Commit 5bf49bb6 authored by Felipe Artur's avatar Felipe Artur

Move note helper method to notes entity file

parent c9be74e2
......@@ -397,9 +397,5 @@ module API
error!(errors[:access_level], 422) if errors[:access_level].any?
not_found!(errors)
end
def noteable_ability_name(noteable)
"read_#{noteable.class.to_s.underscore.downcase}".to_sym
end
end
end
......@@ -21,7 +21,7 @@ module API
get ":id/#{noteables_str}/:#{noteable_id_str}/notes" do
@noteable = user_project.send(noteables_str.to_sym).find(params[noteable_id_str.to_sym])
if can?(current_user, noteable_ability_name(@noteable), @noteable)
if can?(current_user, noteable_read_ability_name(@noteable), @noteable)
# We exclude notes that are cross-references and that cannot be viewed
# by the current user. By doing this exclusion at this level and not
# at the DB query level (which we cannot in that case), the current
......@@ -51,7 +51,7 @@ module API
get ":id/#{noteables_str}/:#{noteable_id_str}/notes/:note_id" do
@noteable = user_project.send(noteables_str.to_sym).find(params[noteable_id_str.to_sym])
@note = @noteable.notes.find(params[:note_id])
can_read_note = can?(current_user, noteable_ability_name(@noteable), @noteable) && !@note.cross_reference_not_visible_for?(current_user)
can_read_note = can?(current_user, noteable_read_ability_name(@noteable), @noteable) && !@note.cross_reference_not_visible_for?(current_user)
if can_read_note
present @note, with: Entities::Note
......@@ -141,5 +141,11 @@ module API
end
end
end
helpers do
def noteable_read_ability_name(noteable)
"read_#{noteable.class.to_s.underscore.downcase}".to_sym
end
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment