issues_controller.rb 6.98 KB
Newer Older
1 2
# frozen_string_literal: true

3
class Projects::IssuesController < Projects::ApplicationController
Douwe Maan's avatar
Douwe Maan committed
4
  include RendersNotes
5
  include ToggleSubscriptionAction
6
  include IssuableActions
7
  include ToggleAwardEmoji
8
  include IssuableCollections
9
  include IssuesCalendar
10
  include SpammableActions
11

12 13
  prepend_before_action :authenticate_user!, only: [:new]

14
  before_action :whitelist_query_limiting, only: [:create, :create_merge_request, :move, :bulk_update]
15
  before_action :check_issues_available!
16 17
  before_action :issue, except: [:index, :calendar, :new, :create, :bulk_update]
  before_action :set_issuables_index, only: [:index, :calendar]
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
18 19

  # Allow write(create) issue
20
  before_action :authorize_create_issue!, only: [:new, :create]
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
21 22

  # Allow modify issue
23
  before_action :authorize_update_issuable!, only: [:edit, :update, :move]
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
24

25
  # Allow create a new branch and empty WIP merge request from current issue
26
  before_action :authorize_create_merge_request_from!, only: [:create_merge_request]
27

28
  respond_to :html
gitlabhq's avatar
gitlabhq committed
29 30

  def index
31
    @issues = @issuables
32

gitlabhq's avatar
gitlabhq committed
33
    respond_to do |format|
34
      format.html
35
      format.atom { render layout: 'xml.atom' }
36 37
      format.json do
        render json: {
38
          html: view_to_html_string("projects/issues/_issues"),
39
          labels: @labels.as_json(methods: :text_color)
40 41
        }
      end
gitlabhq's avatar
gitlabhq committed
42 43 44
    end
  end

45
  def calendar
46
    render_issues_calendar(@issuables)
47 48
  end

gitlabhq's avatar
gitlabhq committed
49
  def new
50
    params[:issue] ||= ActionController::Parameters.new(
51
      assignee_ids: ""
52
    )
53
    build_params = issue_params.merge(
Bob Van Landuyt's avatar
Bob Van Landuyt committed
54
      merge_request_to_resolve_discussions_of: params[:merge_request_to_resolve_discussions_of],
55
      discussion_to_resolve: params[:discussion_to_resolve]
56
    )
57
    service = Issues::BuildService.new(project, current_user, build_params)
58

59
    @issue = @noteable = service.execute
Bob Van Landuyt's avatar
Bob Van Landuyt committed
60
    @merge_request_to_resolve_discussions_of = service.merge_request_to_resolve_discussions_of
61
    @discussion_to_resolve = service.discussions_to_resolve.first if params[:discussion_to_resolve]
62

gitlabhq's avatar
gitlabhq committed
63 64 65
    respond_with(@issue)
  end

66 67 68 69
  def edit
    respond_with(@issue)
  end

gitlabhq's avatar
gitlabhq committed
70
  def create
71
    create_params = issue_params.merge(spammable_params).merge(
Bob Van Landuyt's avatar
Bob Van Landuyt committed
72
      merge_request_to_resolve_discussions_of: params[:merge_request_to_resolve_discussions_of],
73 74 75
      discussion_to_resolve: params[:discussion_to_resolve]
    )

76 77 78
    service = Issues::CreateService.new(project, current_user, create_params)
    @issue = service.execute

79
    if service.discussions_to_resolve.count(&:resolved?) > 0
80
      flash[:notice] = if service.discussion_to_resolve_id
81 82 83 84
                         "Resolved 1 discussion."
                       else
                         "Resolved all discussions."
                       end
85
    end
gitlabhq's avatar
gitlabhq committed
86

87
    respond_to do |format|
88
      format.html do
89
        recaptcha_check_with_fallback { render :new }
90
      end
91
      format.js do
92 93
        @link = @issue.attachment.url.to_js
      end
94
    end
gitlabhq's avatar
gitlabhq committed
95 96
  end

97 98 99
  def move
    params.require(:move_to_project_id)

100 101
    if params[:move_to_project_id].to_i > 0
      new_project = Project.find(params[:move_to_project_id])
102 103
      return render_404 unless issue.can_move?(current_user, new_project)

104
      @issue = Issues::UpdateService.new(project, current_user, target_project: new_project).execute(issue)
105
    end
gitlabhq's avatar
gitlabhq committed
106 107

    respond_to do |format|
108
      format.json do
109
        render_issue_json
110
      end
gitlabhq's avatar
gitlabhq committed
111
    end
112 113

  rescue ActiveRecord::StaleObjectError
114
    render_conflict_response
gitlabhq's avatar
gitlabhq committed
115 116
  end

117
  def referenced_merge_requests
118
    @merge_requests, @closed_by_merge_requests = ::Issues::ReferencedMergeRequestsService.new(project, current_user).execute(issue)
119 120 121 122 123 124 125 126 127 128 129

    respond_to do |format|
      format.json do
        render json: {
          html: view_to_html_string('projects/issues/_merge_requests')
        }
      end
    end
  end

  def related_branches
130
    @related_branches = @issue.related_branches(current_user)
131 132 133 134 135 136 137 138 139 140

    respond_to do |format|
      format.json do
        render json: {
          html: view_to_html_string('projects/issues/_related_branches')
        }
      end
    end
  end

141 142 143
  def can_create_branch
    can_create = current_user &&
      can?(current_user, :push_code, @project) &&
144
      @issue.can_be_worked_on?
145 146 147

    respond_to do |format|
      format.json do
148
        render json: { can_create_branch: can_create, suggested_branch_name: @issue.suggested_branch_name }
149 150 151 152
      end
    end
  end

153
  def create_merge_request
154 155
    create_params = params.slice(:branch_name, :ref).merge(issue_iid: issue.iid)
    result = ::MergeRequests::CreateFromIssueService.new(project, current_user, create_params).execute
156 157 158 159 160 161 162 163

    if result[:status] == :success
      render json: MergeRequestCreateSerializer.new.represent(result[:merge_request])
    else
      render json: result[:messsage], status: :unprocessable_entity
    end
  end

Nihad Abbasov's avatar
Nihad Abbasov committed
164
  protected
gitlabhq's avatar
gitlabhq committed
165

166
  # rubocop: disable CodeReuse/ActiveRecord
gitlabhq's avatar
gitlabhq committed
167
  def issue
168
    return @issue if defined?(@issue)
169

170
    # The Sortable default scope causes performance issues when used with find_by
171
    @issuable = @noteable = @issue ||= @project.issues.includes(author: :status).where(iid: params[:id]).reorder(nil).take!
172
    @note = @project.notes.new(noteable: @issuable)
173 174 175 176

    return render_404 unless can?(current_user, :read_issue, @issue)

    @issue
gitlabhq's avatar
gitlabhq committed
177
  end
178
  # rubocop: enable CodeReuse/ActiveRecord
179
  alias_method :subscribable_resource, :issue
180
  alias_method :issuable, :issue
181
  alias_method :awardable, :issue
182
  alias_method :spammable, :issue
Dmitriy Zaporozhets's avatar
Dmitriy Zaporozhets committed
183

184 185 186 187
  def spammable_path
    project_issue_path(@project, @issue)
  end

188
  def authorize_create_merge_request!
189
    render_404 unless can?(current_user, :push_code, @project) && @issue.can_be_worked_on?
190 191
  end

192 193 194 195 196 197 198 199
  def render_issue_json
    if @issue.valid?
      render json: serializer.represent(@issue)
    else
      render json: { errors: @issue.errors.full_messages }, status: :unprocessable_entity
    end
  end

200
  def issue_params
201 202 203 204 205 206 207 208 209 210 211 212 213 214 215
    params.require(:issue).permit(*issue_params_attributes)
  end

  def issue_params_attributes
    %i[
      title
      assignee_id
      position
      description
      confidential
      milestone_id
      due_date
      state_event
      task_num
      lock_version
216
      discussion_locked
217
    ] + [{ label_ids: [], assignee_ids: [] }]
218
  end
219 220 221 222 223 224

  def authenticate_user!
    return if current_user

    notice = "Please sign in to create the new issue."

225 226 227 228
    if request.get? && !request.xhr?
      store_location_for :user, request.fullpath
    end

229 230
    redirect_to new_user_session_path, notice: notice
  end
231 232 233 234

  def serializer
    IssueSerializer.new(current_user: current_user, project: issue.project)
  end
235 236 237 238 239

  def update_service
    update_params = issue_params.merge(spammable_params)
    Issues::UpdateService.new(project, current_user, update_params)
  end
240

241 242
  def finder_type
    IssuesFinder
243
  end
244 245 246 247 248 249 250 251 252

  def whitelist_query_limiting
    # Also see the following issues:
    #
    # 1. https://gitlab.com/gitlab-org/gitlab-ce/issues/42423
    # 2. https://gitlab.com/gitlab-org/gitlab-ce/issues/42424
    # 3. https://gitlab.com/gitlab-org/gitlab-ce/issues/42426
    Gitlab::QueryLimiting.whitelist('https://gitlab.com/gitlab-org/gitlab-ce/issues/42422')
  end
gitlabhq's avatar
gitlabhq committed
253
end