BigW Consortium Gitlab

notes_controller.rb 3.88 KB
Newer Older
1
class Projects::NotesController < Projects::ApplicationController
gitlabhq committed
2
  # Authorize
3
  before_action :authorize_read_note!
4
  before_action :authorize_create_note!, only: [:create]
5
  before_action :authorize_admin_note!, only: [:update, :destroy]
Valery Sizov committed
6
  before_action :find_current_user_notes, except: [:destroy, :delete_attachment, :award_toggle]
gitlabhq committed
7

8
  def index
9
    current_fetched_at = Time.now.to_i
10

11
    notes_json = { notes: [], last_fetched_at: current_fetched_at }
12

13
    @notes.each do |note|
14 15 16
      next if note.cross_reference_not_visible_for?(current_user)

      notes_json[:notes] << note_json(note)
17
    end
18 19

    render json: notes_json
20 21
  end

gitlabhq committed
22
  def create
Dmitriy Zaporozhets committed
23
    @note = Notes::CreateService.new(project, current_user, note_params).execute
gitlabhq committed
24 25

    respond_to do |format|
26
      format.json { render json: note_json(@note) }
27
      format.html { redirect_back_or_default }
gitlabhq committed
28 29 30
    end
  end

31
  def update
32
    @note = Notes::UpdateService.new(project, current_user, note_params).execute(note)
gitlabhq committed
33 34

    respond_to do |format|
35
      format.json { render json: note_json(@note) }
36
      format.html { redirect_back_or_default }
gitlabhq committed
37 38 39
    end
  end

40
  def destroy
41 42 43 44
    if note.editable?
      note.destroy
      note.reset_events_cache
    end
45 46

    respond_to do |format|
47
      format.js { render nothing: true }
48 49 50 51
    end
  end

  def delete_attachment
52 53
    note.remove_attachment!
    note.update_attribute(:attachment, nil)
54 55 56 57 58 59

    respond_to do |format|
      format.js { render nothing: true }
    end
  end

Valery Sizov committed
60
  def award_toggle
61 62 63 64 65
    noteable = if note_params[:noteable_type] == "issue"
                 project.issues.find(note_params[:noteable_id])
               else
                 project.merge_requests.find(note_params[:noteable_id])
               end
Valery Sizov committed
66

Valery Sizov committed
67 68 69
    data = {
      author: current_user,
      is_award: true,
70
      note: note_params[:note].delete(":")
Valery Sizov committed
71 72
    }

Valery Sizov committed
73
    note = noteable.notes.find_by(data)
Valery Sizov committed
74 75 76 77

    if note
      note.destroy
    else
Valery Sizov committed
78
      Notes::CreateService.new(project, current_user, note_params).execute
Valery Sizov committed
79 80
    end

Valery Sizov committed
81
    render json: { ok: true }
Valery Sizov committed
82 83
  end

84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99
  private

  def note
    @note ||= @project.notes.find(params[:id])
  end

  def note_to_html(note)
    render_to_string(
      "projects/notes/_note",
      layout: false,
      formats: [:html],
      locals: { note: note }
    )
  end

  def note_to_discussion_html(note)
100 101
    return unless note.for_diff_line?

102 103 104 105 106 107 108
    if params[:view] == 'parallel'
      template = "projects/notes/_diff_notes_with_reply_parallel"
      locals =
        if params[:line_type] == 'old'
          { notes_left: [note], notes_right: [] }
        else
          { notes_left: [], notes_right: [note] }
109
        end
110 111 112 113 114
    else
      template = "projects/notes/_diff_notes_with_reply"
      locals = { notes: [note] }
    end

115
    render_to_string(
116
      template,
117 118
      layout: false,
      formats: [:html],
119
      locals: locals
120 121 122
    )
  end

123
  def note_to_discussion_with_diff_html(note)
124 125
    return unless note.for_diff_line?

126 127 128 129 130 131 132 133
    render_to_string(
      "projects/notes/_discussion",
      layout: false,
      formats: [:html],
      locals: { discussion_notes: [note] }
    )
  end

134
  def note_json(note)
135
    if note.valid?
136
      {
137
        valid: true,
138 139 140 141 142 143 144 145 146
        id: note.id,
        discussion_id: note.discussion_id,
        html: note_to_html(note),
        award: note.is_award,
        note: note.note,
        discussion_html: note_to_discussion_html(note),
        discussion_with_diff_html: note_to_discussion_with_diff_html(note)
      }
    else
147
      {
148 149 150 151
        valid: false,
        award: note.is_award,
        errors: note.errors
      }
152
    end
153 154 155 156 157
  end

  def authorize_admin_note!
    return access_denied! unless can?(current_user, :admin_note, note)
  end
Dmitriy Zaporozhets committed
158 159 160 161 162 163 164

  def note_params
    params.require(:note).permit(
      :note, :noteable, :noteable_id, :noteable_type, :project_id,
      :attachment, :line_code, :commit_id
    )
  end
165 166 167 168

  def find_current_user_notes
    @notes = NotesFinder.new.execute(project, current_user, params)
  end
gitlabhq committed
169
end