diff options
Diffstat (limited to 'app/controllers')
83 files changed, 0 insertions, 4991 deletions
diff --git a/app/controllers/admin/application_controller.rb b/app/controllers/admin/application_controller.rb deleted file mode 100644 index 6a8f20f6047..00000000000 --- a/app/controllers/admin/application_controller.rb +++ /dev/null @@ -1,11 +0,0 @@ -# Provides a base class for Admin controllers to subclass -# -# Automatically sets the layout and ensures an administrator is logged in -class Admin::ApplicationController < ApplicationController - layout 'admin' - before_filter :authenticate_admin! - - def authenticate_admin! - return render_404 unless current_user.is_admin? - end -end diff --git a/app/controllers/admin/application_settings_controller.rb b/app/controllers/admin/application_settings_controller.rb deleted file mode 100644 index b5fda196bf0..00000000000 --- a/app/controllers/admin/application_settings_controller.rb +++ /dev/null @@ -1,45 +0,0 @@ -class Admin::ApplicationSettingsController < Admin::ApplicationController - before_filter :set_application_setting - - def show - end - - def update - if @application_setting.update_attributes(application_setting_params) - redirect_to admin_application_settings_path, - notice: 'Application settings saved successfully' - else - render :show - end - end - - private - - def set_application_setting - @application_setting = ApplicationSetting.current - end - - def application_setting_params - restricted_levels = params[:application_setting][:restricted_visibility_levels] - if restricted_levels.nil? - params[:application_setting][:restricted_visibility_levels] = [] - else - restricted_levels.map! do |level| - level.to_i - end - end - - params.require(:application_setting).permit( - :default_projects_limit, - :default_branch_protection, - :signup_enabled, - :signin_enabled, - :gravatar_enabled, - :twitter_sharing_enabled, - :sign_in_text, - :home_page_url, - :max_attachment_size, - restricted_visibility_levels: [] - ) - end -end diff --git a/app/controllers/admin/applications_controller.rb b/app/controllers/admin/applications_controller.rb deleted file mode 100644 index 471d24934a0..00000000000 --- a/app/controllers/admin/applications_controller.rb +++ /dev/null @@ -1,52 +0,0 @@ -class Admin::ApplicationsController < Admin::ApplicationController - before_action :set_application, only: [:show, :edit, :update, :destroy] - - def index - @applications = Doorkeeper::Application.where("owner_id IS NULL") - end - - def show - end - - def new - @application = Doorkeeper::Application.new - end - - def edit - end - - def create - @application = Doorkeeper::Application.new(application_params) - - if @application.save - flash[:notice] = I18n.t(:notice, scope: [:doorkeeper, :flash, :applications, :create]) - redirect_to admin_application_url(@application) - else - render :new - end - end - - def update - if @application.update(application_params) - redirect_to admin_application_path(@application), notice: 'Application was successfully updated.' - else - render :edit - end - end - - def destroy - @application.destroy - redirect_to admin_applications_url, notice: 'Application was successfully destroyed.' - end - - private - - def set_application - @application = Doorkeeper::Application.where("owner_id IS NULL").find(params[:id]) - end - - # Only allow a trusted parameter "white list" through. - def application_params - params[:doorkeeper_application].permit(:name, :redirect_uri) - end -end diff --git a/app/controllers/admin/background_jobs_controller.rb b/app/controllers/admin/background_jobs_controller.rb deleted file mode 100644 index 338496013a0..00000000000 --- a/app/controllers/admin/background_jobs_controller.rb +++ /dev/null @@ -1,6 +0,0 @@ -class Admin::BackgroundJobsController < Admin::ApplicationController - def show - ps_output, _ = Gitlab::Popen.popen(%W(ps -U #{Gitlab.config.gitlab.user} -o pid,pcpu,pmem,stat,start,command)) - @sidekiq_processes = ps_output.split("\n").grep(/sidekiq/) - end -end diff --git a/app/controllers/admin/broadcast_messages_controller.rb b/app/controllers/admin/broadcast_messages_controller.rb deleted file mode 100644 index e1643bb34bf..00000000000 --- a/app/controllers/admin/broadcast_messages_controller.rb +++ /dev/null @@ -1,39 +0,0 @@ -class Admin::BroadcastMessagesController < Admin::ApplicationController - before_filter :broadcast_messages - - def index - @broadcast_message = BroadcastMessage.new - end - - def create - @broadcast_message = BroadcastMessage.new(broadcast_message_params) - - if @broadcast_message.save - redirect_to admin_broadcast_messages_path, notice: 'Broadcast Message was successfully created.' - else - render :index - end - end - - def destroy - BroadcastMessage.find(params[:id]).destroy - - respond_to do |format| - format.html { redirect_to :back } - format.js { render nothing: true } - end - end - - protected - - def broadcast_messages - @broadcast_messages ||= BroadcastMessage.order("starts_at DESC").page(params[:page]) - end - - def broadcast_message_params - params.require(:broadcast_message).permit( - :alert_type, :color, :ends_at, :font, - :message, :starts_at - ) - end -end diff --git a/app/controllers/admin/dashboard_controller.rb b/app/controllers/admin/dashboard_controller.rb deleted file mode 100644 index c491e5c7550..00000000000 --- a/app/controllers/admin/dashboard_controller.rb +++ /dev/null @@ -1,7 +0,0 @@ -class Admin::DashboardController < Admin::ApplicationController - def index - @projects = Project.limit(10) - @users = User.limit(10) - @groups = Group.limit(10) - end -end diff --git a/app/controllers/admin/deploy_keys_controller.rb b/app/controllers/admin/deploy_keys_controller.rb deleted file mode 100644 index e93603bef36..00000000000 --- a/app/controllers/admin/deploy_keys_controller.rb +++ /dev/null @@ -1,49 +0,0 @@ -class Admin::DeployKeysController < Admin::ApplicationController - before_filter :deploy_keys, only: [:index] - before_filter :deploy_key, only: [:show, :destroy] - - def index - - end - - def show - - end - - def new - @deploy_key = deploy_keys.new - end - - def create - @deploy_key = deploy_keys.new(deploy_key_params) - - if @deploy_key.save - redirect_to admin_deploy_keys_path - else - render "new" - end - end - - def destroy - deploy_key.destroy - - respond_to do |format| - format.html { redirect_to admin_deploy_keys_path } - format.json { head :ok } - end - end - - protected - - def deploy_key - @deploy_key ||= deploy_keys.find(params[:id]) - end - - def deploy_keys - @deploy_keys ||= DeployKey.are_public - end - - def deploy_key_params - params.require(:deploy_key).permit(:key, :title) - end -end diff --git a/app/controllers/admin/groups_controller.rb b/app/controllers/admin/groups_controller.rb deleted file mode 100644 index 22d045fc388..00000000000 --- a/app/controllers/admin/groups_controller.rb +++ /dev/null @@ -1,64 +0,0 @@ -class Admin::GroupsController < Admin::ApplicationController - before_filter :group, only: [:edit, :show, :update, :destroy, :project_update, :members_update] - - def index - @groups = Group.all - @groups = @groups.sort(@sort = params[:sort]) - @groups = @groups.search(params[:name]) if params[:name].present? - @groups = @groups.page(params[:page]).per(PER_PAGE) - end - - def show - @members = @group.members.order("access_level DESC").page(params[:members_page]).per(PER_PAGE) - @projects = @group.projects.page(params[:projects_page]).per(PER_PAGE) - end - - def new - @group = Group.new - end - - def edit - end - - def create - @group = Group.new(group_params) - @group.name = @group.path.dup unless @group.name - - if @group.save - @group.add_owner(current_user) - redirect_to [:admin, @group], notice: 'Group was successfully created.' - else - render "new" - end - end - - def update - if @group.update_attributes(group_params) - redirect_to [:admin, @group], notice: 'Group was successfully updated.' - else - render "edit" - end - end - - def members_update - @group.add_users(params[:user_ids].split(','), params[:access_level], current_user) - - redirect_to [:admin, @group], notice: 'Users were successfully added.' - end - - def destroy - @group.destroy - - redirect_to admin_groups_path, notice: 'Group was successfully deleted.' - end - - private - - def group - @group = Group.find_by(path: params[:id]) - end - - def group_params - params.require(:group).permit(:name, :description, :path, :avatar) - end -end diff --git a/app/controllers/admin/hooks_controller.rb b/app/controllers/admin/hooks_controller.rb deleted file mode 100644 index 0a463239d74..00000000000 --- a/app/controllers/admin/hooks_controller.rb +++ /dev/null @@ -1,44 +0,0 @@ -class Admin::HooksController < Admin::ApplicationController - def index - @hooks = SystemHook.all - @hook = SystemHook.new - end - - def create - @hook = SystemHook.new(hook_params) - - if @hook.save - redirect_to admin_hooks_path, notice: 'Hook was successfully created.' - else - @hooks = SystemHook.all - render :index - end - end - - def destroy - @hook = SystemHook.find(params[:id]) - @hook.destroy - - redirect_to admin_hooks_path - end - - - def test - @hook = SystemHook.find(params[:hook_id]) - data = { - event_name: "project_create", - name: "Ruby", - path: "ruby", - project_id: 1, - owner_name: "Someone", - owner_email: "example@gitlabhq.com" - } - @hook.execute(data) - - redirect_to :back - end - - def hook_params - params.require(:hook).permit(:url) - end -end diff --git a/app/controllers/admin/keys_controller.rb b/app/controllers/admin/keys_controller.rb deleted file mode 100644 index 21111bb44f5..00000000000 --- a/app/controllers/admin/keys_controller.rb +++ /dev/null @@ -1,34 +0,0 @@ -class Admin::KeysController < Admin::ApplicationController - before_filter :user, only: [:show, :destroy] - - def show - @key = user.keys.find(params[:id]) - - respond_to do |format| - format.html - format.js { render nothing: true } - end - end - - def destroy - key = user.keys.find(params[:id]) - - respond_to do |format| - if key.destroy - format.html { redirect_to [:admin, user], notice: 'User key was successfully removed.' } - else - format.html { redirect_to [:admin, user], alert: 'Failed to remove user key.' } - end - end - end - - protected - - def user - @user ||= User.find_by!(username: params[:user_id]) - end - - def key_params - params.require(:user_id, :id) - end -end diff --git a/app/controllers/admin/logs_controller.rb b/app/controllers/admin/logs_controller.rb deleted file mode 100644 index b999018dde4..00000000000 --- a/app/controllers/admin/logs_controller.rb +++ /dev/null @@ -1,2 +0,0 @@ -class Admin::LogsController < Admin::ApplicationController -end diff --git a/app/controllers/admin/projects_controller.rb b/app/controllers/admin/projects_controller.rb deleted file mode 100644 index 5176a8399ae..00000000000 --- a/app/controllers/admin/projects_controller.rb +++ /dev/null @@ -1,44 +0,0 @@ -class Admin::ProjectsController < Admin::ApplicationController - before_filter :project, only: [:show, :transfer] - before_filter :group, only: [:show, :transfer] - before_filter :repository, only: [:show, :transfer] - - def index - @projects = Project.all - @projects = @projects.where(namespace_id: params[:namespace_id]) if params[:namespace_id].present? - @projects = @projects.where("visibility_level IN (?)", params[:visibility_levels]) if params[:visibility_levels].present? - @projects = @projects.with_push if params[:with_push].present? - @projects = @projects.abandoned if params[:abandoned].present? - @projects = @projects.search(params[:name]) if params[:name].present? - @projects = @projects.sort(@sort = params[:sort]) - @projects = @projects.includes(:namespace).order("namespaces.path, projects.name ASC").page(params[:page]).per(PER_PAGE) - end - - def show - if @group - @group_members = @group.members.order("access_level DESC").page(params[:group_members_page]).per(PER_PAGE) - end - - @project_members = @project.project_members.page(params[:project_members_page]).per(PER_PAGE) - end - - def transfer - ::Projects::TransferService.new(@project, current_user, params.dup).execute - - @project.reload - redirect_to admin_namespace_project_path(@project.namespace, @project) - end - - protected - - def project - @project = Project.find_with_namespace( - [params[:namespace_id], '/', params[:id]].join('') - ) - @project || render_404 - end - - def group - @group ||= @project.group - end -end diff --git a/app/controllers/admin/services_controller.rb b/app/controllers/admin/services_controller.rb deleted file mode 100644 index 76a938c5fe4..00000000000 --- a/app/controllers/admin/services_controller.rb +++ /dev/null @@ -1,54 +0,0 @@ -class Admin::ServicesController < Admin::ApplicationController - before_filter :service, only: [:edit, :update] - - def index - @services = services_templates - end - - def edit - unless service.present? - redirect_to admin_application_settings_services_path, - alert: "Service is unknown or it doesn't exist" - end - end - - def update - if service.update_attributes(application_services_params[:service]) - redirect_to admin_application_settings_services_path, - notice: 'Application settings saved successfully' - else - render :edit - end - end - - private - - def services_templates - templates = [] - - Service.available_services_names.each do |service_name| - service_template = service_name.concat("_service").camelize.constantize - templates << service_template.where(template: true).first_or_create - end - - templates - end - - def service - @service ||= Service.where(id: params[:id], template: true).first - end - - def application_services_params - params.permit(:id, - service: [ - :title, :token, :type, :active, :api_key, :subdomain, - :room, :recipients, :project_url, :webhook, - :user_key, :device, :priority, :sound, :bamboo_url, :username, :password, - :build_key, :server, :teamcity_url, :build_type, - :description, :issues_url, :new_issue_url, :restrict_to_branch, - :send_from_committer_email, :disable_diffs, - :push_events, :tag_push_events, :note_events, :issues_events, - :merge_requests_events - ]) - end -end diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb deleted file mode 100644 index b4c011f213c..00000000000 --- a/app/controllers/admin/users_controller.rb +++ /dev/null @@ -1,128 +0,0 @@ -class Admin::UsersController < Admin::ApplicationController - before_filter :user, only: [:show, :edit, :update, :destroy] - - def index - @users = User.order_name_asc.filter(params[:filter]) - @users = @users.search(params[:name]) if params[:name].present? - @users = @users.sort(@sort = params[:sort]) - @users = @users.page(params[:page]) - end - - def show - @personal_projects = user.personal_projects - @joined_projects = user.projects.joined(@user) - @keys = user.keys - end - - def new - @user = User.new - end - - def edit - user - end - - def block - if user.block - redirect_to :back, notice: "Successfully blocked" - else - redirect_to :back, alert: "Error occurred. User was not blocked" - end - end - - def unblock - if user.activate - redirect_to :back, notice: "Successfully unblocked" - else - redirect_to :back, alert: "Error occurred. User was not unblocked" - end - end - - def create - opts = { - force_random_password: true, - password_expires_at: nil - } - - @user = User.new(user_params.merge(opts)) - @user.created_by_id = current_user.id - @user.generate_password - @user.generate_reset_token - @user.skip_confirmation! - - respond_to do |format| - if @user.save - format.html { redirect_to [:admin, @user], notice: 'User was successfully created.' } - format.json { render json: @user, status: :created, location: @user } - else - format.html { render "new" } - format.json { render json: @user.errors, status: :unprocessable_entity } - end - end - end - - def update - user_params_with_pass = user_params.dup - - if params[:user][:password].present? - user_params_with_pass.merge!( - password: params[:user][:password], - password_confirmation: params[:user][:password_confirmation], - ) - end - - respond_to do |format| - user.skip_reconfirmation! - if user.update_attributes(user_params_with_pass) - format.html { redirect_to [:admin, user], notice: 'User was successfully updated.' } - format.json { head :ok } - else - # restore username to keep form action url. - user.username = params[:id] - format.html { render "edit" } - format.json { render json: user.errors, status: :unprocessable_entity } - end - end - end - - def destroy - # 1. Remove groups where user is the only owner - user.solo_owned_groups.map(&:destroy) - - # 2. Remove user with all authored content including personal projects - user.destroy - - respond_to do |format| - format.html { redirect_to admin_users_path } - format.json { head :ok } - end - end - - def remove_email - email = user.emails.find(params[:email_id]) - email.destroy - - user.set_notification_email - user.save if user.notification_email_changed? - - respond_to do |format| - format.html { redirect_to :back, notice: "Successfully removed email." } - format.js { render nothing: true } - end - end - - protected - - def user - @user ||= User.find_by!(username: params[:id]) - end - - def user_params - params.require(:user).permit( - :email, :remember_me, :bio, :name, :username, - :skype, :linkedin, :twitter, :website_url, :color_scheme_id, :theme_id, :force_random_password, - :extern_uid, :provider, :password_expires_at, :avatar, :hide_no_ssh_key, :hide_no_password, - :projects_limit, :can_create_group, :admin, :key_id - ) - end -end diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb deleted file mode 100644 index 920a981e7c9..00000000000 --- a/app/controllers/application_controller.rb +++ /dev/null @@ -1,345 +0,0 @@ -require 'gon' - -class ApplicationController < ActionController::Base - include Gitlab::CurrentSettings - include GitlabRoutingHelper - - PER_PAGE = 20 - - before_filter :authenticate_user_from_token! - before_filter :authenticate_user! - before_filter :reject_blocked! - before_filter :check_password_expiration - before_filter :ldap_security_check - before_filter :default_headers - before_filter :add_gon_variables - before_filter :configure_permitted_parameters, if: :devise_controller? - before_filter :require_email, unless: :devise_controller? - - protect_from_forgery with: :exception - - helper_method :abilities, :can?, :current_application_settings - helper_method :github_import_enabled?, :gitlab_import_enabled?, :bitbucket_import_enabled? - - rescue_from Encoding::CompatibilityError do |exception| - log_exception(exception) - render "errors/encoding", layout: "errors", status: 500 - end - - rescue_from ActiveRecord::RecordNotFound do |exception| - log_exception(exception) - render "errors/not_found", layout: "errors", status: 404 - end - - protected - - # From https://github.com/plataformatec/devise/wiki/How-To:-Simple-Token-Authentication-Example - # https://gist.github.com/josevalim/fb706b1e933ef01e4fb6 - def authenticate_user_from_token! - user_token = if params[:authenticity_token].presence - params[:authenticity_token].presence - elsif params[:private_token].presence - params[:private_token].presence - end - user = user_token && User.find_by_authentication_token(user_token.to_s) - - if user - # Notice we are passing store false, so the user is not - # actually stored in the session and a token is needed - # for every request. If you want the token to work as a - # sign in token, you can simply remove store: false. - sign_in user, store: false - end - end - - def authenticate_user!(*args) - # If user is not signed-in and tries to access root_path - redirect him to landing page - if current_application_settings.home_page_url.present? - if current_user.nil? && controller_name == 'dashboard' && action_name == 'show' - redirect_to current_application_settings.home_page_url and return - end - end - - super(*args) - end - - def log_exception(exception) - application_trace = ActionDispatch::ExceptionWrapper.new(env, exception).application_trace - application_trace.map!{ |t| " #{t}\n" } - logger.error "\n#{exception.class.name} (#{exception.message}):\n#{application_trace.join}" - end - - def reject_blocked! - if current_user && current_user.blocked? - sign_out current_user - flash[:alert] = "Your account is blocked. Retry when an admin has unblocked it." - redirect_to new_user_session_path - end - end - - def after_sign_in_path_for(resource) - if resource.is_a?(User) && resource.respond_to?(:blocked?) && resource.blocked? - sign_out resource - flash[:alert] = "Your account is blocked. Retry when an admin has unblocked it." - new_user_session_path - else - stored_location_for(:redirect) || stored_location_for(resource) || root_path - end - end - - def abilities - Ability.abilities - end - - def can?(object, action, subject) - abilities.allowed?(object, action, subject) - end - - def project - unless @project - namespace = params[:namespace_id] - id = params[:project_id] || params[:id] - - # Redirect from - # localhost/group/project.git - # to - # localhost/group/project - # - if id =~ /\.git\Z/ - redirect_to request.original_url.gsub(/\.git\Z/, '') and return - end - - @project = Project.find_with_namespace("#{namespace}/#{id}") - - if @project and can?(current_user, :read_project, @project) - @project - elsif current_user.nil? - @project = nil - authenticate_user! - else - @project = nil - render_404 and return - end - end - @project - end - - def repository - @repository ||= project.repository - rescue Grit::NoSuchPathError => e - log_exception(e) - nil - end - - def authorize_project!(action) - return access_denied! unless can?(current_user, action, project) - end - - def authorize_labels! - # Labels should be accessible for issues and/or merge requests - authorize_read_issue! || authorize_read_merge_request! - end - - def access_denied! - render "errors/access_denied", layout: "errors", status: 404 - end - - def not_found! - render "errors/not_found", layout: "errors", status: 404 - end - - def git_not_found! - render "errors/git_not_found", layout: "errors", status: 404 - end - - def method_missing(method_sym, *arguments, &block) - if method_sym.to_s =~ /\Aauthorize_(.*)!\z/ - authorize_project!($1.to_sym) - else - super - end - end - - def render_403 - head :forbidden - end - - def render_404 - render file: Rails.root.join("public", "404"), layout: false, status: "404" - end - - def require_non_empty_project - redirect_to @project if @project.empty_repo? - end - - def no_cache_headers - response.headers["Cache-Control"] = "no-cache, no-store, max-age=0, must-revalidate" - response.headers["Pragma"] = "no-cache" - response.headers["Expires"] = "Fri, 01 Jan 1990 00:00:00 GMT" - end - - def default_url_options - if !Rails.env.test? - port = Gitlab.config.gitlab.port unless Gitlab.config.gitlab_on_standard_port? - { host: Gitlab.config.gitlab.host, - protocol: Gitlab.config.gitlab.protocol, - port: port, - script_name: Gitlab.config.gitlab.relative_url_root } - else - super - end - end - - def default_headers - headers['X-Frame-Options'] = 'DENY' - headers['X-XSS-Protection'] = '1; mode=block' - headers['X-UA-Compatible'] = 'IE=edge' - headers['X-Content-Type-Options'] = 'nosniff' - headers['Strict-Transport-Security'] = 'max-age=31536000' if Gitlab.config.gitlab.https - end - - def add_gon_variables - gon.default_issues_tracker = Project.new.default_issue_tracker.to_param - gon.api_version = API::API.version - gon.relative_url_root = Gitlab.config.gitlab.relative_url_root - gon.default_avatar_url = URI::join(Gitlab.config.gitlab.url, ActionController::Base.helpers.image_path('no_avatar.png')).to_s - gon.max_file_size = current_application_settings.max_attachment_size; - - if current_user - gon.current_user_id = current_user.id - gon.api_token = current_user.private_token - end - end - - def check_password_expiration - if current_user && current_user.password_expires_at && current_user.password_expires_at < Time.now && !current_user.ldap_user? - redirect_to new_profile_password_path and return - end - end - - def ldap_security_check - if current_user && current_user.requires_ldap_check? - unless Gitlab::LDAP::Access.allowed?(current_user) - sign_out current_user - flash[:alert] = "Access denied for your LDAP account." - redirect_to new_user_session_path - end - end - end - - def event_filter - filters = cookies['event_filter'].split(',') if cookies['event_filter'].present? - @event_filter ||= EventFilter.new(filters) - end - - def gitlab_ldap_access(&block) - Gitlab::LDAP::Access.open { |access| block.call(access) } - end - - # JSON for infinite scroll via Pager object - def pager_json(partial, count) - html = render_to_string( - partial, - layout: false, - formats: [:html] - ) - - render json: { - html: html, - count: count - } - end - - def view_to_html_string(partial) - render_to_string( - partial, - layout: false, - formats: [:html] - ) - end - - def configure_permitted_parameters - devise_parameter_sanitizer.sanitize(:sign_in) { |u| u.permit(:username, :email, :password, :login, :remember_me) } - end - - def hexdigest(string) - Digest::SHA1.hexdigest string - end - - def require_email - if current_user && current_user.temp_oauth_email? - redirect_to profile_path, notice: 'Please complete your profile with email address' and return - end - end - - def set_filters_params - params[:sort] ||= 'created_desc' - params[:scope] = 'all' if params[:scope].blank? - params[:state] = 'opened' if params[:state].blank? - - @filter_params = params.dup - - if @project - @filter_params[:project_id] = @project.id - elsif @group - @filter_params[:group_id] = @group.id - else - # TODO: this filter ignore issues/mr created in public or - # internal repos where you are not a member. Enable this filter - # or improve current implementation to filter only issues you - # created or assigned or mentioned - #@filter_params[:authorized_only] = true - end - - @filter_params - end - - def set_filter_values(collection) - assignee_id = @filter_params[:assignee_id] - author_id = @filter_params[:author_id] - milestone_id = @filter_params[:milestone_id] - - @sort = @filter_params[:sort] - @assignees = User.where(id: collection.pluck(:assignee_id)) - @authors = User.where(id: collection.pluck(:author_id)) - @milestones = Milestone.where(id: collection.pluck(:milestone_id)) - - if assignee_id.present? && !assignee_id.to_i.zero? - @assignee = @assignees.find_by(id: assignee_id) - end - - if author_id.present? && !author_id.to_i.zero? - @author = @authors.find_by(id: author_id) - end - - if milestone_id.present? && !milestone_id.to_i.zero? - @milestone = @milestones.find_by(id: milestone_id) - end - end - - def get_issues_collection - set_filters_params - issues = IssuesFinder.new.execute(current_user, @filter_params) - set_filter_values(issues) - issues - end - - def get_merge_requests_collection - set_filters_params - merge_requests = MergeRequestsFinder.new.execute(current_user, @filter_params) - set_filter_values(merge_requests) - merge_requests - end - - def github_import_enabled? - OauthHelper.enabled_oauth_providers.include?(:github) - end - - def gitlab_import_enabled? - OauthHelper.enabled_oauth_providers.include?(:gitlab) - end - - def bitbucket_import_enabled? - OauthHelper.enabled_oauth_providers.include?(:bitbucket) && Gitlab::BitbucketImport.public_key.present? - end -end diff --git a/app/controllers/autocomplete_controller.rb b/app/controllers/autocomplete_controller.rb deleted file mode 100644 index 11af9895261..00000000000 --- a/app/controllers/autocomplete_controller.rb +++ /dev/null @@ -1,30 +0,0 @@ -class AutocompleteController < ApplicationController - def users - @users = - if params[:project_id].present? - project = Project.find(params[:project_id]) - - if can?(current_user, :read_project, project) - project.team.users - end - elsif params[:group_id] - group = Group.find(params[:group_id]) - - if can?(current_user, :read_group, group) - group.users - end - else - User.all - end - - @users = @users.search(params[:search]) if params[:search].present? - @users = @users.active - @users = @users.page(params[:page]).per(PER_PAGE) - render json: @users, only: [:name, :username, :id], methods: [:avatar_url] - end - - def user - @user = User.find(params[:id]) - render json: @user, only: [:name, :username, :id], methods: [:avatar_url] - end -end diff --git a/app/controllers/confirmations_controller.rb b/app/controllers/confirmations_controller.rb deleted file mode 100644 index af1faca93f6..00000000000 --- a/app/controllers/confirmations_controller.rb +++ /dev/null @@ -1,17 +0,0 @@ -class ConfirmationsController < Devise::ConfirmationsController - - protected - - def after_confirmation_path_for(resource_name, resource) - if signed_in?(resource_name) - after_sign_in_path_for(resource) - else - sign_in(resource) - if signed_in?(resource_name) - after_sign_in_path_for(resource) - else - new_session_path(resource_name) - end - end - end -end diff --git a/app/controllers/dashboard/groups_controller.rb b/app/controllers/dashboard/groups_controller.rb deleted file mode 100644 index ed14f4e1f3b..00000000000 --- a/app/controllers/dashboard/groups_controller.rb +++ /dev/null @@ -1,5 +0,0 @@ -class Dashboard::GroupsController < ApplicationController - def index - @group_members = current_user.group_members.page(params[:page]).per(PER_PAGE) - end -end diff --git a/app/controllers/dashboard/milestones_controller.rb b/app/controllers/dashboard/milestones_controller.rb deleted file mode 100644 index cb51792df16..00000000000 --- a/app/controllers/dashboard/milestones_controller.rb +++ /dev/null @@ -1,34 +0,0 @@ -class Dashboard::MilestonesController < ApplicationController - before_filter :load_projects - - def index - project_milestones = case params[:state] - when 'all'; state - when 'closed'; state('closed') - else state('active') - end - @dashboard_milestones = Milestones::GroupService.new(project_milestones).execute - @dashboard_milestones = Kaminari.paginate_array(@dashboard_milestones).page(params[:page]).per(PER_PAGE) - end - - def show - project_milestones = Milestone.where(project_id: @projects).order("due_date ASC") - @dashboard_milestone = Milestones::GroupService.new(project_milestones).milestone(title) - end - - private - - def load_projects - @projects = current_user.authorized_projects.sorted_by_activity.non_archived - end - - def title - params[:title] - end - - def state(state = nil) - conditions = { project_id: @projects } - conditions.reverse_merge!(state: state) if state - Milestone.where(conditions).order("title ASC") - end -end diff --git a/app/controllers/dashboard/projects_controller.rb b/app/controllers/dashboard/projects_controller.rb deleted file mode 100644 index 56e6fcc41ca..00000000000 --- a/app/controllers/dashboard/projects_controller.rb +++ /dev/null @@ -1,27 +0,0 @@ -class Dashboard::ProjectsController < ApplicationController - before_filter :event_filter - - def starred - @projects = current_user.starred_projects - @projects = @projects.includes(:namespace, :forked_from_project, :tags) - @projects = @projects.sort(@sort = params[:sort]) - @groups = [] - - respond_to do |format| - format.html - - format.json do - load_events - pager_json("events/_events", @events.count) - end - end - end - - private - - def load_events - @events = Event.in_projects(@projects.pluck(:id)) - @events = @event_filter.apply_filter(@events).with_associations - @events = @events.limit(20).offset(params[:offset] || 0) - end -end diff --git a/app/controllers/dashboard_controller.rb b/app/controllers/dashboard_controller.rb deleted file mode 100644 index 9bd853ed5c7..00000000000 --- a/app/controllers/dashboard_controller.rb +++ /dev/null @@ -1,54 +0,0 @@ -class DashboardController < ApplicationController - respond_to :html - - before_filter :load_projects, except: [:projects] - before_filter :event_filter, only: :show - - def show - @projects = @projects.includes(:namespace) - @last_push = current_user.recent_push - - respond_to do |format| - format.html - - format.json do - load_events - pager_json("events/_events", @events.count) - end - - format.atom do - load_events - render layout: false - end - end - end - - def merge_requests - @merge_requests = get_merge_requests_collection - @merge_requests = @merge_requests.page(params[:page]).per(PER_PAGE) - @merge_requests = @merge_requests.preload(:author, :target_project) - end - - def issues - @issues = get_issues_collection - @issues = @issues.page(params[:page]).per(PER_PAGE) - @issues = @issues.preload(:author, :project) - - respond_to do |format| - format.html - format.atom { render layout: false } - end - end - - protected - - def load_projects - @projects = current_user.authorized_projects.sorted_by_activity.non_archived - end - - def load_events - @events = Event.in_projects(current_user.authorized_projects.pluck(:id)) - @events = @event_filter.apply_filter(@events).with_associations - @events = @events.limit(20).offset(params[:offset] || 0) - end -end diff --git a/app/controllers/explore/groups_controller.rb b/app/controllers/explore/groups_controller.rb deleted file mode 100644 index c51a4a211a6..00000000000 --- a/app/controllers/explore/groups_controller.rb +++ /dev/null @@ -1,13 +0,0 @@ -class Explore::GroupsController < ApplicationController - skip_before_filter :authenticate_user!, - :reject_blocked, :set_current_user_for_observers - - layout "explore" - - def index - @groups = GroupsFinder.new.execute(current_user) - @groups = @groups.search(params[:search]) if params[:search].present? - @groups = @groups.sort(@sort = params[:sort]) - @groups = @groups.page(params[:page]).per(PER_PAGE) - end -end diff --git a/app/controllers/explore/projects_controller.rb b/app/controllers/explore/projects_controller.rb deleted file mode 100644 index b295f295bb1..00000000000 --- a/app/controllers/explore/projects_controller.rb +++ /dev/null @@ -1,27 +0,0 @@ -class Explore::ProjectsController < ApplicationController - skip_before_filter :authenticate_user!, - :reject_blocked - - layout 'explore' - - def index - @projects = ProjectsFinder.new.execute(current_user) - @tags = @projects.tags_on(:tags) - @projects = @projects.tagged_with(params[:tag]) if params[:tag].present? - @projects = @projects.where(visibility_level: params[:visibility_level]) if params[:visibility_level].present? - @projects = @projects.search(params[:search]) if params[:search].present? - @projects = @projects.sort(@sort = params[:sort]) - @projects = @projects.includes(:namespace).page(params[:page]).per(PER_PAGE) - end - - def trending - @trending_projects = TrendingProjectsFinder.new.execute(current_user) - @trending_projects = @trending_projects.page(params[:page]).per(PER_PAGE) - end - - def starred - @starred_projects = ProjectsFinder.new.execute(current_user) - @starred_projects = @starred_projects.reorder('star_count DESC') - @starred_projects = @starred_projects.page(params[:page]).per(PER_PAGE) - end -end diff --git a/app/controllers/groups/application_controller.rb b/app/controllers/groups/application_controller.rb deleted file mode 100644 index 469a6813ee2..00000000000 --- a/app/controllers/groups/application_controller.rb +++ /dev/null @@ -1,28 +0,0 @@ -class Groups::ApplicationController < ApplicationController - - private - - def authorize_read_group! - unless @group and can?(current_user, :read_group, @group) - if current_user.nil? - return authenticate_user! - else - return render_404 - end - end - end - - def authorize_admin_group! - unless can?(current_user, :admin_group, group) - return render_404 - end - end - - def determine_layout - if current_user - 'group' - else - 'public_group' - end - end -end diff --git a/app/controllers/groups/avatars_controller.rb b/app/controllers/groups/avatars_controller.rb deleted file mode 100644 index 38071410f40..00000000000 --- a/app/controllers/groups/avatars_controller.rb +++ /dev/null @@ -1,12 +0,0 @@ -class Groups::AvatarsController < ApplicationController - layout "profile" - - def destroy - @group = Group.find_by(path: params[:group_id]) - @group.remove_avatar! - - @group.save - - redirect_to edit_group_path(@group) - end -end diff --git a/app/controllers/groups/group_members_controller.rb b/app/controllers/groups/group_members_controller.rb deleted file mode 100644 index 265cf4f0f4a..00000000000 --- a/app/controllers/groups/group_members_controller.rb +++ /dev/null @@ -1,84 +0,0 @@ -class Groups::GroupMembersController < Groups::ApplicationController - skip_before_filter :authenticate_user!, only: [:index] - before_filter :group - - # Authorize - before_filter :authorize_read_group! - before_filter :authorize_admin_group!, except: [:index, :leave] - - layout :determine_layout - - def index - @project = @group.projects.find(params[:project_id]) if params[:project_id] - @members = @group.group_members - @members = @members.non_invite unless can?(current_user, :admin_group, @group) - - if params[:search].present? - users = @group.users.search(params[:search]).to_a - @members = @members.where(user_id: users) - end - - @members = @members.order('access_level DESC').page(params[:page]).per(50) - @group_member = GroupMember.new - end - - def create - @group.add_users(params[:user_ids].split(','), params[:access_level], current_user) - - redirect_to group_group_members_path(@group), notice: 'Users were successfully added.' - end - - def update - @member = @group.group_members.find(params[:id]) - @member.update_attributes(member_params) - end - - def destroy - @group_member = @group.group_members.find(params[:id]) - - if can?(current_user, :destroy_group_member, @group_member) # May fail if last owner. - @group_member.destroy - respond_to do |format| - format.html { redirect_to group_group_members_path(@group), notice: 'User was successfully removed from group.' } - format.js { render nothing: true } - end - else - return render_403 - end - end - - def resend_invite - redirect_path = group_group_members_path(@group) - - @group_member = @group.group_members.find(params[:id]) - - if @group_member.invite? - @group_member.resend_invite - - redirect_to redirect_path, notice: 'The invitation was successfully resent.' - else - redirect_to redirect_path, alert: 'The invitation has already been accepted.' - end - end - - def leave - @group_member = @group.group_members.where(user_id: current_user.id).first - - if can?(current_user, :destroy_group_member, @group_member) - @group_member.destroy - redirect_to(dashboard_groups_path, notice: "You left #{group.name} group.") - else - return render_403 - end - end - - protected - - def group - @group ||= Group.find_by(path: params[:group_id]) - end - - def member_params - params.require(:group_member).permit(:access_level, :user_id) - end -end diff --git a/app/controllers/groups/milestones_controller.rb b/app/controllers/groups/milestones_controller.rb deleted file mode 100644 index 546ff2cc71f..00000000000 --- a/app/controllers/groups/milestones_controller.rb +++ /dev/null @@ -1,56 +0,0 @@ -class Groups::MilestonesController < ApplicationController - layout 'group' - - before_filter :authorize_group_milestone!, only: :update - - def index - project_milestones = case params[:state] - when 'all'; state - when 'closed'; state('closed') - else state('active') - end - @group_milestones = Milestones::GroupService.new(project_milestones).execute - @group_milestones = Kaminari.paginate_array(@group_milestones).page(params[:page]).per(PER_PAGE) - end - - def show - project_milestones = Milestone.where(project_id: group.projects).order("due_date ASC") - @group_milestone = Milestones::GroupService.new(project_milestones).milestone(title) - end - - def update - project_milestones = Milestone.where(project_id: group.projects).order("due_date ASC") - @group_milestones = Milestones::GroupService.new(project_milestones).milestone(title) - - @group_milestones.milestones.each do |milestone| - Milestones::UpdateService.new(milestone.project, current_user, params[:milestone]).execute(milestone) - end - - respond_to do |format| - format.js - format.html do - redirect_to group_milestones_path(group) - end - end - end - - private - - def group - @group ||= Group.find_by(path: params[:group_id]) - end - - def title - params[:title] - end - - def state(state = nil) - conditions = { project_id: group.projects } - conditions.reverse_merge!(state: state) if state - Milestone.where(conditions).order("title ASC") - end - - def authorize_group_milestone! - return render_404 unless can?(current_user, :admin_group, group) - end -end diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb deleted file mode 100644 index 7af3c077182..00000000000 --- a/app/controllers/groups_controller.rb +++ /dev/null @@ -1,145 +0,0 @@ -class GroupsController < Groups::ApplicationController - skip_before_filter :authenticate_user!, only: [:show, :issues, :merge_requests] - respond_to :html - before_filter :group, except: [:new, :create] - - # Authorize - before_filter :authorize_read_group!, except: [:new, :create] - before_filter :authorize_admin_group!, only: [:edit, :update, :destroy, :projects] - before_filter :authorize_create_group!, only: [:new, :create] - - # Load group projects - before_filter :load_projects, except: [:new, :create, :projects, :edit, :update] - before_filter :event_filter, only: :show - before_filter :set_title, only: [:new, :create] - - layout :determine_layout - - def new - @group = Group.new - end - - def create - @group = Group.new(group_params) - @group.name = @group.path.dup unless @group.name - - if @group.save - @group.add_owner(current_user) - redirect_to @group, notice: 'Group was successfully created.' - else - render action: "new" - end - end - - def show - @last_push = current_user.recent_push if current_user - @projects = @projects.includes(:namespace) - - respond_to do |format| - format.html - - format.json do - load_events - pager_json("events/_events", @events.count) - end - - format.atom do - load_events - render layout: false - end - end - end - - def merge_requests - @merge_requests = get_merge_requests_collection - @merge_requests = @merge_requests.page(params[:page]).per(PER_PAGE) - @merge_requests = @merge_requests.preload(:author, :target_project) - end - - def issues - @issues = get_issues_collection - @issues = @issues.page(params[:page]).per(PER_PAGE) - @issues = @issues.preload(:author, :project) - - respond_to do |format| - format.html - format.atom { render layout: false } - end - end - - def edit - end - - def projects - @projects = @group.projects.page(params[:page]) - end - - def update - if @group.update_attributes(group_params) - redirect_to edit_group_path(@group), notice: 'Group was successfully updated.' - else - render action: "edit" - end - end - - def destroy - @group.destroy - - redirect_to root_path, notice: 'Group was removed.' - end - - protected - - def group - @group ||= Group.find_by(path: params[:id]) - end - - def load_projects - @projects ||= ProjectsFinder.new.execute(current_user, group: group).sorted_by_activity.non_archived - end - - def project_ids - @projects.pluck(:id) - end - - # Dont allow unauthorized access to group - def authorize_read_group! - unless @group and (@projects.present? or can?(current_user, :read_group, @group)) - if current_user.nil? - return authenticate_user! - else - return render_404 - end - end - end - - def authorize_create_group! - unless can?(current_user, :create_group, nil) - return render_404 - end - end - - def set_title - @title = 'New Group' - end - - def determine_layout - if [:new, :create].include?(action_name.to_sym) - 'navless' - elsif current_user - 'group' - else - 'public_group' - end - end - - def group_params - params.require(:group).permit(:name, :description, :path, :avatar) - end - - def load_events - @events = Event.in_projects(project_ids) - @events = event_filter.apply_filter(@events).with_associations - @events = @events.limit(20).offset(params[:offset] || 0) - end -end diff --git a/app/controllers/import/base_controller.rb b/app/controllers/import/base_controller.rb deleted file mode 100644 index 93a7ace3530..00000000000 --- a/app/controllers/import/base_controller.rb +++ /dev/null @@ -1,19 +0,0 @@ -class Import::BaseController < ApplicationController - - private - - def get_or_create_namespace - begin - namespace = Group.create!(name: @target_namespace, path: @target_namespace, owner: current_user) - namespace.add_owner(current_user) - rescue ActiveRecord::RecordNotUnique, ActiveRecord::RecordInvalid - namespace = Namespace.find_by_path_or_name(@target_namespace) - unless current_user.can?(:create_projects, namespace) - @already_been_taken = true - return false - end - end - - namespace - end -end diff --git a/app/controllers/import/bitbucket_controller.rb b/app/controllers/import/bitbucket_controller.rb deleted file mode 100644 index bb8d7e0235c..00000000000 --- a/app/controllers/import/bitbucket_controller.rb +++ /dev/null @@ -1,82 +0,0 @@ -class Import::BitbucketController < Import::BaseController - before_filter :verify_bitbucket_import_enabled - before_filter :bitbucket_auth, except: :callback - - rescue_from OAuth::Error, with: :bitbucket_unauthorized - - def callback - request_token = session.delete(:oauth_request_token) - raise "Session expired!" if request_token.nil? - - request_token.symbolize_keys! - - access_token = client.get_token(request_token, params[:oauth_verifier], callback_import_bitbucket_url) - - current_user.bitbucket_access_token = access_token.token - current_user.bitbucket_access_token_secret = access_token.secret - - current_user.save - redirect_to status_import_bitbucket_url - end - - def status - @repos = client.projects - - @already_added_projects = current_user.created_projects.where(import_type: "bitbucket") - already_added_projects_names = @already_added_projects.pluck(:import_source) - - @repos.to_a.reject!{ |repo| already_added_projects_names.include? "#{repo["owner"]}/#{repo["slug"]}" } - end - - def jobs - jobs = current_user.created_projects.where(import_type: "bitbucket").to_json(only: [:id, :import_status]) - render json: jobs - end - - def create - @repo_id = params[:repo_id] || "" - repo = client.project(@repo_id.gsub("___", "/")) - @project_name = repo["slug"] - - repo_owner = repo["owner"] - repo_owner = current_user.username if repo_owner == client.user["user"]["username"] - @target_namespace = params[:new_namespace].presence || repo_owner - - namespace = get_or_create_namespace || (render and return) - - unless Gitlab::BitbucketImport::KeyAdder.new(repo, current_user).execute - @access_denied = true - render - return - end - - @project = Gitlab::BitbucketImport::ProjectCreator.new(repo, namespace, current_user).execute - end - - private - - def client - @client ||= Gitlab::BitbucketImport::Client.new(current_user.bitbucket_access_token, current_user.bitbucket_access_token_secret) - end - - def verify_bitbucket_import_enabled - not_found! unless bitbucket_import_enabled? - end - - def bitbucket_auth - if current_user.bitbucket_access_token.blank? - go_to_bitbucket_for_permissions - end - end - - def go_to_bitbucket_for_permissions - request_token = client.request_token(callback_import_bitbucket_url) - session[:oauth_request_token] = request_token - - redirect_to client.authorize_url(request_token, callback_import_bitbucket_url) - end - - def bitbucket_unauthorized - go_to_bitbucket_for_permissions - end -end diff --git a/app/controllers/import/github_controller.rb b/app/controllers/import/github_controller.rb deleted file mode 100644 index 87b41454c77..00000000000 --- a/app/controllers/import/github_controller.rb +++ /dev/null @@ -1,68 +0,0 @@ -class Import::GithubController < Import::BaseController - before_filter :verify_github_import_enabled - before_filter :github_auth, except: :callback - - rescue_from Octokit::Unauthorized, with: :github_unauthorized - - def callback - token = client.get_token(params[:code]) - current_user.github_access_token = token - current_user.save - redirect_to status_import_github_url - end - - def status - @repos = client.repos - client.orgs.each do |org| - @repos += client.org_repos(org.login) - end - - @already_added_projects = current_user.created_projects.where(import_type: "github") - already_added_projects_names = @already_added_projects.pluck(:import_source) - - @repos.reject!{ |repo| already_added_projects_names.include? repo.full_name } - end - - def jobs - jobs = current_user.created_projects.where(import_type: "github").to_json(only: [:id, :import_status]) - render json: jobs - end - - def create - @repo_id = params[:repo_id].to_i - repo = client.repo(@repo_id) - @project_name = repo.name - - repo_owner = repo.owner.login - repo_owner = current_user.username if repo_owner == client.user.login - @target_namespace = params[:new_namespace].presence || repo_owner - - namespace = get_or_create_namespace || (render and return) - - @project = Gitlab::GithubImport::ProjectCreator.new(repo, namespace, current_user).execute - end - - private - - def client - @client ||= Gitlab::GithubImport::Client.new(current_user.github_access_token) - end - - def verify_github_import_enabled - not_found! unless github_import_enabled? - end - - def github_auth - if current_user.github_access_token.blank? - go_to_github_for_permissions - end - end - - def go_to_github_for_permissions - redirect_to client.authorize_url(callback_import_github_url) - end - - def github_unauthorized - go_to_github_for_permissions - end -end diff --git a/app/controllers/import/gitlab_controller.rb b/app/controllers/import/gitlab_controller.rb deleted file mode 100644 index bddbfded812..00000000000 --- a/app/controllers/import/gitlab_controller.rb +++ /dev/null @@ -1,65 +0,0 @@ -class Import::GitlabController < Import::BaseController - before_filter :verify_gitlab_import_enabled - before_filter :gitlab_auth, except: :callback - - rescue_from OAuth2::Error, with: :gitlab_unauthorized - - def callback - token = client.get_token(params[:code], callback_import_gitlab_url) - current_user.gitlab_access_token = token - current_user.save - redirect_to status_import_gitlab_url - end - - def status - @repos = client.projects - - @already_added_projects = current_user.created_projects.where(import_type: "gitlab") - already_added_projects_names = @already_added_projects.pluck(:import_source) - - @repos = @repos.to_a.reject{ |repo| already_added_projects_names.include? repo["path_with_namespace"] } - end - - def jobs - jobs = current_user.created_projects.where(import_type: "gitlab").to_json(only: [:id, :import_status]) - render json: jobs - end - - def create - @repo_id = params[:repo_id].to_i - repo = client.project(@repo_id) - @project_name = repo["name"] - - repo_owner = repo["namespace"]["path"] - repo_owner = current_user.username if repo_owner == client.user["username"] - @target_namespace = params[:new_namespace].presence || repo_owner - - namespace = get_or_create_namespace || (render and return) - - @project = Gitlab::GitlabImport::ProjectCreator.new(repo, namespace, current_user).execute - end - - private - - def client - @client ||= Gitlab::GitlabImport::Client.new(current_user.gitlab_access_token) - end - - def verify_gitlab_import_enabled - not_found! unless gitlab_import_enabled? - end - - def gitlab_auth - if current_user.gitlab_access_token.blank? - go_to_gitlab_for_permissions - end - end - - def go_to_gitlab_for_permissions - redirect_to client.authorize_url(callback_import_gitlab_url) - end - - def gitlab_unauthorized - go_to_gitlab_for_permissions - end -end diff --git a/app/controllers/import/gitorious_controller.rb b/app/controllers/import/gitorious_controller.rb deleted file mode 100644 index 6067a87ee04..00000000000 --- a/app/controllers/import/gitorious_controller.rb +++ /dev/null @@ -1,43 +0,0 @@ -class Import::GitoriousController < Import::BaseController - - def new - redirect_to client.authorize_url(callback_import_gitorious_url) - end - - def callback - session[:gitorious_repos] = params[:repos] - redirect_to status_import_gitorious_url - end - - def status - @repos = client.repos - - @already_added_projects = current_user.created_projects.where(import_type: "gitorious") - already_added_projects_names = @already_added_projects.pluck(:import_source) - - @repos.reject! { |repo| already_added_projects_names.include? repo.full_name } - end - - def jobs - jobs = current_user.created_projects.where(import_type: "gitorious").to_json(only: [:id, :import_status]) - render json: jobs - end - - def create - @repo_id = params[:repo_id] - repo = client.repo(@repo_id) - @target_namespace = params[:new_namespace].presence || repo.namespace - @project_name = repo.name - - namespace = get_or_create_namespace || (render and return) - - @project = Gitlab::GitoriousImport::ProjectCreator.new(repo, namespace, current_user).execute - end - - private - - def client - @client ||= Gitlab::GitoriousImport::Client.new(session[:gitorious_repos]) - end - -end diff --git a/app/controllers/invites_controller.rb b/app/controllers/invites_controller.rb deleted file mode 100644 index 1f97ff16c55..00000000000 --- a/app/controllers/invites_controller.rb +++ /dev/null @@ -1,83 +0,0 @@ -class InvitesController < ApplicationController - before_filter :member - skip_before_filter :authenticate_user!, only: :decline - - respond_to :html - - layout 'navless' - - def show - - end - - def accept - if member.accept_invite!(current_user) - label, path = source_info(member.source) - - redirect_to path, notice: "You have been granted #{member.human_access} access to #{label}." - else - redirect_to :back, alert: "The invitation could not be accepted." - end - end - - def decline - if member.decline_invite! - label, _ = source_info(member.source) - - path = - if current_user - dashboard_path - else - new_user_session_path - end - - redirect_to path, notice: "You have declined the invitation to join #{label}." - else - redirect_to :back, alert: "The invitation could not be declined." - end - end - - private - - def member - return @member if defined?(@member) - - @token = params[:id] - @member = Member.find_by_invite_token(@token) - - unless @member - render_404 and return - end - - @member - end - - def authenticate_user! - return if current_user - - notice = "To accept this invitation, sign in" - notice << " or create an account" if current_application_settings.signup_enabled? - notice << "." - - store_location_for :user, request.fullpath - redirect_to new_user_session_path, notice: notice - end - - def source_info(source) - case source - when Project - project = member.source - label = "project #{project.name_with_namespace}" - path = namespace_project_path(project.namespace, project) - when Group - group = member.source - label = "group #{group.name}" - path = group_path(group) - else - label = "who knows what" - path = dashboard_path - end - - [label, path] - end -end diff --git a/app/controllers/namespaces_controller.rb b/app/controllers/namespaces_controller.rb deleted file mode 100644 index 386d103ee5a..00000000000 --- a/app/controllers/namespaces_controller.rb +++ /dev/null @@ -1,25 +0,0 @@ -class NamespacesController < ApplicationController - skip_before_filter :authenticate_user! - - def show - namespace = Namespace.find_by(path: params[:id]) - - if namespace - if namespace.is_a?(Group) - group = namespace - else - user = namespace.owner - end - end - - if user - redirect_to user_path(user) - elsif group && can?(current_user, :read_group, group) - redirect_to group_path(group) - elsif current_user.nil? - authenticate_user! - else - render_404 - end - end -end diff --git a/app/controllers/oauth/applications_controller.rb b/app/controllers/oauth/applications_controller.rb deleted file mode 100644 index efa291d9397..00000000000 --- a/app/controllers/oauth/applications_controller.rb +++ /dev/null @@ -1,39 +0,0 @@ -class Oauth::ApplicationsController < Doorkeeper::ApplicationsController - before_filter :authenticate_user! - layout "profile" - - def index - head :forbidden and return - end - - def create - @application = Doorkeeper::Application.new(application_params) - - @application.owner = current_user - - if @application.save - flash[:notice] = I18n.t(:notice, scope: [:doorkeeper, :flash, :applications, :create]) - redirect_to oauth_application_url(@application) - else - render :new - end - end - - def destroy - if @application.destroy - flash[:notice] = I18n.t(:notice, scope: [:doorkeeper, :flash, :applications, :destroy]) - end - - redirect_to applications_profile_url - end - - private - - def set_application - @application = current_user.oauth_applications.find(params[:id]) - end - - rescue_from ActiveRecord::RecordNotFound do |exception| - render "errors/not_found", layout: "errors", status: 404 - end -end diff --git a/app/controllers/oauth/authorizations_controller.rb b/app/controllers/oauth/authorizations_controller.rb deleted file mode 100644 index a57b4a60c24..00000000000 --- a/app/controllers/oauth/authorizations_controller.rb +++ /dev/null @@ -1,57 +0,0 @@ -class Oauth::AuthorizationsController < Doorkeeper::AuthorizationsController - before_filter :authenticate_resource_owner! - layout "profile" - - def new - if pre_auth.authorizable? - if skip_authorization? || matching_token? - auth = authorization.authorize - redirect_to auth.redirect_uri - else - render "doorkeeper/authorizations/new" - end - else - render "doorkeeper/authorizations/error" - end - end - - # TODO: Handle raise invalid authorization - def create - redirect_or_render authorization.authorize - end - - def destroy - redirect_or_render authorization.deny - end - - private - - def matching_token? - Doorkeeper::AccessToken.matching_token_for(pre_auth.client, - current_resource_owner.id, - pre_auth.scopes) - end - - def redirect_or_render(auth) - if auth.redirectable? - redirect_to auth.redirect_uri - else - render json: auth.body, status: auth.status - end - end - - def pre_auth - @pre_auth ||= - Doorkeeper::OAuth::PreAuthorization.new(Doorkeeper.configuration, - server.client_via_uid, - params) - end - - def authorization - @authorization ||= strategy.request - end - - def strategy - @strategy ||= server.authorization_request(pre_auth.response_type) - end -end diff --git a/app/controllers/oauth/authorized_applications_controller.rb b/app/controllers/oauth/authorized_applications_controller.rb deleted file mode 100644 index 0b27ce7da72..00000000000 --- a/app/controllers/oauth/authorized_applications_controller.rb +++ /dev/null @@ -1,8 +0,0 @@ -class Oauth::AuthorizedApplicationsController < Doorkeeper::AuthorizedApplicationsController - layout "profile" - - def destroy - Doorkeeper::AccessToken.revoke_all_for(params[:id], current_resource_owner) - redirect_to applications_profile_url, notice: I18n.t(:notice, scope: [:doorkeeper, :flash, :authorized_applications, :destroy]) - end -end diff --git a/app/controllers/omniauth_callbacks_controller.rb b/app/controllers/omniauth_callbacks_controller.rb deleted file mode 100644 index bb9d65c9ed6..00000000000 --- a/app/controllers/omniauth_callbacks_controller.rb +++ /dev/null @@ -1,76 +0,0 @@ -class OmniauthCallbacksController < Devise::OmniauthCallbacksController - Gitlab.config.omniauth.providers.each do |provider| - define_method provider['name'] do - handle_omniauth - end - end - - # Extend the standard message generation to accept our custom exception - def failure_message - exception = env["omniauth.error"] - error = exception.error_reason if exception.respond_to?(:error_reason) - error ||= exception.error if exception.respond_to?(:error) - error ||= exception.message if exception.respond_to?(:message) - error ||= env["omniauth.error.type"].to_s - error.to_s.humanize if error - end - - # We only find ourselves here - # if the authentication to LDAP was successful. - def ldap - @user = Gitlab::LDAP::User.new(oauth) - @user.save if @user.changed? # will also save new users - gl_user = @user.gl_user - gl_user.remember_me = true if @user.persisted? - - # Do additional LDAP checks for the user filter and EE features - if @user.allowed? - sign_in_and_redirect(gl_user) - else - flash[:alert] = "Access denied for your LDAP account." - redirect_to new_user_session_path - end - end - - def omniauth_error - @provider = params[:provider] - @error = params[:error] - render 'errors/omniauth_error', layout: "errors", status: 422 - end - - private - - def handle_omniauth - if current_user - # Add new authentication method - current_user.identities.find_or_create_by(extern_uid: oauth['uid'], provider: oauth['provider']) - redirect_to profile_account_path, notice: 'Authentication method updated' - else - @user = Gitlab::OAuth::User.new(oauth) - @user.save - - # Only allow properly saved users to login. - if @user.persisted? && @user.valid? - sign_in_and_redirect(@user.gl_user) - else - error_message = - if @user.gl_user.errors.any? - @user.gl_user.errors.map do |attribute, message| - "#{attribute} #{message}" - end.join(", ") - else - '' - end - - redirect_to omniauth_error_path(oauth['provider'], error: error_message) and return - end - end - rescue Gitlab::OAuth::ForbiddenAction => e - flash[:notice] = e.message - redirect_to new_user_session_path - end - - def oauth - @oauth ||= request.env['omniauth.auth'] - end -end diff --git a/app/controllers/passwords_controller.rb b/app/controllers/passwords_controller.rb deleted file mode 100644 index dcbbe5baa4b..00000000000 --- a/app/controllers/passwords_controller.rb +++ /dev/null @@ -1,18 +0,0 @@ -class PasswordsController < Devise::PasswordsController - - def create - email = resource_params[:email] - resource_found = resource_class.find_by_email(email) - if resource_found && resource_found.ldap_user? - flash[:alert] = "Cannot reset password for LDAP user." - respond_with({}, location: after_sending_reset_password_instructions_path_for(resource_name)) and return - end - - self.resource = resource_class.send_reset_password_instructions(resource_params) - if successfully_sent?(resource) - respond_with({}, location: after_sending_reset_password_instructions_path_for(resource_name)) - else - respond_with(resource) - end - end -end diff --git a/app/controllers/profiles/accounts_controller.rb b/app/controllers/profiles/accounts_controller.rb deleted file mode 100644 index 9bd34fe2261..00000000000 --- a/app/controllers/profiles/accounts_controller.rb +++ /dev/null @@ -1,13 +0,0 @@ -class Profiles::AccountsController < ApplicationController - layout "profile" - - def show - @user = current_user - end - - def unlink - provider = params[:provider] - current_user.identities.find_by(provider: provider).destroy - redirect_to profile_account_path - end -end diff --git a/app/controllers/profiles/avatars_controller.rb b/app/controllers/profiles/avatars_controller.rb deleted file mode 100644 index 57f3bbf0627..00000000000 --- a/app/controllers/profiles/avatars_controller.rb +++ /dev/null @@ -1,13 +0,0 @@ -class Profiles::AvatarsController < ApplicationController - layout "profile" - - def destroy - @user = current_user - @user.remove_avatar! - - @user.save - @user.reset_events_cache - - redirect_to profile_path - end -end diff --git a/app/controllers/profiles/emails_controller.rb b/app/controllers/profiles/emails_controller.rb deleted file mode 100644 index 954c98c0d9f..00000000000 --- a/app/controllers/profiles/emails_controller.rb +++ /dev/null @@ -1,37 +0,0 @@ -class Profiles::EmailsController < ApplicationController - layout "profile" - - def index - @primary = current_user.email - @public_email = current_user.public_email - @emails = current_user.emails - end - - def create - @email = current_user.emails.new(email_params) - - flash[:alert] = @email.errors.full_messages.first unless @email.save - - redirect_to profile_emails_url - end - - def destroy - @email = current_user.emails.find(params[:id]) - @email.destroy - - current_user.set_notification_email - current_user.set_public_email - current_user.save if current_user.notification_email_changed? or current_user.public_email_changed? - - respond_to do |format| - format.html { redirect_to profile_emails_url } - format.js { render nothing: true } - end - end - - private - - def email_params - params.require(:email).permit(:email) - end -end diff --git a/app/controllers/profiles/keys_controller.rb b/app/controllers/profiles/keys_controller.rb deleted file mode 100644 index 4e2bd0a9b4b..00000000000 --- a/app/controllers/profiles/keys_controller.rb +++ /dev/null @@ -1,61 +0,0 @@ -class Profiles::KeysController < ApplicationController - layout "profile" - skip_before_filter :authenticate_user!, only: [:get_keys] - - def index - @keys = current_user.keys - end - - def show - @key = current_user.keys.find(params[:id]) - end - - def new - @key = current_user.keys.new - end - - def create - @key = current_user.keys.new(key_params) - - if @key.save - redirect_to profile_key_path(@key) - else - render 'new' - end - end - - def destroy - @key = current_user.keys.find(params[:id]) - @key.destroy - - respond_to do |format| - format.html { redirect_to profile_keys_url } - format.js { render nothing: true } - end - end - - # Get all keys of a user(params[:username]) in a text format - # Helpful for sysadmins to put in respective servers - def get_keys - if params[:username].present? - begin - user = User.find_by_username(params[:username]) - if user.present? - render text: user.all_ssh_keys.join("\n"), content_type: "text/plain" - else - render_404 and return - end - rescue => e - render text: e.message - end - else - render_404 and return - end - end - - private - - def key_params - params.require(:key).permit(:title, :key) - end -end diff --git a/app/controllers/profiles/notifications_controller.rb b/app/controllers/profiles/notifications_controller.rb deleted file mode 100644 index 3fdcbbab61b..00000000000 --- a/app/controllers/profiles/notifications_controller.rb +++ /dev/null @@ -1,44 +0,0 @@ -class Profiles::NotificationsController < ApplicationController - layout 'profile' - - def show - @user = current_user - @notification = current_user.notification - @project_members = current_user.project_members - @group_members = current_user.group_members - end - - def update - type = params[:notification_type] - - @saved = if type == 'global' - current_user.update_attributes(user_params) - elsif type == 'group' - group_member = current_user.group_members.find(params[:notification_id]) - group_member.notification_level = params[:notification_level] - group_member.save - else - project_member = current_user.project_members.find(params[:notification_id]) - project_member.notification_level = params[:notification_level] - project_member.save - end - - respond_to do |format| - format.html do - if @saved - flash[:notice] = "Notification settings saved" - else - flash[:alert] = "Failed to save new settings" - end - - redirect_to :back - end - - format.js - end - end - - def user_params - params.require(:user).permit(:notification_email, :notification_level) - end -end diff --git a/app/controllers/profiles/passwords_controller.rb b/app/controllers/profiles/passwords_controller.rb deleted file mode 100644 index 0c614969a3f..00000000000 --- a/app/controllers/profiles/passwords_controller.rb +++ /dev/null @@ -1,88 +0,0 @@ -class Profiles::PasswordsController < ApplicationController - layout :determine_layout - - skip_before_filter :check_password_expiration, only: [:new, :create] - - before_filter :set_user - before_filter :set_title - before_filter :authorize_change_password! - - def new - end - - def create - unless @user.password_automatically_set || @user.valid_password?(user_params[:current_password]) - redirect_to new_profile_password_path, alert: 'You must provide a valid current password' - return - end - - new_password = user_params[:password] - new_password_confirmation = user_params[:password_confirmation] - - result = @user.update_attributes( - password: new_password, - password_confirmation: new_password_confirmation, - password_automatically_set: false - ) - - if result - @user.update_attributes(password_expires_at: nil) - redirect_to root_path, notice: 'Password successfully changed' - else - render :new - end - end - - def edit - end - - def update - password_attributes = user_params.select do |key, value| - %w(password password_confirmation).include?(key.to_s) - end - password_attributes[:password_automatically_set] = false - - unless @user.password_automatically_set || @user.valid_password?(user_params[:current_password]) - redirect_to edit_profile_password_path, alert: 'You must provide a valid current password' - return - end - - if @user.update_attributes(password_attributes) - flash[:notice] = "Password was successfully updated. Please login with it" - redirect_to new_user_session_path - else - render 'edit' - end - end - - def reset - current_user.send_reset_password_instructions - redirect_to edit_profile_password_path, notice: 'We sent you an email with reset password instructions' - end - - private - - def set_user - @user = current_user - end - - def set_title - @title = "New password" - end - - def determine_layout - if [:new, :create].include?(action_name.to_sym) - 'navless' - else - 'profile' - end - end - - def authorize_change_password! - return render_404 if @user.ldap_user? - end - - def user_params - params.require(:user).permit(:current_password, :password, :password_confirmation) - end -end diff --git a/app/controllers/profiles_controller.rb b/app/controllers/profiles_controller.rb deleted file mode 100644 index 7f76906066d..00000000000 --- a/app/controllers/profiles_controller.rb +++ /dev/null @@ -1,76 +0,0 @@ -class ProfilesController < ApplicationController - include ActionView::Helpers::SanitizeHelper - - before_filter :user - before_filter :authorize_change_username!, only: :update_username - skip_before_filter :require_email, only: [:show, :update] - - layout 'profile' - - def show - end - - def design - end - - def applications - @applications = current_user.oauth_applications - @authorized_tokens = current_user.oauth_authorized_tokens - @authorized_apps = @authorized_tokens.map(&:application).uniq - end - - def update - user_params.except!(:email) if @user.ldap_user? - - if @user.update_attributes(user_params) - flash[:notice] = "Profile was successfully updated" - else - messages = @user.errors.full_messages.uniq.join('. ') - flash[:alert] = "Failed to update profile. #{messages}" - end - - respond_to do |format| - format.html { redirect_to :back } - format.js - end - end - - def reset_private_token - if current_user.reset_authentication_token! - flash[:notice] = "Token was successfully updated" - end - - redirect_to profile_account_path - end - - def history - @events = current_user.recent_events.page(params[:page]).per(PER_PAGE) - end - - def update_username - @user.update_attributes(username: user_params[:username]) - - respond_to do |format| - format.js - end - end - - private - - def user - @user = current_user - end - - def authorize_change_username! - return render_404 unless @user.can_change_username? - end - - def user_params - params.require(:user).permit( - :email, :password, :password_confirmation, :bio, :name, - :username, :skype, :linkedin, :twitter, :website_url, - :color_scheme_id, :theme_id, :avatar, :hide_no_ssh_key, - :hide_no_password, :location, :public_email - ) - end -end diff --git a/app/controllers/projects/application_controller.rb b/app/controllers/projects/application_controller.rb deleted file mode 100644 index 4719933394f..00000000000 --- a/app/controllers/projects/application_controller.rb +++ /dev/null @@ -1,36 +0,0 @@ -class Projects::ApplicationController < ApplicationController - before_filter :project - before_filter :repository - layout :determine_layout - - def authenticate_user! - # Restrict access to Projects area only - # for non-signed users - if !current_user - id = params[:project_id] || params[:id] - project_with_namespace = "#{params[:namespace_id]}/#{id}" - @project = Project.find_with_namespace(project_with_namespace) - - return if @project && @project.public? - end - - super - end - - def determine_layout - if current_user - 'projects' - else - 'public_projects' - end - end - - def require_branch_head - unless @repository.branch_names.include?(@ref) - redirect_to( - namespace_project_tree_path(@project.namespace, @project, @ref), - notice: "This action is not allowed unless you are on top of a branch" - ) - end - end -end diff --git a/app/controllers/projects/avatars_controller.rb b/app/controllers/projects/avatars_controller.rb deleted file mode 100644 index a482b90880d..00000000000 --- a/app/controllers/projects/avatars_controller.rb +++ /dev/null @@ -1,29 +0,0 @@ -class Projects::AvatarsController < Projects::ApplicationController - layout 'project' - - before_filter :project - - def show - @blob = @project.repository.blob_at_branch('master', @project.avatar_in_git) - if @blob - headers['X-Content-Type-Options'] = 'nosniff' - send_data( - @blob.data, - type: @blob.mime_type, - disposition: 'inline', - filename: @blob.name - ) - else - not_found! - end - end - - def destroy - @project.remove_avatar! - - @project.save - @project.reset_events_cache - - redirect_to edit_project_path(@project) - end -end diff --git a/app/controllers/projects/blame_controller.rb b/app/controllers/projects/blame_controller.rb deleted file mode 100644 index a87b8270a22..00000000000 --- a/app/controllers/projects/blame_controller.rb +++ /dev/null @@ -1,13 +0,0 @@ -# Controller for viewing a file's blame -class Projects::BlameController < Projects::ApplicationController - include ExtractsPath - - before_filter :require_non_empty_project - before_filter :assign_ref_vars - before_filter :authorize_download_code! - - def show - @blame = Gitlab::Git::Blame.new(@repository, @commit.id, @path) - @blob = @blame.blob - end -end diff --git a/app/controllers/projects/blob_controller.rb b/app/controllers/projects/blob_controller.rb deleted file mode 100644 index 4b7eb4df298..00000000000 --- a/app/controllers/projects/blob_controller.rb +++ /dev/null @@ -1,163 +0,0 @@ -# Controller for viewing a file's blame -class Projects::BlobController < Projects::ApplicationController - include ExtractsPath - include ActionView::Helpers::SanitizeHelper - - # Raised when given an invalid file path - class InvalidPathError < StandardError; end - - before_filter :require_non_empty_project, except: [:new, :create] - before_filter :authorize_download_code! - before_filter :authorize_push_code!, only: [:destroy] - before_filter :assign_blob_vars - before_filter :commit, except: [:new, :create] - before_filter :blob, except: [:new, :create] - before_filter :from_merge_request, only: [:edit, :update] - before_filter :after_edit_path, only: [:edit, :update] - before_filter :require_branch_head, only: [:edit, :update] - - def new - commit unless @repository.empty? - end - - def create - file_path = File.join(@path, File.basename(params[:file_name])) - result = Files::CreateService.new( - @project, - current_user, - params.merge(new_branch: sanitized_new_branch_name), - @ref, - file_path - ).execute - - if result[:status] == :success - flash[:notice] = "Your changes have been successfully committed" - ref = sanitized_new_branch_name.presence || @ref - redirect_to namespace_project_blob_path(@project.namespace, @project, File.join(ref, file_path)) - else - flash[:alert] = result[:message] - render :new - end - end - - def show - end - - def edit - @last_commit = Gitlab::Git::Commit.last_for_path(@repository, @ref, @path).sha - end - - def update - result = Files::UpdateService. - new( - @project, - current_user, - params.merge(new_branch: sanitized_new_branch_name), - @ref, - @path - ).execute - - if result[:status] == :success - flash[:notice] = "Your changes have been successfully committed" - - if from_merge_request - from_merge_request.reload_code - end - - redirect_to after_edit_path - else - flash[:alert] = result[:message] - render :edit - end - end - - def preview - @content = params[:content] - diffy = Diffy::Diff.new(@blob.data, @content, diff: '-U 3', include_diff_info: true) - @diff_lines = Gitlab::Diff::Parser.new.parse(diffy.diff.scan(/.*\n/)) - - render layout: false - end - - def destroy - result = Files::DeleteService.new(@project, current_user, params, @ref, @path).execute - - if result[:status] == :success - flash[:notice] = "Your changes have been successfully committed" - redirect_to namespace_project_tree_path(@project.namespace, @project, - @ref) - else - flash[:alert] = result[:message] - render :show - end - end - - def diff - @form = UnfoldForm.new(params) - @lines = @blob.data.lines[@form.since - 1..@form.to - 1] - - if @form.bottom? - @match_line = '' - else - lines_length = @lines.length - 1 - line = [@form.since, lines_length].join(',') - @match_line = "@@ -#{line}+#{line} @@" - end - - render layout: false - end - - private - - def blob - @blob ||= @repository.blob_at(@commit.id, @path) - - if @blob - @blob - else - if tree = @repository.tree(@commit.id, @path) - if tree.entries.any? - redirect_to namespace_project_tree_path(@project.namespace, @project, File.join(@ref, @path)) and return - end - end - - return not_found! - end - end - - def commit - @commit = @repository.commit(@ref) - - return not_found! unless @commit - end - - def assign_blob_vars - @id = params[:id] - @ref, @path = extract_ref(@id) - - - rescue InvalidPathError - not_found! - end - - def after_edit_path - @after_edit_path ||= - if from_merge_request - diffs_namespace_project_merge_request_path(from_merge_request.target_project.namespace, from_merge_request.target_project, from_merge_request) + - "#file-path-#{hexdigest(@path)}" - elsif sanitized_new_branch_name.present? - namespace_project_blob_path(@project.namespace, @project, File.join(sanitized_new_branch_name, @path)) - else - namespace_project_blob_path(@project.namespace, @project, @id) - end - end - - def from_merge_request - # If blob edit was initiated from merge request page - @from_merge_request ||= MergeRequest.find_by(id: params[:from_merge_request_id]) - end - - def sanitized_new_branch_name - @new_branch ||= sanitize(strip_tags(params[:new_branch])) - end -end diff --git a/app/controllers/projects/branches_controller.rb b/app/controllers/projects/branches_controller.rb deleted file mode 100644 index f049e96e61d..00000000000 --- a/app/controllers/projects/branches_controller.rb +++ /dev/null @@ -1,46 +0,0 @@ -class Projects::BranchesController < Projects::ApplicationController - include ActionView::Helpers::SanitizeHelper - # Authorize - before_filter :require_non_empty_project - before_filter :authorize_download_code! - before_filter :authorize_push_code!, only: [:create, :destroy] - - def index - @sort = params[:sort] || 'name' - @branches = @repository.branches_sorted_by(@sort) - @branches = Kaminari.paginate_array(@branches).page(params[:page]).per(PER_PAGE) - end - - def recent - @branches = @repository.recent_branches - end - - def create - branch_name = sanitize(strip_tags(params[:branch_name])) - ref = sanitize(strip_tags(params[:ref])) - result = CreateBranchService.new(project, current_user). - execute(branch_name, ref) - - if result[:status] == :success - @branch = result[:branch] - redirect_to namespace_project_tree_path(@project.namespace, @project, - @branch.name) - else - @error = result[:message] - render action: 'new' - end - end - - def destroy - DeleteBranchService.new(project, current_user).execute(params[:id]) - @branch_name = params[:id] - - respond_to do |format| - format.html do - redirect_to namespace_project_branches_path(@project.namespace, - @project) - end - format.js - end - end -end diff --git a/app/controllers/projects/commit_controller.rb b/app/controllers/projects/commit_controller.rb deleted file mode 100644 index 87e39f1363a..00000000000 --- a/app/controllers/projects/commit_controller.rb +++ /dev/null @@ -1,41 +0,0 @@ -# Controller for a specific Commit -# -# Not to be confused with CommitsController, plural. -class Projects::CommitController < Projects::ApplicationController - # Authorize - before_filter :require_non_empty_project - before_filter :authorize_download_code! - before_filter :commit - - def show - return git_not_found! unless @commit - - @line_notes = @project.notes.for_commit_id(commit.id).inline - @diffs = @commit.diffs - @note = @project.build_commit_note(commit) - @notes_count = @project.notes.for_commit_id(commit.id).count - @notes = @project.notes.for_commit_id(@commit.id).not_inline.fresh - @noteable = @commit - @comments_allowed = @reply_allowed = true - @comments_target = { - noteable_type: 'Commit', - commit_id: @commit.id - } - - respond_to do |format| - format.html - format.diff { render text: @commit.to_diff } - format.patch { render text: @commit.to_patch } - end - end - - def branches - @branches = @project.repository.branch_names_contains(commit.id) - @tags = @project.repository.tag_names_contains(commit.id) - render layout: false - end - - def commit - @commit ||= @project.repository.commit(params[:id]) - end -end diff --git a/app/controllers/projects/commits_controller.rb b/app/controllers/projects/commits_controller.rb deleted file mode 100644 index 4b6ab437476..00000000000 --- a/app/controllers/projects/commits_controller.rb +++ /dev/null @@ -1,24 +0,0 @@ -require "base64" - -class Projects::CommitsController < Projects::ApplicationController - include ExtractsPath - - before_filter :require_non_empty_project - before_filter :assign_ref_vars - before_filter :authorize_download_code! - - def show - @repo = @project.repository - @limit, @offset = (params[:limit] || 40), (params[:offset] || 0) - - @commits = @repo.commits(@ref, @path, @limit, @offset) - @note_counts = Note.where(commit_id: @commits.map(&:id)). - group(:commit_id).count - - respond_to do |format| - format.html - format.json { pager_json("projects/commits/_commits", @commits.size) } - format.atom { render layout: false } - end - end -end diff --git a/app/controllers/projects/compare_controller.rb b/app/controllers/projects/compare_controller.rb deleted file mode 100644 index 146808fa562..00000000000 --- a/app/controllers/projects/compare_controller.rb +++ /dev/null @@ -1,31 +0,0 @@ -class Projects::CompareController < Projects::ApplicationController - # Authorize - before_filter :require_non_empty_project - before_filter :authorize_download_code! - - def index - end - - def show - base_ref = params[:from] - head_ref = params[:to] - - compare_result = CompareService.new.execute( - current_user, - @project, - head_ref, - @project, - base_ref - ) - - @commits = compare_result.commits - @diffs = compare_result.diffs - @commit = @commits.last - @line_notes = [] - end - - def create - redirect_to namespace_project_compare_path(@project.namespace, @project, - params[:from], params[:to]) - end -end diff --git a/app/controllers/projects/deploy_keys_controller.rb b/app/controllers/projects/deploy_keys_controller.rb deleted file mode 100644 index 6fba3ce299b..00000000000 --- a/app/controllers/projects/deploy_keys_controller.rb +++ /dev/null @@ -1,65 +0,0 @@ -class Projects::DeployKeysController < Projects::ApplicationController - respond_to :html - - # Authorize - before_filter :authorize_admin_project! - - layout "project_settings" - - def index - @enabled_keys = @project.deploy_keys - - @available_keys = accessible_keys - @enabled_keys - @available_project_keys = current_user.project_deploy_keys - @enabled_keys - @available_public_keys = DeployKey.are_public - @enabled_keys - - # Public keys that are already used by another accessible project are already - # in @available_project_keys. - @available_public_keys -= @available_project_keys - end - - def show - @key = @project.deploy_keys.find(params[:id]) - end - - def new - @key = @project.deploy_keys.new - - respond_with(@key) - end - - def create - @key = DeployKey.new(deploy_key_params) - - if @key.valid? && @project.deploy_keys << @key - redirect_to namespace_project_deploy_keys_path(@project.namespace, - @project) - else - render "new" - end - end - - def enable - @key = accessible_keys.find(params[:id]) - @project.deploy_keys << @key - - redirect_to namespace_project_deploy_keys_path(@project.namespace, - @project) - end - - def disable - @project.deploy_keys_projects.find_by(deploy_key_id: params[:id]).destroy - - redirect_to :back - end - - protected - - def accessible_keys - @accessible_keys ||= current_user.accessible_deploy_keys - end - - def deploy_key_params - params.require(:deploy_key).permit(:key, :title) - end -end diff --git a/app/controllers/projects/forks_controller.rb b/app/controllers/projects/forks_controller.rb deleted file mode 100644 index 21a151a426e..00000000000 --- a/app/controllers/projects/forks_controller.rb +++ /dev/null @@ -1,25 +0,0 @@ -class Projects::ForksController < Projects::ApplicationController - # Authorize - before_filter :require_non_empty_project - before_filter :authorize_download_code! - - def new - @namespaces = current_user.manageable_namespaces - @namespaces.delete(@project.namespace) - end - - def create - namespace = Namespace.find(params[:namespace_key]) - @forked_project = ::Projects::ForkService.new(project, current_user, namespace: namespace).execute - - if @forked_project.saved? && @forked_project.forked? - redirect_to( - namespace_project_path(@forked_project.namespace, @forked_project), - notice: 'Project was successfully forked.' - ) - else - @title = 'Fork project' - render :error - end - end -end diff --git a/app/controllers/projects/graphs_controller.rb b/app/controllers/projects/graphs_controller.rb deleted file mode 100644 index 6e54af356e0..00000000000 --- a/app/controllers/projects/graphs_controller.rb +++ /dev/null @@ -1,39 +0,0 @@ -class Projects::GraphsController < Projects::ApplicationController - # Authorize - before_filter :require_non_empty_project - before_filter :authorize_download_code! - - def show - respond_to do |format| - format.html - format.json do - fetch_graph - end - end - end - - def commits - @commits = @project.repository.commits(nil, nil, 2000, 0, true) - @commits_graph = Gitlab::Graphs::Commits.new(@commits) - @commits_per_week_days = @commits_graph.commits_per_week_days - @commits_per_time = @commits_graph.commits_per_time - @commits_per_month = @commits_graph.commits_per_month - end - - private - - def fetch_graph - @commits = @project.repository.commits(nil, nil, 6000, 0, true) - @log = [] - - @commits.each do |commit| - @log << { - author_name: commit.author_name, - author_email: commit.author_email, - date: commit.committed_date.strftime("%Y-%m-%d") - } - end - - render json: @log.to_json - end -end diff --git a/app/controllers/projects/hooks_controller.rb b/app/controllers/projects/hooks_controller.rb deleted file mode 100644 index ba95bb13e1f..00000000000 --- a/app/controllers/projects/hooks_controller.rb +++ /dev/null @@ -1,58 +0,0 @@ -class Projects::HooksController < Projects::ApplicationController - # Authorize - before_filter :authorize_admin_project! - - respond_to :html - - layout "project_settings" - - def index - @hooks = @project.hooks - @hook = ProjectHook.new - end - - def create - @hook = @project.hooks.new(hook_params) - @hook.save - - if @hook.valid? - redirect_to namespace_project_hooks_path(@project.namespace, @project) - else - @hooks = @project.hooks.select(&:persisted?) - render :index - end - end - - def test - if !@project.empty_repo? - status = TestHookService.new.execute(hook, current_user) - - if status - flash[:notice] = 'Hook successfully executed.' - else - flash[:alert] = 'Hook execution failed. '\ - 'Ensure hook URL is correct and service is up.' - end - else - flash[:alert] = 'Hook execution failed. Ensure the project has commits.' - end - - redirect_to :back - end - - def destroy - hook.destroy - - redirect_to namespace_project_hooks_path(@project.namespace, @project) - end - - private - - def hook - @hook ||= @project.hooks.find(params[:id]) - end - - def hook_params - params.require(:hook).permit(:url, :push_events, :issues_events, :merge_requests_events, :tag_push_events) - end -end diff --git a/app/controllers/projects/imports_controller.rb b/app/controllers/projects/imports_controller.rb deleted file mode 100644 index b64491b4666..00000000000 --- a/app/controllers/projects/imports_controller.rb +++ /dev/null @@ -1,51 +0,0 @@ -class Projects::ImportsController < Projects::ApplicationController - # Authorize - before_filter :authorize_admin_project! - before_filter :require_no_repo - before_filter :redirect_if_progress, except: :show - - def new - end - - def create - @project.import_url = params[:project][:import_url] - - if @project.save - @project.reload - - if @project.import_failed? - @project.import_retry - else - @project.import_start - end - end - - redirect_to namespace_project_import_path(@project.namespace, @project) - end - - def show - unless @project.import_in_progress? - if @project.import_finished? - redirect_to(project_path(@project)) and return - else - redirect_to new_namespace_project_import_path(@project.namespace, - @project) && return - end - end - end - - private - - def require_no_repo - if @project.repository_exists? && !@project.import_in_progress? - redirect_to(namespace_project_path(@project.namespace, @project)) and return - end - end - - def redirect_if_progress - if @project.import_in_progress? - redirect_to namespace_project_import_path(@project.namespace, @project) && - return - end - end -end diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb deleted file mode 100644 index 88302276b5e..00000000000 --- a/app/controllers/projects/issues_controller.rb +++ /dev/null @@ -1,159 +0,0 @@ -class Projects::IssuesController < Projects::ApplicationController - before_filter :module_enabled - before_filter :issue, only: [:edit, :update, :show, :toggle_subscription] - - # Allow read any issue - before_filter :authorize_read_issue! - - # Allow write(create) issue - before_filter :authorize_write_issue!, only: [:new, :create] - - # Allow modify issue - before_filter :authorize_modify_issue!, only: [:edit, :update] - - # Allow issues bulk update - before_filter :authorize_admin_issues!, only: [:bulk_update] - - respond_to :html - - def index - terms = params['issue_search'] - @issues = get_issues_collection - @issues = @issues.full_search(terms) if terms.present? - @issues = @issues.page(params[:page]).per(PER_PAGE) - - respond_to do |format| - format.html - format.atom { render layout: false } - format.json do - render json: { - html: view_to_html_string("projects/issues/_issues") - } - end - end - end - - def new - params[:issue] ||= ActionController::Parameters.new( - assignee_id: "" - ) - - @issue = @project.issues.new(issue_params) - respond_with(@issue) - end - - def edit - respond_with(@issue) - end - - def show - @note = @project.notes.new(noteable: @issue) - @notes = @issue.notes.inc_author.fresh - @noteable = @issue - - respond_with(@issue) - end - - def create - @issue = Issues::CreateService.new(project, current_user, issue_params).execute - - respond_to do |format| - format.html do - if @issue.valid? - redirect_to issue_path(@issue) - else - render :new - end - end - format.js do |format| - @link = @issue.attachment.url.to_js - end - end - end - - def update - @issue = Issues::UpdateService.new(project, current_user, issue_params).execute(issue) - - respond_to do |format| - format.js - format.html do - if @issue.valid? - redirect_to issue_path(@issue) - else - render :edit - end - end - format.json do - render json: { - saved: @issue.valid?, - assignee_avatar_url: @issue.assignee.try(:avatar_url) - } - end - end - end - - def bulk_update - result = Issues::BulkUpdateService.new(project, current_user, bulk_update_params).execute - redirect_to :back, notice: "#{result[:count]} issues updated" - end - - def toggle_subscription - @issue.toggle_subscription(current_user) - - render nothing: true - end - - protected - - def issue - @issue ||= begin - @project.issues.find_by!(iid: params[:id]) - rescue ActiveRecord::RecordNotFound - redirect_old - end - end - - def authorize_modify_issue! - return render_404 unless can?(current_user, :modify_issue, @issue) - end - - def authorize_admin_issues! - return render_404 unless can?(current_user, :admin_issue, @project) - end - - def module_enabled - return render_404 unless @project.issues_enabled - end - - # Since iids are implemented only in 6.1 - # user may navigate to issue page using old global ids. - # - # To prevent 404 errors we provide a redirect to correct iids until 7.0 release - # - def redirect_old - issue = @project.issues.find_by(id: params[:id]) - - if issue - redirect_to issue_path(issue) - return - else - raise ActiveRecord::RecordNotFound.new - end - end - - def issue_params - params.require(:issue).permit( - :title, :assignee_id, :position, :description, - :milestone_id, :state_event, :task_num, label_ids: [] - ) - end - - def bulk_update_params - params.require(:update).permit( - :issues_ids, - :assignee_id, - :milestone_id, - :state_event - ) - end -end diff --git a/app/controllers/projects/labels_controller.rb b/app/controllers/projects/labels_controller.rb deleted file mode 100644 index 207a01ed3b0..00000000000 --- a/app/controllers/projects/labels_controller.rb +++ /dev/null @@ -1,82 +0,0 @@ -class Projects::LabelsController < Projects::ApplicationController - before_filter :module_enabled - before_filter :label, only: [:edit, :update, :destroy] - before_filter :authorize_labels! - before_filter :authorize_admin_labels!, except: [:index] - - respond_to :js, :html - - def index - @labels = @project.labels.page(params[:page]).per(PER_PAGE) - end - - def new - @label = @project.labels.new - end - - def create - @label = @project.labels.create(label_params) - - if @label.valid? - redirect_to namespace_project_labels_path(@project.namespace, @project) - else - render 'new' - end - end - - def edit - end - - def update - if @label.update_attributes(label_params) - redirect_to namespace_project_labels_path(@project.namespace, @project) - else - render 'edit' - end - end - - def generate - Gitlab::IssuesLabels.generate(@project) - - if params[:redirect] == 'issues' - redirect_to namespace_project_issues_path(@project.namespace, @project) - elsif params[:redirect] == 'merge_requests' - redirect_to namespace_project_merge_requests_path(@project.namespace, - @project) - else - redirect_to namespace_project_labels_path(@project.namespace, @project) - end - end - - def destroy - @label.destroy - - respond_to do |format| - format.html do - redirect_to(namespace_project_labels_path(@project.namespace, @project), - notice: 'Label was removed') - end - format.js - end - end - - protected - - def module_enabled - unless @project.issues_enabled || @project.merge_requests_enabled - return render_404 - end - end - - def label_params - params.require(:label).permit(:title, :color) - end - - def label - @label = @project.labels.find(params[:id]) - end - - def authorize_admin_labels! - return render_404 unless can?(current_user, :admin_label, @project) - end -end diff --git a/app/controllers/projects/merge_requests_controller.rb b/app/controllers/projects/merge_requests_controller.rb deleted file mode 100644 index 47ce8467358..00000000000 --- a/app/controllers/projects/merge_requests_controller.rb +++ /dev/null @@ -1,270 +0,0 @@ -require 'gitlab/satellite/satellite' - -class Projects::MergeRequestsController < Projects::ApplicationController - before_filter :module_enabled - before_filter :merge_request, only: [:edit, :update, :show, :diffs, :automerge, :automerge_check, :ci_status, :toggle_subscription] - before_filter :closes_issues, only: [:edit, :update, :show, :diffs] - before_filter :validates_merge_request, only: [:show, :diffs] - before_filter :define_show_vars, only: [:show, :diffs] - - # Allow read any merge_request - before_filter :authorize_read_merge_request! - - # Allow write(create) merge_request - before_filter :authorize_write_merge_request!, only: [:new, :create] - - # Allow modify merge_request - before_filter :authorize_modify_merge_request!, only: [:close, :edit, :update, :sort] - - def index - terms = params['issue_search'] - @merge_requests = get_merge_requests_collection - @merge_requests = @merge_requests.full_search(terms) if terms.present? - @merge_requests = @merge_requests.page(params[:page]).per(PER_PAGE) - - respond_to do |format| - format.html - format.json do - render json: { - html: view_to_html_string("projects/merge_requests/_merge_requests") - } - end - end - end - - def show - @note_counts = Note.where(commit_id: @merge_request.commits.map(&:id)). - group(:commit_id).count - - respond_to do |format| - format.html - format.json { render json: @merge_request } - format.diff { render text: @merge_request.to_diff(current_user) } - format.patch { render text: @merge_request.to_patch(current_user) } - end - end - - def diffs - @commit = @merge_request.last_commit - @comments_allowed = @reply_allowed = true - @comments_target = { - noteable_type: 'MergeRequest', - noteable_id: @merge_request.id - } - @line_notes = @merge_request.notes.where("line_code is not null") - - respond_to do |format| - format.html - format.json { render json: { html: view_to_html_string("projects/merge_requests/show/_diffs") } } - end - end - - def new - params[:merge_request] ||= ActionController::Parameters.new(source_project: @project) - @merge_request = MergeRequests::BuildService.new(project, current_user, merge_request_params).execute - - @target_branches = if @merge_request.target_project - @merge_request.target_project.repository.branch_names - else - [] - end - - @target_project = merge_request.target_project - @source_project = merge_request.source_project - @commits = @merge_request.compare_commits - @commit = @merge_request.compare_commits.last - @diffs = @merge_request.compare_diffs - @note_counts = Note.where(commit_id: @commits.map(&:id)). - group(:commit_id).count - end - - def edit - @source_project = @merge_request.source_project - @target_project = @merge_request.target_project - @target_branches = @merge_request.target_project.repository.branch_names - end - - def create - @target_branches ||= [] - @merge_request = MergeRequests::CreateService.new(project, current_user, merge_request_params).execute - - if @merge_request.valid? - redirect_to(merge_request_path(@merge_request)) - else - @source_project = @merge_request.source_project - @target_project = @merge_request.target_project - render action: "new" - end - end - - def update - @merge_request = MergeRequests::UpdateService.new(project, current_user, merge_request_params).execute(@merge_request) - - if @merge_request.valid? - respond_to do |format| - format.js - format.html do - redirect_to([@merge_request.target_project.namespace.becomes(Namespace), - @merge_request.target_project, @merge_request]) - end - format.json do - render json: { - saved: @merge_request.valid?, - assignee_avatar_url: @merge_request.assignee.try(:avatar_url) - } - end - end - else - render "edit" - end - end - - def automerge_check - if @merge_request.unchecked? - @merge_request.check_if_can_be_merged - end - - render json: { merge_status: @merge_request.merge_status_name } - end - - def automerge - return access_denied! unless allowed_to_merge? - - if @merge_request.open? && @merge_request.can_be_merged? - AutoMergeWorker.perform_async(@merge_request.id, current_user.id, params) - @status = true - else - @status = false - end - end - - def branch_from - #This is always source - @source_project = @merge_request.nil? ? @project : @merge_request.source_project - @commit = @repository.commit(params[:ref]) if params[:ref].present? - end - - def branch_to - @target_project = selected_target_project - @commit = @target_project.repository.commit(params[:ref]) if params[:ref].present? - end - - def update_branches - @target_project = selected_target_project - @target_branches = @target_project.repository.branch_names - - respond_to do |format| - format.js - end - end - - def ci_status - ci_service = @merge_request.source_project.ci_service - status = ci_service.commit_status(merge_request.last_commit.sha, merge_request.source_branch) - - if ci_service.respond_to?(:commit_coverage) - coverage = ci_service.commit_coverage(merge_request.last_commit.sha, merge_request.source_branch) - end - - response = { - status: status, - coverage: coverage - } - - render json: response - end - - def toggle_subscription - @merge_request.toggle_subscription(current_user) - - render nothing: true - end - - protected - - def selected_target_project - if @project.id.to_s == params[:target_project_id] || @project.forked_project_link.nil? - @project - else - @project.forked_project_link.forked_from_project - end - end - - def merge_request - @merge_request ||= @project.merge_requests.find_by!(iid: params[:id]) - end - - def closes_issues - @closes_issues ||= @merge_request.closes_issues - end - - def authorize_modify_merge_request! - return render_404 unless can?(current_user, :modify_merge_request, @merge_request) - end - - def authorize_admin_merge_request! - return render_404 unless can?(current_user, :admin_merge_request, @merge_request) - end - - def module_enabled - return render_404 unless @project.merge_requests_enabled - end - - def validates_merge_request - # If source project was removed (Ex. mr from fork to origin) - return invalid_mr unless @merge_request.source_project - - # Show git not found page - # if there is no saved commits between source & target branch - if @merge_request.commits.blank? - # and if target branch doesn't exist - return invalid_mr unless @merge_request.target_branch_exists? - - # or if source branch doesn't exist - return invalid_mr unless @merge_request.source_branch_exists? - end - end - - def define_show_vars - # Build a note object for comment form - @note = @project.notes.new(noteable: @merge_request) - @notes = @merge_request.mr_and_commit_notes.inc_author.fresh - @discussions = Note.discussions_from_notes(@notes) - @noteable = @merge_request - - # Get commits from repository - # or from cache if already merged - @commits = @merge_request.commits - - @merge_request_diff = @merge_request.merge_request_diff - @allowed_to_merge = allowed_to_merge? - @show_merge_controls = @merge_request.open? && @commits.any? && @allowed_to_merge - @source_branch = @merge_request.source_project.repository.find_branch(@merge_request.source_branch).try(:name) - - if @merge_request.locked_long_ago? - @merge_request.unlock_mr - @merge_request.close - end - end - - def allowed_to_merge? - allowed_to_push_code?(project, @merge_request.target_branch) - end - - def invalid_mr - # Render special view for MR with removed source or target branch - render 'invalid' - end - - def allowed_to_push_code?(project, branch) - ::Gitlab::GitAccess.new(current_user, project).can_push_to_branch?(branch) - end - - def merge_request_params - params.require(:merge_request).permit( - :title, :assignee_id, :source_project_id, :source_branch, - :target_project_id, :target_branch, :milestone_id, - :state_event, :description, :task_num, label_ids: [] - ) - end -end diff --git a/app/controllers/projects/milestones_controller.rb b/app/controllers/projects/milestones_controller.rb deleted file mode 100644 index b49b549547a..00000000000 --- a/app/controllers/projects/milestones_controller.rb +++ /dev/null @@ -1,116 +0,0 @@ -class Projects::MilestonesController < Projects::ApplicationController - before_filter :module_enabled - before_filter :milestone, only: [:edit, :update, :destroy, :show, :sort_issues, :sort_merge_requests] - - # Allow read any milestone - before_filter :authorize_read_milestone! - - # Allow admin milestone - before_filter :authorize_admin_milestone!, except: [:index, :show] - - respond_to :html - - def index - @milestones = case params[:state] - when 'all'; @project.milestones.order("state, due_date DESC") - when 'closed'; @project.milestones.closed.order("due_date DESC") - else @project.milestones.active.order("due_date ASC") - end - - @milestones = @milestones.includes(:project) - @milestones = @milestones.page(params[:page]).per(PER_PAGE) - end - - def new - @milestone = @project.milestones.new - respond_with(@milestone) - end - - def edit - respond_with(@milestone) - end - - def show - @issues = @milestone.issues - @users = @milestone.participants.uniq - @merge_requests = @milestone.merge_requests - end - - def create - @milestone = Milestones::CreateService.new(project, current_user, milestone_params).execute - - if @milestone.save - redirect_to namespace_project_milestone_path(@project.namespace, - @project, @milestone) - else - render "new" - end - end - - def update - @milestone = Milestones::UpdateService.new(project, current_user, milestone_params).execute(milestone) - - respond_to do |format| - format.js - format.html do - if @milestone.valid? - redirect_to namespace_project_milestone_path(@project.namespace, - @project, @milestone) - else - render :edit - end - end - end - end - - def destroy - return access_denied! unless can?(current_user, :admin_milestone, @milestone) - - @milestone.destroy - - respond_to do |format| - format.html { redirect_to namespace_project_milestones_path } - format.js { render nothing: true } - end - end - - def sort_issues - @issues = @milestone.issues.where(id: params['sortable_issue']) - @issues.each do |issue| - issue.position = params['sortable_issue'].index(issue.id.to_s) + 1 - issue.save - end - - render json: { saved: true } - end - - def sort_merge_requests - @merge_requests = @milestone.merge_requests.where(id: params['sortable_merge_request']) - @merge_requests.each do |merge_request| - merge_request.position = params['sortable_merge_request'].index(merge_request.id.to_s) + 1 - merge_request.save - end - - render json: { saved: true } - end - - protected - - def milestone - @milestone ||= @project.milestones.find_by!(iid: params[:id]) - end - - def authorize_admin_milestone! - return render_404 unless can?(current_user, :admin_milestone, @project) - end - - def module_enabled - unless @project.issues_enabled || @project.merge_requests_enabled - return render_404 - end - end - - def milestone_params - params.require(:milestone).permit(:title, :description, :due_date, :state_event) - end -end diff --git a/app/controllers/projects/network_controller.rb b/app/controllers/projects/network_controller.rb deleted file mode 100644 index 83d1c1dacae..00000000000 --- a/app/controllers/projects/network_controller.rb +++ /dev/null @@ -1,18 +0,0 @@ -class Projects::NetworkController < Projects::ApplicationController - include ExtractsPath - include ApplicationHelper - - before_filter :require_non_empty_project - before_filter :assign_ref_vars - before_filter :authorize_download_code! - - def show - respond_to do |format| - format.html - - format.json do - @graph = Network::Graph.new(project, @ref, @commit, @options[:filter_ref]) - end - end - end -end diff --git a/app/controllers/projects/notes_controller.rb b/app/controllers/projects/notes_controller.rb deleted file mode 100644 index 868629a0bc4..00000000000 --- a/app/controllers/projects/notes_controller.rb +++ /dev/null @@ -1,125 +0,0 @@ -class Projects::NotesController < Projects::ApplicationController - # Authorize - before_filter :authorize_read_note! - before_filter :authorize_write_note!, only: [:create] - before_filter :authorize_admin_note!, only: [:update, :destroy] - before_filter :find_current_user_notes, except: [:destroy, :delete_attachment] - - def index - current_fetched_at = Time.now.to_i - - notes_json = { notes: [], last_fetched_at: current_fetched_at } - - @notes.each do |note| - notes_json[:notes] << { - id: note.id, - html: note_to_html(note) - } - end - - render json: notes_json - end - - def create - @note = Notes::CreateService.new(project, current_user, note_params).execute - - respond_to do |format| - format.json { render_note_json(@note) } - format.html { redirect_to :back } - end - end - - def update - if note.editable? - note.update_attributes(note_params) - note.reset_events_cache - end - - respond_to do |format| - format.json { render_note_json(note) } - format.html { redirect_to :back } - end - end - - def destroy - if note.editable? - note.destroy - note.reset_events_cache - end - - respond_to do |format| - format.js { render nothing: true } - end - end - - def delete_attachment - note.remove_attachment! - note.update_attribute(:attachment, nil) - - respond_to do |format| - format.js { render nothing: true } - end - end - - private - - def note - @note ||= @project.notes.find(params[:id]) - end - - def note_to_html(note) - render_to_string( - "projects/notes/_note", - layout: false, - formats: [:html], - locals: { note: note } - ) - end - - def note_to_discussion_html(note) - render_to_string( - "projects/notes/_diff_notes_with_reply", - layout: false, - formats: [:html], - locals: { notes: [note] } - ) - end - - def note_to_discussion_with_diff_html(note) - return unless note.for_diff_line? - - render_to_string( - "projects/notes/_discussion", - layout: false, - formats: [:html], - locals: { discussion_notes: [note] } - ) - end - - def render_note_json(note) - render json: { - id: note.id, - discussion_id: note.discussion_id, - html: note_to_html(note), - discussion_html: note_to_discussion_html(note), - discussion_with_diff_html: note_to_discussion_with_diff_html(note) - } - end - - def authorize_admin_note! - return access_denied! unless can?(current_user, :admin_note, note) - end - - def note_params - params.require(:note).permit( - :note, :noteable, :noteable_id, :noteable_type, :project_id, - :attachment, :line_code, :commit_id - ) - end - - private - - def find_current_user_notes - @notes = NotesFinder.new.execute(project, current_user, params) - end -end diff --git a/app/controllers/projects/project_members_controller.rb b/app/controllers/projects/project_members_controller.rb deleted file mode 100644 index 72967a26ff1..00000000000 --- a/app/controllers/projects/project_members_controller.rb +++ /dev/null @@ -1,98 +0,0 @@ -class Projects::ProjectMembersController < Projects::ApplicationController - # Authorize - before_filter :authorize_admin_project!, except: :leave - - layout "project_settings" - - def index - @project_members = @project.project_members - @project_members = @project_members.non_invite unless can?(current_user, :admin_project, @project) - - if params[:search].present? - users = @project.users.search(params[:search]).to_a - @project_members = @project_members.where(user_id: users) - end - - @project_members = @project_members.order('access_level DESC') - - @group = @project.group - if @group - @group_members = @group.group_members - @group_members = @group_members.non_invite unless can?(current_user, :admin_group, @group) - - if params[:search].present? - users = @group.users.search(params[:search]).to_a - @group_members = @group_members.where(user_id: users) - end - - @group_members = @group_members.order('access_level DESC').limit(20) - end - - @project_member = @project.project_members.new - end - - def new - @project_member = @project.project_members.new - end - - def create - @project.team.add_users(params[:user_ids].split(','), params[:access_level], current_user) - - redirect_to namespace_project_project_members_path(@project.namespace, @project) - end - - def update - @project_member = @project.project_members.find(params[:id]) - @project_member.update_attributes(member_params) - end - - def destroy - @project_member = @project.project_members.find(params[:id]) - @project_member.destroy - - respond_to do |format| - format.html do - redirect_to namespace_project_project_members_path(@project.namespace, @project) - end - format.js { render nothing: true } - end - end - - def resend_invite - redirect_path = namespace_project_project_members_path(@project.namespace, @project) - - @project_member = @project.project_members.find(params[:id]) - - if @project_member.invite? - @project_member.resend_invite - - redirect_to redirect_path, notice: 'The invitation was successfully resent.' - else - redirect_to redirect_path, alert: 'The invitation has already been accepted.' - end - end - - def leave - @project.project_members.find_by(user_id: current_user).destroy - - respond_to do |format| - format.html { redirect_to :back } - format.js { render nothing: true } - end - end - - def apply_import - giver = Project.find(params[:source_project_id]) - status = @project.team.import(giver, current_user) - notice = status ? "Successfully imported" : "Import failed" - - redirect_to(namespace_project_project_members_path(project.namespace, project), - notice: notice) - end - - protected - - def member_params - params.require(:project_member).permit(:user_id, :access_level) - end -end diff --git a/app/controllers/projects/protected_branches_controller.rb b/app/controllers/projects/protected_branches_controller.rb deleted file mode 100644 index ac36ac6fcd3..00000000000 --- a/app/controllers/projects/protected_branches_controller.rb +++ /dev/null @@ -1,51 +0,0 @@ -class Projects::ProtectedBranchesController < Projects::ApplicationController - # Authorize - before_filter :require_non_empty_project - before_filter :authorize_admin_project! - - layout "project_settings" - - def index - @branches = @project.protected_branches.to_a - @protected_branch = @project.protected_branches.new - end - - def create - @project.protected_branches.create(protected_branch_params) - redirect_to namespace_project_protected_branches_path(@project.namespace, - @project) - end - - def update - protected_branch = @project.protected_branches.find(params[:id]) - - if protected_branch && - protected_branch.update_attributes( - developers_can_push: params[:developers_can_push] - ) - - respond_to do |format| - format.json { render json: protected_branch, status: :ok } - end - else - respond_to do |format| - format.json { render json: protected_branch.errors, status: :unprocessable_entity } - end - end - end - - def destroy - @project.protected_branches.find(params[:id]).destroy - - respond_to do |format| - format.html { redirect_to namespace_project_protected_branches_path } - format.js { render nothing: true } - end - end - - private - - def protected_branch_params - params.require(:protected_branch).permit(:name, :developers_can_push) - end -end diff --git a/app/controllers/projects/raw_controller.rb b/app/controllers/projects/raw_controller.rb deleted file mode 100644 index b1a029ce696..00000000000 --- a/app/controllers/projects/raw_controller.rb +++ /dev/null @@ -1,37 +0,0 @@ -# Controller for viewing a file's raw -class Projects::RawController < Projects::ApplicationController - include ExtractsPath - - before_filter :require_non_empty_project - before_filter :assign_ref_vars - before_filter :authorize_download_code! - - def show - @blob = @repository.blob_at(@commit.id, @path) - - if @blob - type = get_blob_type - - headers['X-Content-Type-Options'] = 'nosniff' - - send_data( - @blob.data, - type: type, - disposition: 'inline', - filename: @blob.name - ) - else - not_found! - end - end - - private - - def get_blob_type - if @blob.text? - 'text/plain; charset=utf-8' - else - 'application/octet-stream' - end - end -end diff --git a/app/controllers/projects/refs_controller.rb b/app/controllers/projects/refs_controller.rb deleted file mode 100644 index ec3b2b8d75a..00000000000 --- a/app/controllers/projects/refs_controller.rb +++ /dev/null @@ -1,64 +0,0 @@ -class Projects::RefsController < Projects::ApplicationController - include ExtractsPath - - before_filter :require_non_empty_project - before_filter :assign_ref_vars - before_filter :authorize_download_code! - - def switch - respond_to do |format| - format.html do - new_path = if params[:destination] == "tree" - namespace_project_tree_path(@project.namespace, @project, - (@id)) - elsif params[:destination] == "blob" - namespace_project_blob_path(@project.namespace, @project, - (@id)) - elsif params[:destination] == "graph" - namespace_project_network_path(@project.namespace, @project, @id, @options) - else - namespace_project_commits_path(@project.namespace, @project, @id) - end - - redirect_to new_path - end - format.js do - @ref = params[:ref] - define_tree_vars - tree - render "tree" - end - end - end - - def logs_tree - @offset = if params[:offset].present? - params[:offset].to_i - else - 0 - end - - @limit = 25 - - @path = params[:path] - - contents = [] - contents.push(*tree.trees) - contents.push(*tree.blobs) - contents.push(*tree.submodules) - - @logs = contents[@offset, @limit].to_a.map do |content| - file = @path ? File.join(@path, content.name) : content.name - last_commit = @repo.last_commit_for_path(@commit.id, file) - { - file_name: content.name, - commit: last_commit - } - end - - respond_to do |format| - format.html { render_404 } - format.js - end - end -end diff --git a/app/controllers/projects/repositories_controller.rb b/app/controllers/projects/repositories_controller.rb deleted file mode 100644 index 96defb0c721..00000000000 --- a/app/controllers/projects/repositories_controller.rb +++ /dev/null @@ -1,28 +0,0 @@ -class Projects::RepositoriesController < Projects::ApplicationController - # Authorize - before_filter :require_non_empty_project, except: :create - before_filter :authorize_download_code! - before_filter :authorize_admin_project!, only: :create - - def create - @project.create_repository - - redirect_to project_path(@project) - end - - def archive - begin - file_path = ArchiveRepositoryService.new(@project, params[:ref], params[:format]).execute - rescue - return head :not_found - end - - if file_path - # Send file to user - response.headers["Content-Length"] = File.open(file_path).size.to_s - send_file file_path - else - redirect_to request.fullpath - end - end -end diff --git a/app/controllers/projects/services_controller.rb b/app/controllers/projects/services_controller.rb deleted file mode 100644 index 9a484c109ba..00000000000 --- a/app/controllers/projects/services_controller.rb +++ /dev/null @@ -1,59 +0,0 @@ -class Projects::ServicesController < Projects::ApplicationController - # Authorize - before_filter :authorize_admin_project! - before_filter :service, only: [:edit, :update, :test] - - respond_to :html - - layout "project_settings" - - def index - @project.build_missing_services - @services = @project.services.visible.reload - end - - def edit - end - - def update - if @service.update_attributes(service_params) - redirect_to( - edit_namespace_project_service_path(@project.namespace, @project, - @service.to_param, notice: - 'Successfully updated.') - ) - else - render 'edit' - end - end - - def test - data = Gitlab::PushDataBuilder.build_sample(project, current_user) - if @service.execute(data) - message = { notice: 'We sent a request to the provided URL' } - else - message = { alert: 'We tried to send a request to the provided URL but an error occured' } - end - - redirect_to :back, message - end - - private - - def service - @service ||= @project.services.find { |service| service.to_param == params[:id] } - end - - def service_params - params.require(:service).permit( - :title, :token, :type, :active, :api_key, :subdomain, - :room, :recipients, :project_url, :webhook, - :user_key, :device, :priority, :sound, :bamboo_url, :username, :password, - :build_key, :server, :teamcity_url, :build_type, - :description, :issues_url, :new_issue_url, :restrict_to_branch, :channel, - :colorize_messages, :channels, - :push_events, :issues_events, :merge_requests_events, :tag_push_events, - :note_events, :send_from_committer_email, :disable_diffs, :external_wiki_url - ) - end -end diff --git a/app/controllers/projects/snippets_controller.rb b/app/controllers/projects/snippets_controller.rb deleted file mode 100644 index ed268400373..00000000000 --- a/app/controllers/projects/snippets_controller.rb +++ /dev/null @@ -1,93 +0,0 @@ -class Projects::SnippetsController < Projects::ApplicationController - before_filter :module_enabled - before_filter :snippet, only: [:show, :edit, :destroy, :update, :raw] - - # Allow read any snippet - before_filter :authorize_read_project_snippet! - - # Allow write(create) snippet - before_filter :authorize_write_project_snippet!, only: [:new, :create] - - # Allow modify snippet - before_filter :authorize_modify_project_snippet!, only: [:edit, :update] - - # Allow destroy snippet - before_filter :authorize_admin_project_snippet!, only: [:destroy] - - respond_to :html - - def index - @snippets = SnippetsFinder.new.execute(current_user, { - filter: :by_project, - project: @project - }) - end - - def new - @snippet = @project.snippets.build - end - - def create - @snippet = CreateSnippetService.new(@project, current_user, - snippet_params).execute - respond_with(@snippet, - location: namespace_project_snippet_path(@project.namespace, - @project, @snippet)) - end - - def edit - end - - def update - UpdateSnippetService.new(project, current_user, @snippet, - snippet_params).execute - respond_with(@snippet, - location: namespace_project_snippet_path(@project.namespace, - @project, @snippet)) - end - - def show - @note = @project.notes.new(noteable: @snippet) - @notes = @snippet.notes.fresh - @noteable = @snippet - end - - def destroy - return access_denied! unless can?(current_user, :admin_project_snippet, @snippet) - - @snippet.destroy - - redirect_to namespace_project_snippets_path(@project.namespace, @project) - end - - def raw - send_data( - @snippet.content, - type: 'text/plain; charset=utf-8', - disposition: 'inline', - filename: @snippet.sanitized_file_name - ) - end - - protected - - def snippet - @snippet ||= @project.snippets.find(params[:id]) - end - - def authorize_modify_project_snippet! - return render_404 unless can?(current_user, :modify_project_snippet, @snippet) - end - - def authorize_admin_project_snippet! - return render_404 unless can?(current_user, :admin_project_snippet, @snippet) - end - - def module_enabled - return render_404 unless @project.snippets_enabled - end - - def snippet_params - params.require(:project_snippet).permit(:title, :content, :file_name, :private, :visibility_level) - end -end diff --git a/app/controllers/projects/tags_controller.rb b/app/controllers/projects/tags_controller.rb deleted file mode 100644 index 83f4937bce3..00000000000 --- a/app/controllers/projects/tags_controller.rb +++ /dev/null @@ -1,37 +0,0 @@ -class Projects::TagsController < Projects::ApplicationController - # Authorize - before_filter :require_non_empty_project - before_filter :authorize_download_code! - before_filter :authorize_push_code!, only: [:create] - before_filter :authorize_admin_project!, only: [:destroy] - - def index - sorted = VersionSorter.rsort(@repository.tag_names) - @tags = Kaminari.paginate_array(sorted).page(params[:page]).per(PER_PAGE) - end - - def create - result = CreateTagService.new(@project, current_user). - execute(params[:tag_name], params[:ref], params[:message]) - - if result[:status] == :success - @tag = result[:tag] - redirect_to namespace_project_tags_path(@project.namespace, @project) - else - @error = result[:message] - render action: 'new' - end - end - - def destroy - DeleteTagService.new(project, current_user).execute(params[:id]) - - respond_to do |format| - format.html do - redirect_to namespace_project_tags_path(@project.namespace, - @project) - end - format.js - end - end -end diff --git a/app/controllers/projects/tree_controller.rb b/app/controllers/projects/tree_controller.rb deleted file mode 100644 index b23010bf595..00000000000 --- a/app/controllers/projects/tree_controller.rb +++ /dev/null @@ -1,27 +0,0 @@ -# Controller for viewing a repository's file structure -class Projects::TreeController < Projects::ApplicationController - include ExtractsPath - - before_filter :require_non_empty_project, except: [:new, :create] - before_filter :assign_ref_vars - before_filter :authorize_download_code! - - def show - if tree.entries.empty? - if @repository.blob_at(@commit.id, @path) - redirect_to( - namespace_project_blob_path(@project.namespace, @project, - File.join(@ref, @path)) - ) and return - else - return not_found! - end - end - - respond_to do |format| - format.html - # Disable cache so browser history works - format.js { no_cache_headers } - end - end -end diff --git a/app/controllers/projects/wikis_controller.rb b/app/controllers/projects/wikis_controller.rb deleted file mode 100644 index aeb7f0699f5..00000000000 --- a/app/controllers/projects/wikis_controller.rb +++ /dev/null @@ -1,123 +0,0 @@ -require 'project_wiki' - -class Projects::WikisController < Projects::ApplicationController - before_filter :authorize_read_wiki! - before_filter :authorize_write_wiki!, only: [:edit, :create, :history] - before_filter :authorize_admin_wiki!, only: :destroy - before_filter :load_project_wiki - include WikiHelper - - def pages - @wiki_pages = Kaminari.paginate_array(@project_wiki.pages).page(params[:page]).per(PER_PAGE) - end - - def show - @page = @project_wiki.find_page(params[:id], params[:version_id]) - - if @page - render 'show' - elsif file = @project_wiki.find_file(params[:id], params[:version_id]) - if file.on_disk? - send_file file.on_disk_path, disposition: 'inline' - else - send_data( - file.raw_data, - type: file.mime_type, - disposition: 'inline', - filename: file.name - ) - end - else - return render('empty') unless can?(current_user, :write_wiki, @project) - @page = WikiPage.new(@project_wiki) - @page.title = params[:id] - - render 'edit' - end - end - - def edit - @page = @project_wiki.find_page(params[:id]) - end - - def update - @page = @project_wiki.find_page(params[:id]) - - return render('empty') unless can?(current_user, :write_wiki, @project) - - if @page.update(content, format, message) - redirect_to( - namespace_project_wiki_path(@project.namespace, @project, @page), - notice: 'Wiki was successfully updated.' - ) - else - render 'edit' - end - end - - def create - @page = WikiPage.new(@project_wiki) - - if @page.create(wiki_params) - redirect_to( - namespace_project_wiki_path(@project.namespace, @project, @page), - notice: 'Wiki was successfully updated.' - ) - else - render action: "edit" - end - end - - def history - @page = @project_wiki.find_page(params[:id]) - - unless @page - redirect_to( - namespace_project_wiki_path(@project.namespace, @project, :home), - notice: "Page not found" - ) - end - end - - def destroy - @page = @project_wiki.find_page(params[:id]) - @page.delete if @page - - redirect_to( - namespace_project_wiki_path(@project.namespace, @project, :home), - notice: "Page was successfully deleted" - ) - end - - def git_access - end - - private - - def load_project_wiki - @project_wiki = ProjectWiki.new(@project, current_user) - - # Call #wiki to make sure the Wiki Repo is initialized - @project_wiki.wiki - rescue ProjectWiki::CouldNotCreateWikiError => ex - flash[:notice] = "Could not create Wiki Repository at this time. Please try again later." - redirect_to project_path(@project) - return false - end - - def wiki_params - params[:wiki].slice(:title, :content, :format, :message) - end - - def content - params[:wiki][:content] - end - - def format - params[:wiki][:format] - end - - def message - params[:wiki][:message] - end -end diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb deleted file mode 100644 index 0f28794b736..00000000000 --- a/app/controllers/projects_controller.rb +++ /dev/null @@ -1,198 +0,0 @@ -class ProjectsController < ApplicationController - prepend_before_filter :render_go_import, only: [:show] - skip_before_filter :authenticate_user!, only: [:show] - before_filter :project, except: [:new, :create] - before_filter :repository, except: [:new, :create] - - # Authorize - before_filter :authorize_admin_project!, only: [:edit, :update, :destroy, :transfer, :archive, :unarchive] - before_filter :set_title, only: [:new, :create] - before_filter :event_filter, only: :show - - layout 'navless', only: [:new, :create, :fork] - - def new - @project = Project.new - end - - def edit - render 'edit', layout: 'project_settings' - end - - def create - @project = ::Projects::CreateService.new(current_user, project_params).execute - - if @project.saved? - redirect_to( - project_path(@project), - notice: 'Project was successfully created.' - ) - else - render 'new' - end - end - - def update - status = ::Projects::UpdateService.new(@project, current_user, project_params).execute - - respond_to do |format| - if status - flash[:notice] = 'Project was successfully updated.' - format.html do - redirect_to( - edit_project_path(@project), - notice: 'Project was successfully updated.' - ) - end - format.js - else - format.html { render 'edit', layout: 'project_settings' } - format.js - end - end - end - - def transfer - transfer_params = params.permit(:new_namespace_id) - ::Projects::TransferService.new(project, current_user, transfer_params).execute - if @project.errors[:namespace_id].present? - flash[:alert] = @project.errors[:namespace_id].first - end - end - - def show - if @project.import_in_progress? - redirect_to namespace_project_import_path(@project.namespace, @project) - return - end - - limit = (params[:limit] || 20).to_i - - @show_star = !(current_user && current_user.starred?(@project)) - - respond_to do |format| - format.html do - if @project.repository_exists? - if @project.empty_repo? - render 'projects/empty', layout: user_layout - else - @last_push = current_user.recent_push(@project.id) if current_user - render :show, layout: user_layout - end - else - render 'projects/no_repo', layout: user_layout - end - end - - format.json do - @events = @project.events.recent - @events = event_filter.apply_filter(@events).with_associations - @events = @events.limit(limit).offset(params[:offset] || 0) - pager_json('events/_events', @events.count) - end - end - end - - def destroy - return access_denied! unless can?(current_user, :remove_project, @project) - - ::Projects::DestroyService.new(@project, current_user, {}).execute - - respond_to do |format| - format.html do - flash[:alert] = 'Project deleted.' - - if request.referer.include?('/admin') - redirect_to admin_namespaces_projects_path - else - redirect_to dashboard_path - end - end - end - end - - def autocomplete_sources - note_type = params['type'] - note_id = params['type_id'] - autocomplete = ::Projects::AutocompleteService.new(@project) - participants = ::Projects::ParticipantsService.new(@project, current_user).execute(note_type, note_id) - - @suggestions = { - emojis: autocomplete_emojis, - issues: autocomplete.issues, - mergerequests: autocomplete.merge_requests, - members: participants - } - - respond_to do |format| - format.json { render json: @suggestions } - end - end - - def archive - return access_denied! unless can?(current_user, :archive_project, @project) - @project.archive! - - respond_to do |format| - format.html { redirect_to project_path(@project) } - end - end - - def unarchive - return access_denied! unless can?(current_user, :archive_project, @project) - @project.unarchive! - - respond_to do |format| - format.html { redirect_to project_path(@project) } - end - end - - def toggle_star - current_user.toggle_star(@project) - @project.reload - render json: { star_count: @project.star_count } - end - - def markdown_preview - render text: view_context.markdown(params[:md_text]) - end - - private - - def set_title - @title = 'New Project' - end - - def user_layout - current_user ? 'projects' : 'public_projects' - end - - def project_params - params.require(:project).permit( - :name, :path, :description, :issues_tracker, :tag_list, - :issues_enabled, :merge_requests_enabled, :snippets_enabled, :issues_tracker_id, :default_branch, - :wiki_enabled, :visibility_level, :import_url, :last_activity_at, :namespace_id, :avatar - ) - end - - def autocomplete_emojis - Rails.cache.fetch("autocomplete-emoji-#{Gemojione::VERSION}") do - Emoji.emojis.map do |name, emoji| - { - name: name, - path: view_context.image_url("emoji/#{emoji["unicode"]}.png") - } - end - end - end - - def render_go_import - return unless params["go-get"] == "1" - - @namespace = params[:namespace_id] - @id = params[:project_id] || params[:id] - @id = @id.gsub(/\.git\Z/, "") - - render "go_import", layout: false - end -end diff --git a/app/controllers/registrations_controller.rb b/app/controllers/registrations_controller.rb deleted file mode 100644 index 38d116a4ee3..00000000000 --- a/app/controllers/registrations_controller.rb +++ /dev/null @@ -1,41 +0,0 @@ -class RegistrationsController < Devise::RegistrationsController - before_filter :signup_enabled? - - def new - redirect_to(new_user_session_path) - end - - def destroy - current_user.destroy - - respond_to do |format| - format.html { redirect_to new_user_session_path, notice: "Account successfully removed." } - end - end - - protected - - def build_resource(hash=nil) - super - end - - def after_sign_up_path_for(_resource) - new_user_session_path - end - - def after_inactive_sign_up_path_for(_resource) - new_user_session_path - end - - private - - def signup_enabled? - unless current_application_settings.signup_enabled? - redirect_to(new_user_session_path) - end - end - - def sign_up_params - params.require(:user).permit(:username, :email, :name, :password, :password_confirmation) - end -end diff --git a/app/controllers/search_controller.rb b/app/controllers/search_controller.rb deleted file mode 100644 index c5828d0b2df..00000000000 --- a/app/controllers/search_controller.rb +++ /dev/null @@ -1,55 +0,0 @@ -class SearchController < ApplicationController - include SearchHelper - - def show - return if params[:search].nil? || params[:search].blank? - - if params[:project_id].present? - @project = Project.find_by(id: params[:project_id]) - @project = nil unless can?(current_user, :download_code, @project) - end - - if params[:group_id].present? - @group = Group.find_by(id: params[:group_id]) - @group = nil unless can?(current_user, :read_group, @group) - end - - @scope = params[:scope] - @show_snippets = params[:snippets].eql? 'true' - - @search_results = - if @project - unless %w(blobs notes issues merge_requests wiki_blobs). - include?(@scope) - @scope = 'blobs' - end - - Search::ProjectService.new(@project, current_user, params).execute - elsif @show_snippets - unless %w(snippet_blobs snippet_titles).include?(@scope) - @scope = 'snippet_blobs' - end - - Search::SnippetService.new(current_user, params).execute - else - unless %w(projects issues merge_requests).include?(@scope) - @scope = 'projects' - end - Search::GlobalService.new(current_user, params).execute - end - @objects = @search_results.objects(@scope, params[:page]) - end - - def autocomplete - term = params[:term] - - if params[:project_id].present? - @project = Project.find_by(id: params[:project_id]) - @project = nil unless can?(current_user, :read_project, @project) - end - - @ref = params[:project_ref] if params[:project_ref].present? - - render json: search_autocomplete_opts(term).to_json - end -end diff --git a/app/controllers/sessions_controller.rb b/app/controllers/sessions_controller.rb deleted file mode 100644 index 3f11d7afe6f..00000000000 --- a/app/controllers/sessions_controller.rb +++ /dev/null @@ -1,37 +0,0 @@ -class SessionsController < Devise::SessionsController - def new - redirect_path = - if request.referer.present? && (params['redirect_to_referer'] == 'yes') - referer_uri = URI(request.referer) - if referer_uri.host == Gitlab.config.gitlab.host - referer_uri.path - else - request.fullpath - end - else - request.fullpath - end - - # Prevent a 'you are already signed in' message directly after signing: - # we should never redirect to '/users/sign_in' after signing in successfully. - unless redirect_path == '/users/sign_in' - store_location_for(:redirect, redirect_path) - end - - if Gitlab.config.ldap.enabled - @ldap_servers = Gitlab::LDAP::Config.servers - end - - super - end - - def create - super do |resource| - # User has successfully signed in, so clear any unused reset tokens - if resource.reset_password_token.present? - resource.update_attributes(reset_password_token: nil, - reset_password_sent_at: nil) - end - end - end -end diff --git a/app/controllers/snippets_controller.rb b/app/controllers/snippets_controller.rb deleted file mode 100644 index cd52556b203..00000000000 --- a/app/controllers/snippets_controller.rb +++ /dev/null @@ -1,113 +0,0 @@ -class SnippetsController < ApplicationController - before_filter :snippet, only: [:show, :edit, :destroy, :update, :raw] - - # Allow modify snippet - before_filter :authorize_modify_snippet!, only: [:edit, :update] - - # Allow destroy snippet - before_filter :authorize_admin_snippet!, only: [:destroy] - - before_filter :set_title - - skip_before_filter :authenticate_user!, only: [:index, :user_index, :show, :raw] - - respond_to :html - - layout :determine_layout - - def index - @snippets = SnippetsFinder.new.execute(current_user, filter: :all).page(params[:page]).per(PER_PAGE) - end - - def user_index - @user = User.find_by(username: params[:username]) - - render_404 and return unless @user - - @snippets = SnippetsFinder.new.execute(current_user, { - filter: :by_user, - user: @user, - scope: params[:scope] }). - page(params[:page]).per(PER_PAGE) - - if @user == current_user - render 'current_user_index' - else - render 'user_index' - end - end - - def new - @snippet = PersonalSnippet.new - end - - def create - @snippet = CreateSnippetService.new(nil, current_user, - snippet_params).execute - - respond_with @snippet.becomes(Snippet) - end - - def edit - end - - def update - UpdateSnippetService.new(nil, current_user, @snippet, - snippet_params).execute - respond_with @snippet.becomes(Snippet) - end - - def show - end - - def destroy - return access_denied! unless can?(current_user, :admin_personal_snippet, @snippet) - - @snippet.destroy - - redirect_to snippets_path - end - - def raw - send_data( - @snippet.content, - type: 'text/plain; charset=utf-8', - disposition: 'inline', - filename: @snippet.sanitized_file_name - ) - end - - protected - - def snippet - @snippet ||= if current_user - PersonalSnippet.where("author_id = ? OR visibility_level IN (?)", - current_user.id, - [Snippet::PUBLIC, Snippet::INTERNAL]). - find(params[:id]) - else - PersonalSnippet.are_public.find(params[:id]) - end - end - - def authorize_modify_snippet! - return render_404 unless can?(current_user, :modify_personal_snippet, @snippet) - end - - def authorize_admin_snippet! - return render_404 unless can?(current_user, :admin_personal_snippet, @snippet) - end - - def set_title - @title = 'Snippets' - @title_url = snippets_path - end - - def snippet_params - params.require(:personal_snippet).permit(:title, :content, :file_name, :private, :visibility_level) - end - - def determine_layout - current_user ? 'navless' : 'public_users' - end -end diff --git a/app/controllers/uploads_controller.rb b/app/controllers/uploads_controller.rb deleted file mode 100644 index c5f3da54ea2..00000000000 --- a/app/controllers/uploads_controller.rb +++ /dev/null @@ -1,71 +0,0 @@ -class UploadsController < ApplicationController - skip_before_filter :authenticate_user! - before_filter :find_model, :authorize_access! - - def show - uploader = @model.send(upload_mount) - - unless uploader.file_storage? - return redirect_to uploader.url - end - - unless uploader.file && uploader.file.exists? - return not_found! - end - - disposition = uploader.image? ? 'inline' : 'attachment' - send_file uploader.file.path, disposition: disposition - end - - private - - def find_model - unless upload_model && upload_mount - return not_found! - end - - @model = upload_model.find(params[:id]) - end - - def authorize_access! - authorized = - case @model - when Project - can?(current_user, :read_project, @model) - when Group - can?(current_user, :read_group, @model) - when Note - can?(current_user, :read_project, @model.project) - else - # No authentication required for user avatars. - true - end - - return if authorized - - if current_user - not_found! - else - authenticate_user! - end - end - - def upload_model - upload_models = { - user: User, - project: Project, - note: Note, - group: Group - } - - upload_models[params[:model].to_sym] - end - - def upload_mount - upload_mounts = %w(avatar attachment file) - - if upload_mounts.include?(params[:mounted_as]) - params[:mounted_as] - end - end -end diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb deleted file mode 100644 index 679d6897ce9..00000000000 --- a/app/controllers/users_controller.rb +++ /dev/null @@ -1,97 +0,0 @@ -class UsersController < ApplicationController - skip_before_filter :authenticate_user! - before_filter :set_user - layout :determine_layout - - def show - @contributed_projects = contributed_projects.joined(@user). - reject(&:forked?) - - @projects = @user.personal_projects. - where(id: authorized_projects_ids).includes(:namespace) - - # Collect only groups common for both users - @groups = @user.groups & GroupsFinder.new.execute(current_user) - - @title = @user.name - @title_url = user_path(@user) - - respond_to do |format| - format.html - - format.atom do - load_events - render layout: false - end - - format.json do - load_events - pager_json("events/_events", @events.count) - end - end - end - - def calendar - calendar = contributions_calendar - @timestamps = calendar.timestamps - @starting_year = calendar.starting_year - @starting_month = calendar.starting_month - - render 'calendar', layout: false - end - - def calendar_activities - @calendar_date = Date.parse(params[:date]) rescue nil - @events = [] - - if @calendar_date - @events = contributions_calendar.events_by_date(@calendar_date) - end - - render 'calendar_activities', layout: false - end - - def determine_layout - if current_user - 'navless' - else - 'public_users' - end - end - - private - - def set_user - @user = User.find_by_username!(params[:username]) - - unless current_user || @user.public_profile? - return authenticate_user! - end - end - - def authorized_projects_ids - # Projects user can view - @authorized_projects_ids ||= - ProjectsFinder.new.execute(current_user).pluck(:id) - end - - def contributed_projects - @contributed_projects = Project. - where(id: authorized_projects_ids & @user.contributed_projects_ids). - includes(:namespace) - end - - def contributions_calendar - @contributions_calendar ||= Gitlab::ContributionsCalendar. - new(contributed_projects.reject(&:forked?), @user) - end - - def load_events - # Get user activity feed for projects common for both users - @events = @user.recent_events. - where(project_id: authorized_projects_ids). - with_associations - - @events = @events.limit(20).offset(params[:offset] || 0) - end -end |