Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
gitlab-ce
Commits
eb1004f7
Commit
eb1004f7
authored
Nov 29, 2012
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Refactor abilities. Added ProjectUpdate context. Fixed few bugs with namespaces
parent
a1ffc673
Changes
18
Show whitespace changes
Inline
Side-by-side
Showing
18 changed files
with
127 additions
and
53 deletions
+127
-53
app/contexts/project_update_context.rb
app/contexts/project_update_context.rb
+21
-0
app/controllers/admin/projects_controller.rb
app/controllers/admin/projects_controller.rb
+2
-6
app/controllers/application_controller.rb
app/controllers/application_controller.rb
+10
-3
app/controllers/dashboard_controller.rb
app/controllers/dashboard_controller.rb
+1
-1
app/controllers/groups_controller.rb
app/controllers/groups_controller.rb
+6
-3
app/controllers/project_resource_controller.rb
app/controllers/project_resource_controller.rb
+0
-2
app/controllers/projects_controller.rb
app/controllers/projects_controller.rb
+2
-12
app/models/ability.rb
app/models/ability.rb
+50
-14
app/models/group.rb
app/models/group.rb
+3
-1
app/models/namespace.rb
app/models/namespace.rb
+7
-5
app/models/project.rb
app/models/project.rb
+1
-1
app/models/user.rb
app/models/user.rb
+7
-0
app/views/admin/projects/_form.html.haml
app/views/admin/projects/_form.html.haml
+1
-1
app/views/errors/access_denied.html.haml
app/views/errors/access_denied.html.haml
+1
-1
app/views/groups/show.html.haml
app/views/groups/show.html.haml
+1
-1
db/fixtures/development/010_groups.rb
db/fixtures/development/010_groups.rb
+11
-0
spec/models/group_spec.rb
spec/models/group_spec.rb
+1
-1
spec/models/namespace_spec.rb
spec/models/namespace_spec.rb
+2
-1
No files found.
app/contexts/project_update_context.rb
0 → 100644
View file @
eb1004f7
class
ProjectUpdateContext
<
BaseContext
def
execute
(
role
=
:default
)
namespace_id
=
params
[
:project
].
delete
(
:namespace_id
)
if
namespace_id
.
present?
if
namespace_id
==
Namespace
.
global_id
if
project
.
namespace
.
present?
# Transfer to global namespace from anyone
project
.
transfer
(
nil
)
end
elsif
namespace_id
.
to_i
!=
project
.
namespace_id
# Transfer to someone namespace
namespace
=
Namespace
.
find
(
namespace_id
)
project
.
transfer
(
namespace
)
end
end
project
.
update_attributes
(
params
[
:project
],
as:
role
)
end
end
app/controllers/admin/projects_controller.rb
View file @
eb1004f7
...
@@ -24,13 +24,9 @@ class Admin::ProjectsController < AdminController
...
@@ -24,13 +24,9 @@ class Admin::ProjectsController < AdminController
end
end
def
update
def
update
owner_id
=
params
[
:project
].
delete
(
:owner_id
)
status
=
ProjectUpdateContext
.
new
(
project
,
current_user
,
params
).
execute
(
:admin
)
if
owner_id
if
status
@project
.
owner
=
User
.
find
(
owner_id
)
end
if
@project
.
update_attributes
(
params
[
:project
],
as: :admin
)
redirect_to
[
:admin
,
@project
],
notice:
'Project was successfully updated.'
redirect_to
[
:admin
,
@project
],
notice:
'Project was successfully updated.'
else
else
render
action:
"edit"
render
action:
"edit"
...
...
app/controllers/application_controller.rb
View file @
eb1004f7
...
@@ -2,6 +2,7 @@ class ApplicationController < ActionController::Base
...
@@ -2,6 +2,7 @@ class ApplicationController < ActionController::Base
before_filter
:authenticate_user!
before_filter
:authenticate_user!
before_filter
:reject_blocked!
before_filter
:reject_blocked!
before_filter
:set_current_user_for_observers
before_filter
:set_current_user_for_observers
before_filter
:add_abilities
before_filter
:dev_tools
if
Rails
.
env
==
'development'
before_filter
:dev_tools
if
Rails
.
env
==
'development'
protect_from_forgery
protect_from_forgery
...
@@ -65,11 +66,17 @@ class ApplicationController < ActionController::Base
...
@@ -65,11 +66,17 @@ class ApplicationController < ActionController::Base
def
project
def
project
id
=
params
[
:project_id
]
||
params
[
:id
]
id
=
params
[
:project_id
]
||
params
[
:id
]
@project
||=
current_user
.
projects
.
find_with_namespace
(
id
)
@project
=
Project
.
find_with_namespace
(
id
)
@project
||
render_404
if
@project
and
can?
(
current_user
,
:read_project
,
@project
)
@project
else
@project
=
nil
render_404
end
end
end
def
add_
project_
abilities
def
add_abilities
abilities
<<
Ability
abilities
<<
Ability
end
end
...
...
app/controllers/dashboard_controller.rb
View file @
eb1004f7
...
@@ -5,7 +5,7 @@ class DashboardController < ApplicationController
...
@@ -5,7 +5,7 @@ class DashboardController < ApplicationController
before_filter
:event_filter
,
only: :index
before_filter
:event_filter
,
only: :index
def
index
def
index
@groups
=
Group
.
where
(
id:
current_user
.
projects
.
pluck
(
:namespace_id
))
@groups
=
current_user
.
accessed_groups
@projects
=
@projects
.
page
(
params
[
:page
]).
per
(
30
)
@projects
=
@projects
.
page
(
params
[
:page
]).
per
(
30
)
@events
=
Event
.
in_projects
(
current_user
.
project_ids
)
@events
=
Event
.
in_projects
(
current_user
.
project_ids
)
@events
=
@event_filter
.
apply_filter
(
@events
)
@events
=
@event_filter
.
apply_filter
(
@events
)
...
...
app/controllers/groups_controller.rb
View file @
eb1004f7
...
@@ -4,7 +4,6 @@ class GroupsController < ApplicationController
...
@@ -4,7 +4,6 @@ class GroupsController < ApplicationController
before_filter
:group
before_filter
:group
before_filter
:projects
before_filter
:projects
before_filter
:add_project_abilities
def
show
def
show
@events
=
Event
.
in_projects
(
project_ids
).
limit
(
20
).
offset
(
params
[
:offset
]
||
0
)
@events
=
Event
.
in_projects
(
project_ids
).
limit
(
20
).
offset
(
params
[
:offset
]
||
0
)
...
@@ -45,7 +44,7 @@ class GroupsController < ApplicationController
...
@@ -45,7 +44,7 @@ class GroupsController < ApplicationController
end
end
def
people
def
people
@users
=
group
.
users
.
all
@users
=
group
.
users
end
end
protected
protected
...
@@ -55,7 +54,11 @@ class GroupsController < ApplicationController
...
@@ -55,7 +54,11 @@ class GroupsController < ApplicationController
end
end
def
projects
def
projects
@projects
||=
current_user
.
projects_sorted_by_activity
.
where
(
namespace_id:
@group
.
id
)
@projects
||=
if
can?
(
current_user
,
:manage_group
,
@group
)
@group
.
projects
.
all
else
current_user
.
projects_sorted_by_activity
.
where
(
namespace_id:
@group
.
id
)
end
end
end
def
project_ids
def
project_ids
...
...
app/controllers/project_resource_controller.rb
View file @
eb1004f7
class
ProjectResourceController
<
ApplicationController
class
ProjectResourceController
<
ApplicationController
before_filter
:project
before_filter
:project
# Authorize
before_filter
:add_project_abilities
end
end
app/controllers/projects_controller.rb
View file @
eb1004f7
...
@@ -34,20 +34,10 @@ class ProjectsController < ProjectResourceController
...
@@ -34,20 +34,10 @@ class ProjectsController < ProjectResourceController
end
end
def
update
def
update
if
params
[
:project
].
has_key?
(
:namespace_id
)
status
=
ProjectUpdateContext
.
new
(
project
,
current_user
,
params
).
execute
namespace_id
=
params
[
:project
].
delete
(
:namespace_id
)
if
namespace_id
==
Namespace
.
global_id
and
project
.
namespace
.
present?
# Transfer to global namespace from anyone
project
.
transfer
(
nil
)
elsif
namespace_id
.
present?
and
namespace_id
.
to_i
!=
project
.
namespace_id
# Transfer to someone namespace
namespace
=
Namespace
.
find
(
namespace_id
)
project
.
transfer
(
namespace
)
end
end
respond_to
do
|
format
|
respond_to
do
|
format
|
if
project
.
update_attributes
(
params
[
:project
])
if
status
flash
[
:notice
]
=
'Project was successfully updated.'
flash
[
:notice
]
=
'Project was successfully updated.'
format
.
html
{
redirect_to
edit_project_path
(
project
),
notice:
'Project was successfully updated.'
}
format
.
html
{
redirect_to
edit_project_path
(
project
),
notice:
'Project was successfully updated.'
}
format
.
js
format
.
js
...
...
app/models/ability.rb
View file @
eb1004f7
...
@@ -15,7 +15,37 @@ class Ability
...
@@ -15,7 +15,37 @@ class Ability
def
project_abilities
(
user
,
project
)
def
project_abilities
(
user
,
project
)
rules
=
[]
rules
=
[]
rules
<<
[
# Rules based on role in project
if
project
.
master_access_for?
(
user
)
# TODO: replace with master rules.
# Only allow project administration for owners
rules
<<
project_admin_rules
elsif
project
.
dev_access_for?
(
user
)
rules
<<
project_dev_rules
elsif
project
.
report_access_for?
(
user
)
rules
<<
project_report_rules
elsif
project
.
guest_access_for?
(
user
)
rules
<<
project_guest_rules
end
# If user own project namespace (Ex. group owner or account owner)
if
project
.
namespace
&&
project
.
namespace
.
owner
==
user
rules
<<
project_admin_rules
end
# If user was set as direct project owner
if
project
.
owner
==
user
rules
<<
project_admin_rules
end
rules
.
flatten
end
def
project_guest_rules
[
:read_project
,
:read_project
,
:read_wiki
,
:read_wiki
,
:read_issue
,
:read_issue
,
...
@@ -27,28 +57,30 @@ class Ability
...
@@ -27,28 +57,30 @@ class Ability
:write_project
,
:write_project
,
:write_issue
,
:write_issue
,
:write_note
:write_note
]
if
project
.
guest_access_for?
(
user
)
]
end
rules
<<
[
def
project_report_rules
project_guest_rules
+
[
:download_code
,
:download_code
,
:write_merge_request
,
:write_merge_request
,
:write_snippet
:write_snippet
]
if
project
.
report_access_for?
(
user
)
]
end
rules
<<
[
def
project_dev_rules
project_report_rules
+
[
:write_wiki
,
:write_wiki
,
:push_code
:push_code
]
if
project
.
dev_access_for?
(
user
)
]
end
rules
<<
[
:push_code_to_protected_branches
]
if
project
.
master_access_for?
(
user
)
rules
<<
[
def
project_master_rules
project_dev_rules
+
[
:push_code_to_protected_branches
,
:modify_issue
,
:modify_issue
,
:modify_snippet
,
:modify_snippet
,
:modify_merge_request
,
:modify_merge_request
,
:admin_project
,
:admin_issue
,
:admin_issue
,
:admin_milestone
,
:admin_milestone
,
:admin_snippet
,
:admin_snippet
,
...
@@ -57,9 +89,13 @@ class Ability
...
@@ -57,9 +89,13 @@ class Ability
:admin_note
,
:admin_note
,
:accept_mr
,
:accept_mr
,
:admin_wiki
:admin_wiki
]
if
project
.
master_access_for?
(
user
)
||
project
.
owner
==
user
]
end
rules
.
flatten
def
project_admin_rules
project_master_rules
+
[
:admin_project
]
end
end
def
group_abilities
user
,
group
def
group_abilities
user
,
group
...
...
app/models/group.rb
View file @
eb1004f7
...
@@ -13,7 +13,9 @@
...
@@ -13,7 +13,9 @@
class
Group
<
Namespace
class
Group
<
Namespace
def
users
def
users
User
.
joins
(
:users_projects
).
where
(
users_projects:
{
project_id:
project_ids
}).
uniq
users
=
User
.
joins
(
:users_projects
).
where
(
users_projects:
{
project_id:
project_ids
})
users
=
users
<<
owner
users
.
uniq
end
end
def
human_name
def
human_name
...
...
app/models/namespace.rb
View file @
eb1004f7
...
@@ -53,6 +53,7 @@ class Namespace < ActiveRecord::Base
...
@@ -53,6 +53,7 @@ class Namespace < ActiveRecord::Base
end
end
def
move_dir
def
move_dir
if
path_changed?
old_path
=
File
.
join
(
Gitlab
.
config
.
git_base_path
,
path_was
)
old_path
=
File
.
join
(
Gitlab
.
config
.
git_base_path
,
path_was
)
new_path
=
File
.
join
(
Gitlab
.
config
.
git_base_path
,
path
)
new_path
=
File
.
join
(
Gitlab
.
config
.
git_base_path
,
path
)
if
File
.
exists?
(
new_path
)
if
File
.
exists?
(
new_path
)
...
@@ -60,6 +61,7 @@ class Namespace < ActiveRecord::Base
...
@@ -60,6 +61,7 @@ class Namespace < ActiveRecord::Base
end
end
system
(
"mv
#{
old_path
}
#{
new_path
}
"
)
system
(
"mv
#{
old_path
}
#{
new_path
}
"
)
end
end
end
def
rm_dir
def
rm_dir
dir_path
=
File
.
join
(
Gitlab
.
config
.
git_base_path
,
path
)
dir_path
=
File
.
join
(
Gitlab
.
config
.
git_base_path
,
path
)
...
...
app/models/project.rb
View file @
eb1004f7
...
@@ -29,7 +29,7 @@ class Project < ActiveRecord::Base
...
@@ -29,7 +29,7 @@ class Project < ActiveRecord::Base
attr_accessible
:name
,
:path
,
:description
,
:default_branch
,
:issues_enabled
,
attr_accessible
:name
,
:path
,
:description
,
:default_branch
,
:issues_enabled
,
:wall_enabled
,
:merge_requests_enabled
,
:wiki_enabled
,
as:
[
:default
,
:admin
]
:wall_enabled
,
:merge_requests_enabled
,
:wiki_enabled
,
as:
[
:default
,
:admin
]
attr_accessible
:namespace_id
,
as: :admin
attr_accessible
:namespace_id
,
:owner_id
,
as: :admin
attr_accessor
:error_code
attr_accessor
:error_code
...
...
app/models/user.rb
View file @
eb1004f7
...
@@ -123,4 +123,11 @@ class User < ActiveRecord::Base
...
@@ -123,4 +123,11 @@ class User < ActiveRecord::Base
self
.
password
=
self
.
password_confirmation
=
Devise
.
friendly_token
.
first
(
8
)
self
.
password
=
self
.
password_confirmation
=
Devise
.
friendly_token
.
first
(
8
)
end
end
end
end
def
accessed_groups
@accessed_groups
||=
begin
groups
=
Group
.
where
(
id:
self
.
projects
.
pluck
(
:namespace_id
)).
all
groups
+
self
.
groups
end
end
end
end
app/views/admin/projects/_form.html.haml
View file @
eb1004f7
...
@@ -22,7 +22,7 @@
...
@@ -22,7 +22,7 @@
-
unless
project
.
new_record?
-
unless
project
.
new_record?
.clearfix
.clearfix
=
f
.
label
:namespace_id
=
f
.
label
:namespace_id
.input
=
f
.
select
:namespace_id
,
namespaces_options
,
{},
{
class:
'chosen'
}
.input
=
f
.
select
:namespace_id
,
namespaces_options
(
@project
.
namespace_id
)
,
{},
{
class:
'chosen'
}
.clearfix
.clearfix
=
f
.
label
:owner_id
=
f
.
label
:owner_id
...
...
app/views/errors/access_denied.html.haml
View file @
eb1004f7
%h1
403
%h1
.http_status_code
403
%h3
.page_title
Access Denied
%h3
.page_title
Access Denied
%hr
%hr
%p
You are not allowed to access this page.
%p
You are not allowed to access this page.
...
...
app/views/groups/show.html.haml
View file @
eb1004f7
...
@@ -10,7 +10,7 @@
...
@@ -10,7 +10,7 @@
-
if
@events
.
any?
-
if
@events
.
any?
.content_list
=
render
@events
.content_list
=
render
@events
-
else
-
else
%
h4
.nothing_here_message
Projects activity will be displayed here
%
p
.nothing_here_message
Projects activity will be displayed here
.loading.hide
.loading.hide
.side
.side
=
render
"projects"
,
projects:
@projects
=
render
"projects"
,
projects:
@projects
...
...
db/fixtures/development/010_groups.rb
0 → 100644
View file @
eb1004f7
Group
.
seed
(
:id
,
[
{
id:
100
,
name:
"Gitlab"
,
path:
'gitlab'
,
owner_id:
1
},
{
id:
101
,
name:
"Rails"
,
path:
'rails'
,
owner_id:
1
},
{
id:
102
,
name:
"KDE"
,
path:
'kde'
,
owner_id:
1
}
])
Project
.
seed
(
:id
,
[
{
id:
10
,
name:
"kdebase"
,
path:
"kdebase"
,
owner_id:
1
,
namespace_id:
102
},
{
id:
11
,
name:
"kdelibs"
,
path:
"kdelibs"
,
owner_id:
1
,
namespace_id:
102
},
{
id:
12
,
name:
"amarok"
,
path:
"amarok"
,
owner_id:
1
,
namespace_id:
102
}
])
spec/models/group_spec.rb
View file @
eb1004f7
...
@@ -24,7 +24,7 @@ describe Group do
...
@@ -24,7 +24,7 @@ describe Group do
it
{
should
validate_presence_of
:owner
}
it
{
should
validate_presence_of
:owner
}
describe
:users
do
describe
:users
do
it
{
group
.
users
.
should
==
[]
}
it
{
group
.
users
.
should
==
[
group
.
owner
]
}
end
end
describe
:human_name
do
describe
:human_name
do
...
...
spec/models/namespace_spec.rb
View file @
eb1004f7
...
@@ -55,9 +55,10 @@ describe Namespace do
...
@@ -55,9 +55,10 @@ describe Namespace do
describe
:move_dir
do
describe
:move_dir
do
before
do
before
do
@namespace
=
create
:namespace
@namespace
=
create
:namespace
@namespace
.
stub
(
path_changed?:
true
)
end
end
it
"should raise error when
called directly
"
do
it
"should raise error when
dirtory exists
"
do
expect
{
@namespace
.
move_dir
}.
to
raise_error
(
"Already exists"
)
expect
{
@namespace
.
move_dir
}.
to
raise_error
(
"Already exists"
)
end
end
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment