diff options
author | Vinnie Okada <vokada@mrvinn.com> | 2015-03-14 19:49:11 +0300 |
---|---|---|
committer | Vinnie Okada <vokada@mrvinn.com> | 2015-03-14 19:49:11 +0300 |
commit | ad0ca0499ac81c68e9e8011d2e194b16c759c1d6 (patch) | |
tree | b3a39a2ef6cc4cfbdeab37fff87ed66dd4dcf9dc /app/controllers | |
parent | 13e9f4f33420bf0bae0b61b98dd3c2301d6f6223 (diff) | |
parent | 19e0dafbef47ca04f19d38b72b817beeb09e8510 (diff) |
Merge branch 'master' into fix-restricted-visibility
Conflicts:
db/schema.rb
Diffstat (limited to 'app/controllers')
33 files changed, 156 insertions, 127 deletions
diff --git a/app/controllers/admin/groups_controller.rb b/app/controllers/admin/groups_controller.rb index 65dc027c8eb..e338abeac4c 100644 --- a/app/controllers/admin/groups_controller.rb +++ b/app/controllers/admin/groups_controller.rb @@ -5,12 +5,12 @@ class Admin::GroupsController < Admin::ApplicationController @groups = Group.all @groups = @groups.sort(@sort = params[:sort]) @groups = @groups.search(params[:name]) if params[:name].present? - @groups = @groups.page(params[:page]).per(20) + @groups = @groups.page(params[:page]).per(PER_PAGE) end def show - @members = @group.members.order("access_level DESC").page(params[:members_page]).per(30) - @projects = @group.projects.page(params[:projects_page]).per(30) + @members = @group.members.order("access_level DESC").page(params[:members_page]).per(PER_PAGE) + @projects = @group.projects.page(params[:projects_page]).per(PER_PAGE) end def new diff --git a/app/controllers/admin/projects_controller.rb b/app/controllers/admin/projects_controller.rb index 2b1fc862b7f..5176a8399ae 100644 --- a/app/controllers/admin/projects_controller.rb +++ b/app/controllers/admin/projects_controller.rb @@ -11,15 +11,15 @@ class Admin::ProjectsController < Admin::ApplicationController @projects = @projects.abandoned if params[:abandoned].present? @projects = @projects.search(params[:name]) if params[:name].present? @projects = @projects.sort(@sort = params[:sort]) - @projects = @projects.includes(:namespace).order("namespaces.path, projects.name ASC").page(params[:page]).per(20) + @projects = @projects.includes(:namespace).order("namespaces.path, projects.name ASC").page(params[:page]).per(PER_PAGE) end def show if @group - @group_members = @group.members.order("access_level DESC").page(params[:group_members_page]).per(30) + @group_members = @group.members.order("access_level DESC").page(params[:group_members_page]).per(PER_PAGE) end - @project_members = @project.project_members.page(params[:project_members_page]).per(30) + @project_members = @project.project_members.page(params[:project_members_page]).per(PER_PAGE) end def transfer diff --git a/app/controllers/admin/services_controller.rb b/app/controllers/admin/services_controller.rb index e80cabd6e18..44a3f1379d8 100644 --- a/app/controllers/admin/services_controller.rb +++ b/app/controllers/admin/services_controller.rb @@ -45,7 +45,8 @@ class Admin::ServicesController < Admin::ApplicationController :room, :recipients, :project_url, :webhook, :user_key, :device, :priority, :sound, :bamboo_url, :username, :password, :build_key, :server, :teamcity_url, :build_type, - :description, :issues_url, :new_issue_url, :restrict_to_branch + :description, :issues_url, :new_issue_url, :restrict_to_branch, + :send_from_committer_email, :disable_diffs ]) end end diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb index ecedb31a7f8..693970e5349 100644 --- a/app/controllers/admin/users_controller.rb +++ b/app/controllers/admin/users_controller.rb @@ -24,7 +24,7 @@ class Admin::UsersController < Admin::ApplicationController def block if user.block - redirect_to :back, alert: "Successfully blocked" + redirect_to :back, notice: "Successfully blocked" else redirect_to :back, alert: "Error occurred. User was not blocked" end @@ -32,7 +32,7 @@ class Admin::UsersController < Admin::ApplicationController def unblock if user.activate - redirect_to :back, alert: "Successfully unblocked" + redirect_to :back, notice: "Successfully unblocked" else redirect_to :back, alert: "Error occurred. User was not unblocked" end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index df1a588313e..e284f31f7ee 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -4,6 +4,8 @@ class ApplicationController < ActionController::Base include Gitlab::CurrentSettings include GitlabRoutingHelper + PER_PAGE = 20 + before_filter :authenticate_user_from_token! before_filter :authenticate_user! before_filter :reject_blocked! diff --git a/app/controllers/profiles/groups_controller.rb b/app/controllers/dashboard/groups_controller.rb index ce9dd50df67..b827639978c 100644 --- a/app/controllers/profiles/groups_controller.rb +++ b/app/controllers/dashboard/groups_controller.rb @@ -1,15 +1,13 @@ -class Profiles::GroupsController < ApplicationController - layout "profile" - +class Dashboard::GroupsController < ApplicationController def index - @user_groups = current_user.group_members.page(params[:page]).per(20) + @user_groups = current_user.group_members.page(params[:page]).per(PER_PAGE) end def leave @users_group = group.group_members.where(user_id: current_user.id).first if can?(current_user, :destroy, @users_group) @users_group.destroy - redirect_to(profile_groups_path, info: "You left #{group.name} group.") + redirect_to(dashboard_groups_path, info: "You left #{group.name} group.") else return render_403 end diff --git a/app/controllers/dashboard/milestones_controller.rb b/app/controllers/dashboard/milestones_controller.rb index 386e283f3a0..cb51792df16 100644 --- a/app/controllers/dashboard/milestones_controller.rb +++ b/app/controllers/dashboard/milestones_controller.rb @@ -8,7 +8,7 @@ class Dashboard::MilestonesController < ApplicationController else state('active') end @dashboard_milestones = Milestones::GroupService.new(project_milestones).execute - @dashboard_milestones = Kaminari.paginate_array(@dashboard_milestones).page(params[:page]).per(30) + @dashboard_milestones = Kaminari.paginate_array(@dashboard_milestones).page(params[:page]).per(PER_PAGE) end def show diff --git a/app/controllers/dashboard/projects_controller.rb b/app/controllers/dashboard/projects_controller.rb new file mode 100644 index 00000000000..56e6fcc41ca --- /dev/null +++ b/app/controllers/dashboard/projects_controller.rb @@ -0,0 +1,27 @@ +class Dashboard::ProjectsController < ApplicationController + before_filter :event_filter + + def starred + @projects = current_user.starred_projects + @projects = @projects.includes(:namespace, :forked_from_project, :tags) + @projects = @projects.sort(@sort = params[:sort]) + @groups = [] + + respond_to do |format| + format.html + + format.json do + load_events + pager_json("events/_events", @events.count) + end + end + end + + private + + def load_events + @events = Event.in_projects(@projects.pluck(:id)) + @events = @event_filter.apply_filter(@events).with_associations + @events = @events.limit(20).offset(params[:offset] || 0) + end +end diff --git a/app/controllers/dashboard_controller.rb b/app/controllers/dashboard_controller.rb index 8f06a673584..9bd853ed5c7 100644 --- a/app/controllers/dashboard_controller.rb +++ b/app/controllers/dashboard_controller.rb @@ -5,15 +5,9 @@ class DashboardController < ApplicationController before_filter :event_filter, only: :show def show - @projects_limit = 20 - @groups = current_user.authorized_groups.order_name_asc - @has_authorized_projects = @projects.count > 0 - @projects_count = @projects.count @projects = @projects.includes(:namespace) @last_push = current_user.recent_push - @publicish_project_count = Project.publicish(current_user).count - respond_to do |format| format.html @@ -29,38 +23,15 @@ class DashboardController < ApplicationController end end - def projects - @projects = case params[:scope] - when 'personal' then - current_user.namespace.projects - when 'joined' then - current_user.authorized_projects.joined(current_user) - when 'owned' then - current_user.owned_projects - else - current_user.authorized_projects - end - - @projects = @projects.where(namespace_id: Group.find_by(name: params[:group])) if params[:group].present? - @projects = @projects.where(visibility_level: params[:visibility_level]) if params[:visibility_level].present? - @projects = @projects.includes(:namespace, :forked_from_project, :tags) - @projects = @projects.tagged_with(params[:tag]) if params[:tag].present? - @projects = @projects.sort(@sort = params[:sort]) - @projects = @projects.page(params[:page]).per(30) - - @tags = current_user.authorized_projects.tags_on(:tags) - @groups = current_user.authorized_groups - end - def merge_requests @merge_requests = get_merge_requests_collection - @merge_requests = @merge_requests.page(params[:page]).per(20) + @merge_requests = @merge_requests.page(params[:page]).per(PER_PAGE) @merge_requests = @merge_requests.preload(:author, :target_project) end def issues @issues = get_issues_collection - @issues = @issues.page(params[:page]).per(20) + @issues = @issues.page(params[:page]).per(PER_PAGE) @issues = @issues.preload(:author, :project) respond_to do |format| diff --git a/app/controllers/explore/groups_controller.rb b/app/controllers/explore/groups_controller.rb index ada7031fea4..c51a4a211a6 100644 --- a/app/controllers/explore/groups_controller.rb +++ b/app/controllers/explore/groups_controller.rb @@ -8,6 +8,6 @@ class Explore::GroupsController < ApplicationController @groups = GroupsFinder.new.execute(current_user) @groups = @groups.search(params[:search]) if params[:search].present? @groups = @groups.sort(@sort = params[:sort]) - @groups = @groups.page(params[:page]).per(20) + @groups = @groups.page(params[:page]).per(PER_PAGE) end end diff --git a/app/controllers/explore/projects_controller.rb b/app/controllers/explore/projects_controller.rb index 0e5891ae807..b295f295bb1 100644 --- a/app/controllers/explore/projects_controller.rb +++ b/app/controllers/explore/projects_controller.rb @@ -6,19 +6,22 @@ class Explore::ProjectsController < ApplicationController def index @projects = ProjectsFinder.new.execute(current_user) + @tags = @projects.tags_on(:tags) + @projects = @projects.tagged_with(params[:tag]) if params[:tag].present? + @projects = @projects.where(visibility_level: params[:visibility_level]) if params[:visibility_level].present? @projects = @projects.search(params[:search]) if params[:search].present? @projects = @projects.sort(@sort = params[:sort]) - @projects = @projects.includes(:namespace).page(params[:page]).per(20) + @projects = @projects.includes(:namespace).page(params[:page]).per(PER_PAGE) end def trending @trending_projects = TrendingProjectsFinder.new.execute(current_user) - @trending_projects = @trending_projects.page(params[:page]).per(10) + @trending_projects = @trending_projects.page(params[:page]).per(PER_PAGE) end def starred @starred_projects = ProjectsFinder.new.execute(current_user) @starred_projects = @starred_projects.reorder('star_count DESC') - @starred_projects = @starred_projects.page(params[:page]).per(10) + @starred_projects = @starred_projects.page(params[:page]).per(PER_PAGE) end end diff --git a/app/controllers/groups/application_controller.rb b/app/controllers/groups/application_controller.rb new file mode 100644 index 00000000000..7f27f2bb734 --- /dev/null +++ b/app/controllers/groups/application_controller.rb @@ -0,0 +1,10 @@ +class Groups::ApplicationController < ApplicationController + + private + + def authorize_admin_group! + unless can?(current_user, :manage_group, group) + return render_404 + end + end +end diff --git a/app/controllers/groups/group_members_controller.rb b/app/controllers/groups/group_members_controller.rb index ca88d033878..b083cf5d8c5 100644 --- a/app/controllers/groups/group_members_controller.rb +++ b/app/controllers/groups/group_members_controller.rb @@ -1,4 +1,4 @@ -class Groups::GroupMembersController < ApplicationController +class Groups::GroupMembersController < Groups::ApplicationController before_filter :group # Authorize @@ -37,12 +37,6 @@ class Groups::GroupMembersController < ApplicationController @group ||= Group.find_by(path: params[:group_id]) end - def authorize_admin_group! - unless can?(current_user, :manage_group, group) - return render_404 - end - end - def member_params params.require(:group_member).permit(:access_level, :user_id) end diff --git a/app/controllers/groups/milestones_controller.rb b/app/controllers/groups/milestones_controller.rb index 6802e529b54..c46b8fff88f 100644 --- a/app/controllers/groups/milestones_controller.rb +++ b/app/controllers/groups/milestones_controller.rb @@ -10,7 +10,7 @@ class Groups::MilestonesController < ApplicationController else state('active') end @group_milestones = Milestones::GroupService.new(project_milestones).execute - @group_milestones = Kaminari.paginate_array(@group_milestones).page(params[:page]).per(30) + @group_milestones = Kaminari.paginate_array(@group_milestones).page(params[:page]).per(PER_PAGE) end def show diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb index d011523c94f..7e336803fbb 100644 --- a/app/controllers/groups_controller.rb +++ b/app/controllers/groups_controller.rb @@ -1,4 +1,4 @@ -class GroupsController < ApplicationController +class GroupsController < Groups::ApplicationController skip_before_filter :authenticate_user!, only: [:show, :issues, :members, :merge_requests] respond_to :html before_filter :group, except: [:new, :create] @@ -52,13 +52,13 @@ class GroupsController < ApplicationController def merge_requests @merge_requests = get_merge_requests_collection - @merge_requests = @merge_requests.page(params[:page]).per(20) + @merge_requests = @merge_requests.page(params[:page]).per(PER_PAGE) @merge_requests = @merge_requests.preload(:author, :target_project) end def issues @issues = get_issues_collection - @issues = @issues.page(params[:page]).per(20) + @issues = @issues.page(params[:page]).per(PER_PAGE) @issues = @issues.preload(:author, :project) respond_to do |format| @@ -132,12 +132,6 @@ class GroupsController < ApplicationController end end - def authorize_admin_group! - unless can?(current_user, :manage_group, group) - return render_404 - end - end - def set_title @title = 'New Group' end diff --git a/app/controllers/help_controller.rb b/app/controllers/help_controller.rb index fc498559d6b..c4d620d87b1 100644 --- a/app/controllers/help_controller.rb +++ b/app/controllers/help_controller.rb @@ -15,4 +15,7 @@ class HelpController < ApplicationController def shortcuts end + + def ui + end end diff --git a/app/controllers/import/base_controller.rb b/app/controllers/import/base_controller.rb index 7dc0cac8d4c..edb8bd4160b 100644 --- a/app/controllers/import/base_controller.rb +++ b/app/controllers/import/base_controller.rb @@ -3,19 +3,17 @@ class Import::BaseController < ApplicationController private def get_or_create_namespace - existing_namespace = Namespace.find_by_path_or_name(@target_namespace) - - if existing_namespace - if existing_namespace.owner == current_user - namespace = existing_namespace - else + begin + namespace = Group.create!(name: @target_namespace, path: @target_namespace, owner: current_user) + namespace.add_owner(current_user) + rescue ActiveRecord::RecordNotUnique, ActiveRecord::RecordInvalid + namespace = Namespace.find_by_path_or_name(@target_namespace) + unless namespace.owner == current_user @already_been_taken = true return false end - else - namespace = Group.create(name: @target_namespace, path: @target_namespace, owner: current_user) - namespace.add_owner(current_user) - namespace end + + namespace end end diff --git a/app/controllers/import/github_controller.rb b/app/controllers/import/github_controller.rb index dc7668ee6fd..8650b6464dc 100644 --- a/app/controllers/import/github_controller.rb +++ b/app/controllers/import/github_controller.rb @@ -14,7 +14,7 @@ class Import::GithubController < Import::BaseController def status @repos = client.repos client.orgs.each do |org| - @repos += client.repos(org.login) + @repos += client.org_repos(org.login) end @already_added_projects = current_user.created_projects.where(import_type: "github") diff --git a/app/controllers/profiles_controller.rb b/app/controllers/profiles_controller.rb index a7863aba756..1b9a86ee42c 100644 --- a/app/controllers/profiles_controller.rb +++ b/app/controllers/profiles_controller.rb @@ -43,7 +43,7 @@ class ProfilesController < ApplicationController end def history - @events = current_user.recent_events.page(params[:page]).per(20) + @events = current_user.recent_events.page(params[:page]).per(PER_PAGE) end def update_username diff --git a/app/controllers/projects/blame_controller.rb b/app/controllers/projects/blame_controller.rb index 489a6ae5666..a87b8270a22 100644 --- a/app/controllers/projects/blame_controller.rb +++ b/app/controllers/projects/blame_controller.rb @@ -7,7 +7,7 @@ class Projects::BlameController < Projects::ApplicationController before_filter :authorize_download_code! def show - @blob = @repository.blob_at(@commit.id, @path) - @blame = Gitlab::Git::Blame.new(project.repository, @commit.id, @path) + @blame = Gitlab::Git::Blame.new(@repository, @commit.id, @path) + @blob = @blame.blob end end diff --git a/app/controllers/projects/branches_controller.rb b/app/controllers/projects/branches_controller.rb index 690501f3060..f049e96e61d 100644 --- a/app/controllers/projects/branches_controller.rb +++ b/app/controllers/projects/branches_controller.rb @@ -8,7 +8,7 @@ class Projects::BranchesController < Projects::ApplicationController def index @sort = params[:sort] || 'name' @branches = @repository.branches_sorted_by(@sort) - @branches = Kaminari.paginate_array(@branches).page(params[:page]).per(30) + @branches = Kaminari.paginate_array(@branches).page(params[:page]).per(PER_PAGE) end def recent diff --git a/app/controllers/projects/graphs_controller.rb b/app/controllers/projects/graphs_controller.rb index 752474b4a4c..6e54af356e0 100644 --- a/app/controllers/projects/graphs_controller.rb +++ b/app/controllers/projects/graphs_controller.rb @@ -28,8 +28,8 @@ class Projects::GraphsController < Projects::ApplicationController @commits.each do |commit| @log << { - author_name: commit.author_name.force_encoding('UTF-8'), - author_email: commit.author_email.force_encoding('UTF-8'), + author_name: commit.author_name, + author_email: commit.author_email, date: commit.committed_date.strftime("%Y-%m-%d") } end diff --git a/app/controllers/projects/imports_controller.rb b/app/controllers/projects/imports_controller.rb index 79d9910ce87..b64491b4666 100644 --- a/app/controllers/projects/imports_controller.rb +++ b/app/controllers/projects/imports_controller.rb @@ -37,7 +37,7 @@ class Projects::ImportsController < Projects::ApplicationController private def require_no_repo - if @project.repository_exists? + if @project.repository_exists? && !@project.import_in_progress? redirect_to(namespace_project_path(@project.namespace, @project)) and return end end diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb index 1f1a9b4d43a..4266bcaef16 100644 --- a/app/controllers/projects/issues_controller.rb +++ b/app/controllers/projects/issues_controller.rb @@ -20,7 +20,7 @@ class Projects::IssuesController < Projects::ApplicationController terms = params['issue_search'] @issues = get_issues_collection @issues = @issues.full_search(terms) if terms.present? - @issues = @issues.page(params[:page]).per(20) + @issues = @issues.page(params[:page]).per(PER_PAGE) respond_to do |format| format.html diff --git a/app/controllers/projects/labels_controller.rb b/app/controllers/projects/labels_controller.rb index 5e31fce4b0e..207a01ed3b0 100644 --- a/app/controllers/projects/labels_controller.rb +++ b/app/controllers/projects/labels_controller.rb @@ -7,7 +7,7 @@ class Projects::LabelsController < Projects::ApplicationController respond_to :js, :html def index - @labels = @project.labels.page(params[:page]).per(20) + @labels = @project.labels.page(params[:page]).per(PER_PAGE) end def new diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb index 26d4c51773f..93d79d81661 100644 --- a/app/controllers/projects/merge_requests_controller.rb +++ b/app/controllers/projects/merge_requests_controller.rb @@ -17,8 +17,19 @@ class Projects::MergeRequestsController < Projects::ApplicationController before_filter :authorize_modify_merge_request!, only: [:close, :edit, :update, :sort] def index + terms = params['issue_search'] @merge_requests = get_merge_requests_collection - @merge_requests = @merge_requests.page(params[:page]).per(20) + @merge_requests = @merge_requests.full_search(terms) if terms.present? + @merge_requests = @merge_requests.page(params[:page]).per(PER_PAGE) + + respond_to do |format| + format.html + format.json do + render json: { + html: view_to_html_string("projects/merge_requests/_merge_requests") + } + end + end end def show @@ -78,10 +89,7 @@ class Projects::MergeRequestsController < Projects::ApplicationController @merge_request = MergeRequests::CreateService.new(project, current_user, merge_request_params).execute if @merge_request.valid? - redirect_to( - merge_request_path(@merge_request), - notice: 'Merge request was successfully created.' - ) + redirect_to(merge_request_path(@merge_request)) else @source_project = @merge_request.source_project @target_project = @merge_request.target_project @@ -97,8 +105,13 @@ class Projects::MergeRequestsController < Projects::ApplicationController format.js format.html do redirect_to([@merge_request.target_project.namespace.becomes(Namespace), - @merge_request.target_project, @merge_request], - notice: 'Merge request was successfully updated.') + @merge_request.target_project, @merge_request]) + end + format.json do + render json: { + saved: @merge_request.valid?, + assignee_avatar_url: @merge_request.assignee.try(:avatar_url) + } end end else diff --git a/app/controllers/projects/milestones_controller.rb b/app/controllers/projects/milestones_controller.rb index afdb560e73c..b49b549547a 100644 --- a/app/controllers/projects/milestones_controller.rb +++ b/app/controllers/projects/milestones_controller.rb @@ -18,7 +18,7 @@ class Projects::MilestonesController < Projects::ApplicationController end @milestones = @milestones.includes(:project) - @milestones = @milestones.page(params[:page]).per(20) + @milestones = @milestones.page(params[:page]).per(PER_PAGE) end def new diff --git a/app/controllers/projects/services_controller.rb b/app/controllers/projects/services_controller.rb index 382d63d053b..570447c746c 100644 --- a/app/controllers/projects/services_controller.rb +++ b/app/controllers/projects/services_controller.rb @@ -53,7 +53,7 @@ class Projects::ServicesController < Projects::ApplicationController :description, :issues_url, :new_issue_url, :restrict_to_branch, :channel, :colorize_messages, :channels, :push_events, :issues_events, :merge_requests_events, :tag_push_events, - :note_events + :note_events, :send_from_committer_email, :disable_diffs ) end end diff --git a/app/controllers/projects/tags_controller.rb b/app/controllers/projects/tags_controller.rb index 08c7ce3f37d..83f4937bce3 100644 --- a/app/controllers/projects/tags_controller.rb +++ b/app/controllers/projects/tags_controller.rb @@ -7,7 +7,7 @@ class Projects::TagsController < Projects::ApplicationController def index sorted = VersionSorter.rsort(@repository.tag_names) - @tags = Kaminari.paginate_array(sorted).page(params[:page]).per(30) + @tags = Kaminari.paginate_array(sorted).page(params[:page]).per(PER_PAGE) end def create @@ -24,14 +24,13 @@ class Projects::TagsController < Projects::ApplicationController end def destroy - tag = @repository.find_tag(params[:id]) - - if tag && @repository.rm_tag(tag.name) - EventCreateService.new.push_ref(@project, current_user, tag, 'rm', 'refs/tags') - end + DeleteTagService.new(project, current_user).execute(params[:id]) respond_to do |format| - format.html { redirect_to namespace_project_tags_path } + format.html do + redirect_to namespace_project_tags_path(@project.namespace, + @project) + end format.js end end diff --git a/app/controllers/projects/wikis_controller.rb b/app/controllers/projects/wikis_controller.rb index 3392fbca91e..643167947b9 100644 --- a/app/controllers/projects/wikis_controller.rb +++ b/app/controllers/projects/wikis_controller.rb @@ -7,7 +7,7 @@ class Projects::WikisController < Projects::ApplicationController before_filter :load_project_wiki def pages - @wiki_pages = Kaminari.paginate_array(@project_wiki.pages).page(params[:page]).per(30) + @wiki_pages = Kaminari.paginate_array(@project_wiki.pages).page(params[:page]).per(PER_PAGE) end def show diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb index 82b8a1cc13a..0f28794b736 100644 --- a/app/controllers/projects_controller.rb +++ b/app/controllers/projects_controller.rb @@ -105,7 +105,7 @@ class ProjectsController < ApplicationController if request.referer.include?('/admin') redirect_to admin_namespaces_projects_path else - redirect_to projects_dashboard_path + redirect_to dashboard_path end end end @@ -176,11 +176,11 @@ class ProjectsController < ApplicationController end def autocomplete_emojis - Rails.cache.fetch("autocomplete-emoji-#{Emoji::VERSION}") do - Emoji.names.map do |e| + Rails.cache.fetch("autocomplete-emoji-#{Gemojione::VERSION}") do + Emoji.emojis.map do |name, emoji| { - name: e, - path: view_context.image_url("emoji/#{e}.png") + name: name, + path: view_context.image_url("emoji/#{emoji["unicode"]}.png") } end end diff --git a/app/controllers/snippets_controller.rb b/app/controllers/snippets_controller.rb index dc0a5554723..cd52556b203 100644 --- a/app/controllers/snippets_controller.rb +++ b/app/controllers/snippets_controller.rb @@ -16,7 +16,7 @@ class SnippetsController < ApplicationController layout :determine_layout def index - @snippets = SnippetsFinder.new.execute(current_user, filter: :all).page(params[:page]).per(20) + @snippets = SnippetsFinder.new.execute(current_user, filter: :all).page(params[:page]).per(PER_PAGE) end def user_index @@ -28,7 +28,7 @@ class SnippetsController < ApplicationController filter: :by_user, user: @user, scope: params[:scope] }). - page(params[:page]).per(20) + page(params[:page]).per(PER_PAGE) if @user == current_user render 'current_user_index' diff --git a/app/controllers/uploads_controller.rb b/app/controllers/uploads_controller.rb index 810ac9f34bd..c5f3da54ea2 100644 --- a/app/controllers/uploads_controller.rb +++ b/app/controllers/uploads_controller.rb @@ -1,24 +1,15 @@ class UploadsController < ApplicationController - skip_before_filter :authenticate_user!, :reject_blocked! - before_filter :authorize_access + skip_before_filter :authenticate_user! + before_filter :find_model, :authorize_access! def show - unless upload_model && upload_mount - return not_found! - end - - model = upload_model.find(params[:id]) - uploader = model.send(upload_mount) - - if model.respond_to?(:project) && !can?(current_user, :read_project, model.project) - return not_found! - end + uploader = @model.send(upload_mount) unless uploader.file_storage? return redirect_to uploader.url end - unless uploader.file.exists? + unless uploader.file && uploader.file.exists? return not_found! end @@ -28,9 +19,34 @@ class UploadsController < ApplicationController private - def authorize_access - unless params[:mounted_as] == 'avatar' - authenticate_user! && reject_blocked! + def find_model + unless upload_model && upload_mount + return not_found! + end + + @model = upload_model.find(params[:id]) + end + + def authorize_access! + authorized = + case @model + when Project + can?(current_user, :read_project, @model) + when Group + can?(current_user, :read_group, @model) + when Note + can?(current_user, :read_project, @model.project) + else + # No authentication required for user avatars. + true + end + + return if authorized + + if current_user + not_found! + else + authenticate_user! end end |