @snippets.out_of_range? && @snippets.total_pages != 0
      redirect_to namespace_project_snippets_path(page: @snippets.total_pages)
    end
33 34 35
  end

  def new
36
    @snippet = @noteable = @project.snippets.build
37 38 39
  end

  def create
40 41
    create_params = snippet_params.merge(request: request)
    @snippet = CreateSnippetService.new(@project, current_user, create_params).execute
42 43 44 45 46 47 48 49

    if @snippet.valid?
      respond_with(@snippet,
                   location: namespace_project_snippet_path(@project.namespace,
                                                            @project, @snippet))
    else
      render :new
    end
50 51 52 53 54 55
  end

  def edit
  end

  def update
56 57 58 59 60
    UpdateSnippetService.new(project, current_user, @snippet,
                             snippet_params).execute
    respond_with(@snippet,
                 location: namespace_project_snippet_path(@project.namespace,
                                                          @project, @snippet))
61 62 63 64
  end

  def show
    @note = @project.notes.new(noteable: @snippet)
65
    @notes = Banzai::NoteRenderer.render(@snippet.notes.fresh, @project, current_user)
66
    @noteable = @snippet
67 68 69
  end

  def destroy
70
    return access_denied! unless can?(current_user, :admin_project_snippet, @snippet)
71 72 73

    @snippet.destroy

Vinnie Okada committed
74
    redirect_to namespace_project_snippets_path(@project.namespace, @project)
75 76 77 78 79
  end

  def raw
    send_data(
      @snippet.content,
80
      type: 'text/plain; charset=utf-8',
81
      disposition: 'inline',
82
      filename: @snippet.sanitized_file_name
83 84 85 86 87 88 89 90
    )
  end

  protected

  def snippet
    @snippet ||= @project.snippets.find(params[:id])
  end
91
  alias_method :awardable, :snippet
92
  alias_method :spammable, :snippet
93

94 95 96 97
  def authorize_read_project_snippet!
    return render_404 unless can?(current_user, :read_project_snippet, @snippet)
  end

98
  def authorize_update_project_snippet!
99
    return render_404 unless can?(current_user, :update_project_snippet, @snippet)
100 101
  end

102
  def authorize_admin_project_snippet!
103
    return render_404 unless can?(current_user, :admin_project_snippet, @snippet)
104 105 106
  end

  def module_enabled
107
    return render_404 unless @project.feature_available?(:snippets, current_user)
108
  end
109 110

  def snippet_params
111
    params.require(:project_snippet).permit(:title, :content, :file_name, :private, :visibility_level)
112
  end
113
end