boards_controller.rb 662 Bytes
Newer Older
1
class Projects::BoardsController < Projects::ApplicationController
2 3
  before_action :authorize_read_board!, only: [:show]

4
  def show
5
    board = Boards::CreateService.new(project, current_user).execute
6

7 8
    respond_to do |format|
      format.html
9
      format.json { render json: board.lists.as_json(only: [:id, :list_type, :position], methods: [:title], include: { label: { only: [:id, :title, :color] } }) }
10 11
    end
  end
12 13 14 15 16 17 18 19 20 21 22

  private

  def authorize_read_board!
    unless can?(current_user, :read_board, project)
      respond_to do |format|
        format.html { return access_denied! }
        format.json { return render_403 }
      end
    end
  end
23
end