Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
gitlab-ce
Commits
cd98ff17
Commit
cd98ff17
authored
Aug 15, 2016
by
Douglas Barbosa Alexandre
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Move action to render board lists to `Projects::Boards::ListsController`
parent
c3880d10
Changes
6
Hide whitespace changes
Inline
Side-by-side
Showing
6 changed files
with
68 additions
and
65 deletions
+68
-65
app/controllers/projects/boards/lists_controller.rb
app/controllers/projects/boards/lists_controller.rb
+10
-1
app/controllers/projects/boards_controller.rb
app/controllers/projects/boards_controller.rb
+4
-12
app/models/ability.rb
app/models/ability.rb
+2
-0
config/routes.rb
config/routes.rb
+1
-1
spec/controllers/projects/boards/lists_controller_spec.rb
spec/controllers/projects/boards/lists_controller_spec.rb
+40
-0
spec/controllers/projects/boards_controller_spec.rb
spec/controllers/projects/boards_controller_spec.rb
+11
-51
No files found.
app/controllers/projects/boards/lists_controller.rb
View file @
cd98ff17
module
Projects
module
Boards
class
ListsController
<
Boards
::
ApplicationController
before_action
:authorize_admin_list!
before_action
:authorize_admin_list!
,
only:
[
:create
,
:update
,
:destroy
,
:generate
]
before_action
:authorize_read_list!
,
only:
[
:index
]
def
index
render
json:
project
.
board
.
lists
.
as_json
(
only:
[
:id
,
:list_type
,
:position
],
methods:
[
:title
],
include:
{
label:
{
only:
[
:id
,
:title
,
:description
,
:color
,
:priority
]
}
})
end
def
create
list
=
::
Boards
::
Lists
::
CreateService
.
new
(
project
,
current_user
,
list_params
).
execute
...
...
@@ -49,6 +54,10 @@ module Projects
return
render_403
unless
can?
(
current_user
,
:admin_list
,
project
)
end
def
authorize_read_list!
return
render_403
unless
can?
(
current_user
,
:read_list
,
project
)
end
def
list_params
params
.
require
(
:list
).
permit
(
:label_id
)
end
...
...
app/controllers/projects/boards_controller.rb
View file @
cd98ff17
class
Projects::BoardsController
<
Projects
::
ApplicationController
respond_to
:html
before_action
:authorize_read_board!
,
only:
[
:show
]
def
show
board
=
Boards
::
CreateService
.
new
(
project
,
current_user
).
execute
respond_to
do
|
format
|
format
.
html
format
.
json
{
render
json:
board
.
lists
.
as_json
(
only:
[
:id
,
:list_type
,
:position
],
methods:
[
:title
],
include:
{
label:
{
only:
[
:id
,
:title
,
:description
,
:color
,
:priority
]
}
})
}
end
::
Boards
::
CreateService
.
new
(
project
,
current_user
).
execute
end
private
def
authorize_read_board!
unless
can?
(
current_user
,
:read_board
,
project
)
respond_to
do
|
format
|
format
.
html
{
return
access_denied!
}
format
.
json
{
return
render_403
}
end
end
return
access_denied!
unless
can?
(
current_user
,
:read_board
,
project
)
end
end
app/models/ability.rb
View file @
cd98ff17
...
...
@@ -91,6 +91,7 @@ class Ability
rules
=
[
:read_project
,
:read_board
,
:read_list
,
:read_wiki
,
:read_label
,
:read_milestone
,
...
...
@@ -230,6 +231,7 @@ class Ability
:read_wiki
,
:read_issue
,
:read_board
,
:read_list
,
:read_label
,
:read_milestone
,
:read_project_snippet
,
...
...
config/routes.rb
View file @
cd98ff17
...
...
@@ -860,7 +860,7 @@ Rails.application.routes.draw do
scope
module: :boards
do
resources
:issues
,
only:
[
:update
]
resources
:lists
,
only:
[
:create
,
:update
,
:destroy
]
do
resources
:lists
,
only:
[
:
index
,
:
create
,
:update
,
:destroy
]
do
collection
do
post
:generate
end
...
...
spec/controllers/projects/boards/lists_controller_spec.rb
View file @
cd98ff17
...
...
@@ -11,6 +11,46 @@ describe Projects::Boards::ListsController do
project
.
team
<<
[
guest
,
:guest
]
end
describe
'GET #index'
do
it
'returns a successful 200 response'
do
read_board_list
user:
user
expect
(
response
).
to
have_http_status
(
200
)
expect
(
response
.
content_type
).
to
eq
'application/json'
end
it
'returns a list of board lists'
do
board
=
project
.
create_board
create
(
:backlog_list
,
board:
board
)
create
(
:list
,
board:
board
)
create
(
:done_list
,
board:
board
)
read_board_list
user:
user
parsed_response
=
JSON
.
parse
(
response
.
body
)
expect
(
response
).
to
match_response_schema
(
'list'
,
array:
true
)
expect
(
parsed_response
.
length
).
to
eq
3
end
it
'returns a successful 403 response with unauthorized user'
do
allow
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
with
(
user
,
:read_project
,
project
).
and_return
(
true
)
allow
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
with
(
user
,
:read_list
,
project
).
and_return
(
false
)
read_board_list
user:
user
expect
(
response
).
to
have_http_status
(
403
)
end
def
read_board_list
(
user
:)
sign_in
(
user
)
get
:index
,
namespace_id:
project
.
namespace
.
to_param
,
project_id:
project
.
to_param
,
format: :json
end
end
describe
'POST #create'
do
let
(
:label
)
{
create
(
:label
,
project:
project
,
name:
'Development'
)
}
...
...
spec/controllers/projects/boards_controller_spec.rb
View file @
cd98ff17
...
...
@@ -10,64 +10,24 @@ describe Projects::BoardsController do
end
describe
'GET #show'
do
context
'when project does not have a board'
do
it
'creates a new board'
do
expect
{
read_board
}.
to
change
(
Board
,
:count
).
by
(
1
)
end
it
'creates a new board when project does not have one'
do
expect
{
read_board
}.
to
change
(
Board
,
:count
).
by
(
1
)
end
context
'when format is HTML'
do
it
'renders HTML template'
do
read_board
it
'renders HTML template'
do
read_board
expect
(
response
).
to
render_template
:show
expect
(
response
.
content_type
).
to
eq
'text/html'
end
context
'with unauthorized user'
do
it
'returns a successful 404 response'
do
allow
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
with
(
user
,
:read_project
,
project
).
and_return
(
true
)
allow
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
with
(
user
,
:read_board
,
project
).
and_return
(
false
)
read_board
expect
(
response
).
to
have_http_status
(
404
)
end
end
expect
(
response
).
to
render_template
:show
expect
(
response
.
content_type
).
to
eq
'text/html'
end
context
'when format is JSON'
do
it
'returns a successful 200 response'
do
read_board
format: :json
expect
(
response
).
to
have_http_status
(
200
)
expect
(
response
.
content_type
).
to
eq
'application/json'
end
it
'returns a list of board lists'
do
board
=
project
.
create_board
create
(
:backlog_list
,
board:
board
)
create
(
:list
,
board:
board
)
create
(
:done_list
,
board:
board
)
read_board
format: :json
parsed_response
=
JSON
.
parse
(
response
.
body
)
expect
(
response
).
to
match_response_schema
(
'list'
,
array:
true
)
expect
(
parsed_response
.
length
).
to
eq
3
end
context
'with unauthorized user'
do
it
'returns a successful 403 response'
do
allow
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
with
(
user
,
:read_project
,
project
).
and_return
(
true
)
allow
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
with
(
user
,
:read_board
,
project
).
and_return
(
false
)
it
'returns a successful 404 response with unauthorized user'
do
allow
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
with
(
user
,
:read_project
,
project
).
and_return
(
true
)
allow
(
Ability
.
abilities
).
to
receive
(
:allowed?
).
with
(
user
,
:read_board
,
project
).
and_return
(
false
)
read_board
format: :json
read_board
expect
(
response
).
to
have_http_status
(
403
)
end
end
expect
(
response
).
to
have_http_status
(
404
)
end
def
read_board
(
format: :html
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment