Skip to content

G
gitlab-ce
Commit 2acde87e authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets
Browse files
Options

Project hook, milestone, snippet strong params 

Signed-off-by: default avatarDmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
parent e382c8df
Hide whitespace changes
Inline Side-by-side
Showing with 24 additions and 14 deletions
app/controllers/admin/hooks_controller.rb
View file @ 2acde87e
...@@ -5,7 +5,7 @@ class Admin::HooksController < Admin::ApplicationController ...@@ -5,7 +5,7 @@ class Admin::HooksController < Admin::ApplicationController
end end
def create def create
@hook = SystemHook.new(params[:hook]) @hook = SystemHook.new(hook_params)
if @hook.save if @hook.save
redirect_to admin_hooks_path, notice: 'Hook was successfully created.' redirect_to admin_hooks_path, notice: 'Hook was successfully created.'
...@@ -37,4 +37,8 @@ class Admin::HooksController < Admin::ApplicationController ...@@ -37,4 +37,8 @@ class Admin::HooksController < Admin::ApplicationController
redirect_to :back redirect_to :back
end end
def hook_params
params.require(:hook).permit(:url)
end
end end
app/controllers/projects/hooks_controller.rb
View file @ 2acde87e
...@@ -42,6 +42,6 @@ class Projects::HooksController < Projects::ApplicationController ...@@ -42,6 +42,6 @@ class Projects::HooksController < Projects::ApplicationController
end end
def hook_params def hook_params
params.require(:hook).permit(:url) params.require(:hook).permit(:url, :push_events, :issues_events, :merge_requests_events, :tag_push_events)
end end
end end
app/controllers/projects/milestones_controller.rb
View file @ 2acde87e
...@@ -37,7 +37,7 @@ class Projects::MilestonesController < Projects::ApplicationController ...@@ -37,7 +37,7 @@ class Projects::MilestonesController < Projects::ApplicationController
end end
def create def create
@milestone = Milestones::CreateService.new(project, current_user, params[:milestone]).execute @milestone = Milestones::CreateService.new(project, current_user, milestone_params).execute
if @milestone.save if @milestone.save
redirect_to project_milestone_path(@project, @milestone) redirect_to project_milestone_path(@project, @milestone)
...@@ -47,7 +47,7 @@ class Projects::MilestonesController < Projects::ApplicationController ...@@ -47,7 +47,7 @@ class Projects::MilestonesController < Projects::ApplicationController
end end
def update def update
@milestone = Milestones::UpdateService.new(project, current_user, params[:milestone]).execute(milestone) @milestone = Milestones::UpdateService.new(project, current_user, milestone_params).execute(milestone)
respond_to do |format| respond_to do |format|
format.js format.js
...@@ -105,4 +105,8 @@ class Projects::MilestonesController < Projects::ApplicationController ...@@ -105,4 +105,8 @@ class Projects::MilestonesController < Projects::ApplicationController
def module_enabled def module_enabled
return render_404 unless @project.issues_enabled return render_404 unless @project.issues_enabled
end end
def milestone_params
params.require(:milestone).permit(:title, :description, :due_date, :state_event)
end
end end
app/controllers/projects/snippets_controller.rb
View file @ 2acde87e
...@@ -25,7 +25,7 @@ class Projects::SnippetsController < Projects::ApplicationController ...@@ -25,7 +25,7 @@ class Projects::SnippetsController < Projects::ApplicationController
end end
def create def create
@snippet = @project.snippets.build(params[:project_snippet]) @snippet = @project.snippets.build(snippet_params)
@snippet.author = current_user @snippet.author = current_user
if @snippet.save if @snippet.save
...@@ -39,7 +39,7 @@ class Projects::SnippetsController < Projects::ApplicationController ...@@ -39,7 +39,7 @@ class Projects::SnippetsController < Projects::ApplicationController
end end
def update def update
if @snippet.update_attributes(params[:project_snippet]) if @snippet.update_attributes(snippet_params)
redirect_to project_snippet_path(@project, @snippet) redirect_to project_snippet_path(@project, @snippet)
else else
respond_with(@snippet) respond_with(@snippet)
...@@ -86,4 +86,8 @@ class Projects::SnippetsController < Projects::ApplicationController ...@@ -86,4 +86,8 @@ class Projects::SnippetsController < Projects::ApplicationController
def module_enabled def module_enabled
return render_404 unless @project.snippets_enabled return render_404 unless @project.snippets_enabled
end end
def snippet_params
params.require(:project_snippet).permit(:title, :content, :file_name, :private)
end
end end
app/controllers/snippets_controller.rb
View file @ 2acde87e
...@@ -51,7 +51,7 @@ class SnippetsController < ApplicationController ...@@ -51,7 +51,7 @@ class SnippetsController < ApplicationController
end end
def create def create
@snippet = PersonalSnippet.new(params[:personal_snippet]) @snippet = PersonalSnippet.new(snippet_params)
@snippet.author = current_user @snippet.author = current_user
if @snippet.save if @snippet.save
...@@ -65,7 +65,7 @@ class SnippetsController < ApplicationController ...@@ -65,7 +65,7 @@ class SnippetsController < ApplicationController
end end
def update def update
if @snippet.update_attributes(params[:personal_snippet]) if @snippet.update_attributes(snippet_params)
redirect_to snippet_path(@snippet) redirect_to snippet_path(@snippet)
else else
respond_with @snippet respond_with @snippet
...@@ -109,4 +109,8 @@ class SnippetsController < ApplicationController ...@@ -109,4 +109,8 @@ class SnippetsController < ApplicationController
def set_title def set_title
@title = 'Snippets' @title = 'Snippets'
end end
def snippet_params
params.require(:personal_snippet).permit(:title, :content, :file_name, :private)
end
end end
app/models/milestone.rb
View file @ 2acde87e
...@@ -16,8 +16,6 @@ ...@@ -16,8 +16,6 @@
class Milestone < ActiveRecord::Base class Milestone < ActiveRecord::Base
include InternalId include InternalId
#attr_accessible :title, :description, :due_date, :state_event
belongs_to :project belongs_to :project
has_many :issues has_many :issues
has_many :merge_requests has_many :merge_requests
......
app/models/project_hook.rb
View file @ 2acde87e
...@@ -18,8 +18,6 @@ ...@@ -18,8 +18,6 @@
class ProjectHook < WebHook class ProjectHook < WebHook
belongs_to :project belongs_to :project
#attr_accessible :push_events, :issues_events, :merge_requests_events, :tag_push_events
scope :push_hooks, -> { where(push_events: true) } scope :push_hooks, -> { where(push_events: true) }
scope :tag_push_hooks, -> { where(tag_push_events: true) } scope :tag_push_hooks, -> { where(tag_push_events: true) }
scope :issue_hooks, -> { where(issues_events: true) } scope :issue_hooks, -> { where(issues_events: true) }
......
app/models/snippet.rb
View file @ 2acde87e
...@@ -18,8 +18,6 @@ ...@@ -18,8 +18,6 @@
class Snippet < ActiveRecord::Base class Snippet < ActiveRecord::Base
include Linguist::BlobHelper include Linguist::BlobHelper
#attr_accessible :title, :content, :file_name, :expires_at, :private
default_value_for :private, true default_value_for :private, true
belongs_to :author, class_name: "User" belongs_to :author, class_name: "User"
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7