Commit 53b97bc9 authored by Douglas Barbosa Alexandre's avatar Douglas Barbosa Alexandre

Merge branch '198439-allow-fe-to-create-design-todos' into 'master'

Allow front end to create Todos for Designs

See merge request gitlab-org/gitlab!39920
parents 542dcec4 e1e0f1cf
...@@ -15,6 +15,9 @@ class Projects::TodosController < Projects::ApplicationController ...@@ -15,6 +15,9 @@ class Projects::TodosController < Projects::ApplicationController
IssuesFinder.new(current_user, project_id: @project.id).find(params[:issuable_id]) IssuesFinder.new(current_user, project_id: @project.id).find(params[:issuable_id])
when "merge_request" when "merge_request"
MergeRequestsFinder.new(current_user, project_id: @project.id).find(params[:issuable_id]) MergeRequestsFinder.new(current_user, project_id: @project.id).find(params[:issuable_id])
when "design"
issue = IssuesFinder.new(current_user, project_id: @project.id).find(params[:issue_id])
DesignManagement::DesignsFinder.new(issue, current_user).find(params[:issuable_id])
end end
end end
end end
......
...@@ -30,7 +30,7 @@ module FinderMethods ...@@ -30,7 +30,7 @@ module FinderMethods
def if_authorized(result) def if_authorized(result)
# Return the result if the finder does not perform authorization checks. # Return the result if the finder does not perform authorization checks.
# this is currently the case in the `MilestoneFinder` # this is currently the case in the `MilestoneFinder`
return result unless respond_to?(:current_user) return result unless respond_to?(:current_user, true)
if can_read_object?(result) if can_read_object?(result)
result result
...@@ -44,9 +44,14 @@ module FinderMethods ...@@ -44,9 +44,14 @@ module FinderMethods
# for Todos # for Todos
return true unless DeclarativePolicy.has_policy?(object) return true unless DeclarativePolicy.has_policy?(object)
model_name = object&.model_name || model.model_name Ability.allowed?(current_user, :"read_#{to_ability_name(object)}", object)
end
def to_ability_name(object)
return object.to_ability_name if object.respond_to?(:to_ability_name)
Ability.allowed?(current_user, :"read_#{model_name.singular}", object) # Not all objects define `#to_ability_name`, so attempt to derive it:
object.model_name.singular
end end
# This fetches the model from the `ActiveRecord::Relation` but does not # This fetches the model from the `ActiveRecord::Relation` but does not
......
...@@ -3,6 +3,7 @@ ...@@ -3,6 +3,7 @@
module DesignManagement module DesignManagement
class DesignsFinder class DesignsFinder
include Gitlab::Allowable include Gitlab::Allowable
include FinderMethods
# Params: # Params:
# ids: integer[] # ids: integer[]
......
...@@ -3,13 +3,14 @@ ...@@ -3,13 +3,14 @@
require('spec_helper') require('spec_helper')
RSpec.describe Projects::TodosController do RSpec.describe Projects::TodosController do
let(:user) { create(:user) } let_it_be(:user) { create(:user) }
let(:project) { create(:project) } let_it_be(:project) { create(:project) }
let(:issue) { create(:issue, project: project) } let(:issue) { create(:issue, project: project) }
let(:merge_request) { create(:merge_request, source_project: project) } let(:merge_request) { create(:merge_request, source_project: project) }
let(:design) { create(:design, project: project, issue: issue) }
let(:parent) { project } let(:parent) { project }
shared_examples 'project todos actions' do shared_examples 'issuable todo actions' do
it_behaves_like 'todos actions' it_behaves_like 'todos actions'
context 'when not authorized for resource' do context 'when not authorized for resource' do
...@@ -40,7 +41,7 @@ RSpec.describe Projects::TodosController do ...@@ -40,7 +41,7 @@ RSpec.describe Projects::TodosController do
format: 'html' format: 'html'
end end
it_behaves_like 'project todos actions' it_behaves_like 'issuable todo actions'
end end
end end
...@@ -57,7 +58,31 @@ RSpec.describe Projects::TodosController do ...@@ -57,7 +58,31 @@ RSpec.describe Projects::TodosController do
format: 'html' format: 'html'
end end
it_behaves_like 'project todos actions' it_behaves_like 'issuable todo actions'
end
end
context 'Designs' do
include DesignManagementTestHelpers
before do
enable_design_management
end
describe 'POST create' do
def post_create
post :create,
params: {
namespace_id: project.namespace,
project_id: project,
issue_id: issue.id,
issuable_id: design.id,
issuable_type: 'design'
},
format: 'html'
end
it_behaves_like 'todos actions'
end end
end end
end end
...@@ -7,8 +7,6 @@ RSpec.describe FinderMethods do ...@@ -7,8 +7,6 @@ RSpec.describe FinderMethods do
Class.new do Class.new do
include FinderMethods include FinderMethods
attr_reader :current_user
def initialize(user) def initialize(user)
@current_user = user @current_user = user
end end
...@@ -16,6 +14,10 @@ RSpec.describe FinderMethods do ...@@ -16,6 +14,10 @@ RSpec.describe FinderMethods do
def execute def execute
Project.all.order(id: :desc) Project.all.order(id: :desc)
end end
private
attr_reader :current_user
end end
end end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment