BigW Consortium Gitlab

snippets_controller.rb 2.57 KB
Newer Older
1
class Projects::SnippetsController < Projects::ApplicationController
2 3
  before_action :module_enabled
  before_action :snippet, only: [:show, :edit, :destroy, :update, :raw]
4 5

  # Allow read any snippet
6
  before_action :authorize_read_project_snippet!
7 8

  # Allow write(create) snippet
9
  before_action :authorize_create_project_snippet!, only: [:new, :create]
10 11

  # Allow modify snippet
12
  before_action :authorize_update_project_snippet!, only: [:edit, :update]
13 14

  # Allow destroy snippet
15
  before_action :authorize_admin_project_snippet!, only: [:destroy]
16 17 18 19

  respond_to :html

  def index
20 21 22 23
    @snippets = SnippetsFinder.new.execute(current_user, {
      filter: :by_project,
      project: @project
    })
24
    @snippets = @snippets.page(params[:page]).per(PER_PAGE)
25 26 27
  end

  def new
Andrew8xx8 committed
28
    @snippet = @project.snippets.build
29 30 31
  end

  def create
32 33
    @snippet = CreateSnippetService.new(@project, current_user,
                                        snippet_params).execute
34 35 36 37 38 39 40 41

    if @snippet.valid?
      respond_with(@snippet,
                   location: namespace_project_snippet_path(@project.namespace,
                                                            @project, @snippet))
    else
      render :new
    end
42 43 44 45 46 47
  end

  def edit
  end

  def update
48 49 50 51 52
    UpdateSnippetService.new(project, current_user, @snippet,
                             snippet_params).execute
    respond_with(@snippet,
                 location: namespace_project_snippet_path(@project.namespace,
                                                          @project, @snippet))
53 54 55 56
  end

  def show
    @note = @project.notes.new(noteable: @snippet)
57
    @notes = @snippet.notes.fresh
58
    @noteable = @snippet
59 60 61
  end

  def destroy
62
    return access_denied! unless can?(current_user, :admin_project_snippet, @snippet)
63 64 65

    @snippet.destroy

Vinnie Okada committed
66
    redirect_to namespace_project_snippets_path(@project.namespace, @project)
67 68 69 70 71
  end

  def raw
    send_data(
      @snippet.content,
72
      type: 'text/plain; charset=utf-8',
73
      disposition: 'inline',
74
      filename: @snippet.sanitized_file_name
75 76 77 78 79 80 81 82 83
    )
  end

  protected

  def snippet
    @snippet ||= @project.snippets.find(params[:id])
  end

84
  def authorize_update_project_snippet!
85
    return render_404 unless can?(current_user, :update_project_snippet, @snippet)
86 87
  end

88
  def authorize_admin_project_snippet!
89
    return render_404 unless can?(current_user, :admin_project_snippet, @snippet)
90 91 92 93 94
  end

  def module_enabled
    return render_404 unless @project.snippets_enabled
  end
95 96

  def snippet_params
97
    params.require(:project_snippet).permit(:title, :content, :file_name, :private, :visibility_level)
98
  end
99
end