groups_controller.rb 3.8 KB
Newer Older
randx's avatar
randx committed
1
class GroupsController < ApplicationController
2
  skip_before_filter :authenticate_user!, only: [:show, :issues, :members, :merge_requests]
randx's avatar
randx committed
3
  respond_to :html
4
  before_filter :group, except: [:new, :create]
randx's avatar
randx committed
5

6
  # Authorize
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
7
  before_filter :authorize_read_group!, except: [:new, :create]
8
  before_filter :authorize_admin_group!, only: [:edit, :update, :destroy, :projects]
9
  before_filter :authorize_create_group!, only: [:new, :create]
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
10 11

  # Load group projects
12
  before_filter :load_projects, except: [:new, :create, :projects, :edit, :update]
13 14
  before_filter :event_filter, only: :show
  before_filter :set_title, only: [:new, :create]
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
15

16 17
  layout :determine_layout

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
18 19 20 21 22
  def new
    @group = Group.new
  end

  def create
23
    @group = Group.new(group_params)
24
    @group.name = @group.path.dup unless @group.name
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
25 26

    if @group.save
27
      @group.add_owner(current_user)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
28 29 30 31 32
      redirect_to @group, notice: 'Group was successfully created.'
    else
      render action: "new"
    end
  end
33

randx's avatar
randx committed
34
  def show
35
    @last_push = current_user.recent_push if current_user
36
    @projects = @projects.includes(:namespace)
randx's avatar
randx committed
37 38 39

    respond_to do |format|
      format.html
40 41

      format.json do
42
        load_events
43 44 45
        pager_json("events/_events", @events.count)
      end

46 47 48 49
      format.atom do
        load_events
        render layout: false
      end
randx's avatar
randx committed
50 51 52 53
    end
  end

  def merge_requests
54
    @merge_requests = get_merge_requests_collection
55
    @merge_requests = @merge_requests.page(params[:page]).per(20)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
56
    @merge_requests = @merge_requests.preload(:author, :target_project)
randx's avatar
randx committed
57 58 59
  end

  def issues
60
    @issues = get_issues_collection
61
    @issues = @issues.page(params[:page]).per(20)
62
    @issues = @issues.preload(:author, :project)
randx's avatar
randx committed
63 64 65 66 67 68 69

    respond_to do |format|
      format.html
      format.atom { render layout: false }
    end
  end

70
  def members
71
    @project = group.projects.find(params[:project_id]) if params[:project_id]
72
    @members = group.group_members
73 74

    if params[:search].present?
75
      users = group.users.search(params[:search]).to_a
76 77 78
      @members = @members.where(user_id: users)
    end

79 80
    @members = @members.order('access_level DESC').page(params[:page]).per(50)
    @users_group = GroupMember.new
81 82
  end

83 84 85
  def edit
  end

86 87 88 89
  def projects
    @projects = @group.projects.page(params[:page])
  end

90
  def update
91
    if @group.update_attributes(group_params)
92
      redirect_to edit_group_path(@group), notice: 'Group was successfully updated.'
93 94 95 96 97 98 99 100 101 102 103
    else
      render action: "edit"
    end
  end

  def destroy
    @group.destroy

    redirect_to root_path, notice: 'Group was removed.'
  end

randx's avatar
randx committed
104 105 106
  protected

  def group
skv's avatar
skv committed
107
    @group ||= Group.find_by(path: params[:id])
randx's avatar
randx committed
108 109
  end

110
  def load_projects
111
    @projects ||= ProjectsFinder.new.execute(current_user, group: group).sorted_by_activity.non_archived
randx's avatar
randx committed
112 113 114
  end

  def project_ids
115
    @projects.pluck(:id)
randx's avatar
randx committed
116
  end
117 118 119

  # Dont allow unauthorized access to group
  def authorize_read_group!
120
    unless @group and (@projects.present? or can?(current_user, :read_group, @group))
121 122 123 124 125
      if current_user.nil?
        return authenticate_user!
      else
        return render_404
      end
126 127
    end
  end
128 129

  def authorize_create_group!
130 131 132 133 134 135 136 137 138
    unless can?(current_user, :create_group, nil)
      return render_404
    end
  end

  def authorize_admin_group!
    unless can?(current_user, :manage_group, group)
      return render_404
    end
139
  end
140 141 142 143

  def set_title
    @title = 'New Group'
  end
144 145 146 147

  def determine_layout
    if [:new, :create].include?(action_name.to_sym)
      'navless'
148
    elsif current_user
149
      'group'
150 151
    else
      'public_group'
152 153
    end
  end
154

155 156 157
  def group_params
    params.require(:group).permit(:name, :description, :path, :avatar)
  end
158 159 160 161 162 163

  def load_events
    @events = Event.in_projects(project_ids)
    @events = event_filter.apply_filter(@events).with_associations
    @events = @events.limit(20).offset(params[:offset] || 0)
  end
randx's avatar
randx committed
164
end