notes_controller.rb 2.44 KB
Newer Older
1
class Projects::NotesController < Projects::ApplicationController
gitlabhq's avatar
gitlabhq committed
2
  # Authorize
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
3
  before_filter :authorize_read_note!
4
  before_filter :authorize_write_note!, only: [:create]
5
  before_filter :authorize_admin_note!, only: [:update, :destroy]
gitlabhq's avatar
gitlabhq committed
6

7
  def index
8
    current_fetched_at = Time.now.to_i
9
    @notes = NotesFinder.new.execute(project, current_user, params)
10

11
    notes_json = { notes: [], last_fetched_at: current_fetched_at }
12

13 14 15 16 17
    @notes.each do |note|
      notes_json[:notes] << {
        id: note.id,
        html: note_to_html(note)
      }
18
    end
19 20

    render json: notes_json
21 22
  end

gitlabhq's avatar
gitlabhq committed
23
  def create
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
24
    @note = Notes::CreateService.new(project, current_user, params[:note]).execute
gitlabhq's avatar
gitlabhq committed
25 26

    respond_to do |format|
27 28
      format.json { render_note_json(@note) }
      format.html { redirect_to :back }
gitlabhq's avatar
gitlabhq committed
29 30 31
    end
  end

32 33 34
  def update
    note.update_attributes(params[:note])
    note.reset_events_cache
gitlabhq's avatar
gitlabhq committed
35 36

    respond_to do |format|
37 38
      format.json { render_note_json(note) }
      format.html { redirect_to :back }
gitlabhq's avatar
gitlabhq committed
39 40 41
    end
  end

42 43 44
  def destroy
    note.destroy
    note.reset_events_cache
45 46

    respond_to do |format|
47
      format.js { render nothing: true }
48 49 50 51
    end
  end

  def delete_attachment
52 53
    note.remove_attachment!
    note.update_attribute(:attachment, nil)
54 55 56 57 58 59

    respond_to do |format|
      format.js { render nothing: true }
    end
  end

60
  def preview
61
    render text: view_context.markdown(params[:note])
62
  end
63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87

  private

  def note
    @note ||= @project.notes.find(params[:id])
  end

  def note_to_html(note)
    render_to_string(
      "projects/notes/_note",
      layout: false,
      formats: [:html],
      locals: { note: note }
    )
  end

  def note_to_discussion_html(note)
    render_to_string(
      "projects/notes/_diff_notes_with_reply",
      layout: false,
      formats: [:html],
      locals: { notes: [note] }
    )
  end

88
  def note_to_discussion_with_diff_html(note)
89 90
    return unless note.for_diff_line?

91 92 93 94 95 96 97 98
    render_to_string(
      "projects/notes/_discussion",
      layout: false,
      formats: [:html],
      locals: { discussion_notes: [note] }
    )
  end

99 100 101 102 103
  def render_note_json(note)
    render json: {
      id: note.id,
      discussion_id: note.discussion_id,
      html: note_to_html(note),
104 105
      discussion_html: note_to_discussion_html(note),
      discussion_with_diff_html: note_to_discussion_with_diff_html(note)
106 107 108 109 110 111
    }
  end

  def authorize_admin_note!
    return access_denied! unless can?(current_user, :admin_note, note)
  end
gitlabhq's avatar
gitlabhq committed
112
end