groups_controller.rb 3.75 KB
Newer Older
randx's avatar
randx committed
1
class GroupsController < ApplicationController
2
  skip_before_filter :authenticate_user!, only: [:show, :issues, :members, :merge_requests]
randx's avatar
randx committed
3
  respond_to :html
4
  before_filter :group, except: [:new, :create]
randx's avatar
randx committed
5

6
  # Authorize
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
7
  before_filter :authorize_read_group!, except: [:new, :create]
8
  before_filter :authorize_admin_group!, only: [:edit, :update, :destroy]
9
  before_filter :authorize_create_group!, only: [:new, :create]
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
10 11 12 13

  # Load group projects
  before_filter :projects, except: [:new, :create]

14 15
  before_filter :default_filter, only: [:issues, :merge_requests]

16 17
  layout :determine_layout

18 19
  before_filter :set_title, only: [:new, :create]

Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
20 21 22 23 24 25 26 27 28
  def new
    @group = Group.new
  end

  def create
    @group = Group.new(params[:group])
    @group.path = @group.name.dup.parameterize if @group.name

    if @group.save
29
      @group.add_owner(current_user)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
30 31 32 33 34
      redirect_to @group, notice: 'Group was successfully created.'
    else
      render action: "new"
    end
  end
35

randx's avatar
randx committed
36
  def show
37 38 39
    @events = Event.in_projects(project_ids)
    @events = event_filter.apply_filter(@events)
    @events = @events.limit(20).offset(params[:offset] || 0)
40
    @last_push = current_user.recent_push if current_user
randx's avatar
randx committed
41 42 43

    respond_to do |format|
      format.html
44
      format.json { pager_json("events/_events", @events.count) }
randx's avatar
randx committed
45 46 47 48 49
      format.atom { render layout: false }
    end
  end

  def merge_requests
50
    @merge_requests = MergeRequestsFinder.new.execute(current_user, params)
51
    @merge_requests = @merge_requests.page(params[:page]).per(20)
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
52
    @merge_requests = @merge_requests.preload(:author, :target_project)
randx's avatar
randx committed
53 54 55
  end

  def issues
56
    @issues = IssuesFinder.new.execute(current_user, params)
57
    @issues = @issues.page(params[:page]).per(20)
58
    @issues = @issues.preload(:author, :project)
randx's avatar
randx committed
59 60 61 62 63 64 65

    respond_to do |format|
      format.html
      format.atom { render layout: false }
    end
  end

66
  def members
67
    @project = group.projects.find(params[:project_id]) if params[:project_id]
68 69 70 71 72 73 74 75
    @members = group.users_groups

    if params[:search].present?
      users = group.users.search(params[:search])
      @members = @members.where(user_id: users)
    end

    @members = @members.order('group_access DESC').page(params[:page]).per(50)
76
    @users_group = UsersGroup.new
77 78
  end

79 80 81 82
  def edit
  end

  def update
83
    if @group.update_attributes(params[:group])
84 85 86 87 88 89 90 91 92 93 94 95
      redirect_to @group, notice: 'Group was successfully updated.'
    else
      render action: "edit"
    end
  end

  def destroy
    @group.destroy

    redirect_to root_path, notice: 'Group was removed.'
  end

randx's avatar
randx committed
96 97 98
  protected

  def group
skv's avatar
skv committed
99
    @group ||= Group.find_by(path: params[:id])
randx's avatar
randx committed
100 101 102
  end

  def projects
103
    @projects ||= ProjectsFinder.new.execute(current_user, group: group).sorted_by_activity.non_archived
randx's avatar
randx committed
104 105 106
  end

  def project_ids
107
    projects.pluck(:id)
randx's avatar
randx committed
108
  end
109 110 111

  # Dont allow unauthorized access to group
  def authorize_read_group!
112
    unless @group and (projects.present? or can?(current_user, :read_group, @group))
113 114 115 116 117
      if current_user.nil?
        return authenticate_user!
      else
        return render_404
      end
118 119
    end
  end
120 121

  def authorize_create_group!
122 123 124 125 126 127 128 129 130
    unless can?(current_user, :create_group, nil)
      return render_404
    end
  end

  def authorize_admin_group!
    unless can?(current_user, :manage_group, group)
      return render_404
    end
131
  end
132 133 134 135

  def set_title
    @title = 'New Group'
  end
136 137 138 139

  def determine_layout
    if [:new, :create].include?(action_name.to_sym)
      'navless'
140
    elsif current_user
141
      'group'
142 143
    else
      'public_group'
144 145
    end
  end
146 147

  def default_filter
148 149 150 151 152 153 154
    if params[:scope].blank?
      if current_user
        params[:scope] = 'assigned-to-me'
      else
        params[:scope] = 'all'
      end
    end
155 156 157
    params[:state] = 'opened' if params[:state].blank?
    params[:group_id] = @group.id
  end
randx's avatar
randx committed
158
end