diff options
| author | Douwe Maan <douwe@selenight.nl> | 2016-03-21 23:22:21 +0100 |
|---|---|---|
| committer | Douwe Maan <douwe@selenight.nl> | 2016-03-21 23:22:21 +0100 |
| commit | ae7b2ef62cdf61c990f914d776a6fdfc2bc49fa2 (patch) | |
| tree | 6f0022bf04b1b566fa79b979cc9cc373cd0ebaa1 /lib/api | |
| parent | 8d544645f0ef114586212835cf011a3e268c9ec1 (diff) | |
| parent | 0305dd98b32b5a989f2b84e0810cf5ddc14abd7f (diff) | |
| download | gitlab-ce-ae7b2ef62cdf61c990f914d776a6fdfc2bc49fa2.tar.gz | |
Merge branch 'master' into issue_12658
# Conflicts:
# app/models/issue.rb
# app/views/projects/_home_panel.html.haml
# app/views/shared/projects/_project.html.haml
# db/schema.rb
# spec/models/project_spec.rb
Diffstat (limited to 'lib/api')
| -rw-r--r-- | lib/api/helpers.rb | 4 | ||||
| -rw-r--r-- | lib/api/issues.rb | 7 | ||||
| -rw-r--r-- | lib/api/merge_requests.rb | 12 |
3 files changed, 18 insertions, 5 deletions
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index a72044e8058..4921ae99e78 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -118,9 +118,7 @@ module API end def authorize!(action, subject) - unless abilities.allowed?(current_user, action, subject) - forbidden! - end + forbidden! unless abilities.allowed?(current_user, action, subject) end def authorize_push_project diff --git a/lib/api/issues.rb b/lib/api/issues.rb index fda6f841438..e5ae88eb96f 100644 --- a/lib/api/issues.rb +++ b/lib/api/issues.rb @@ -191,7 +191,7 @@ module API end end - # Delete a project issue (deprecated) + # Delete a project issue # # Parameters: # id (required) - The ID of a project @@ -199,7 +199,10 @@ module API # Example Request: # DELETE /projects/:id/issues/:issue_id delete ":id/issues/:issue_id" do - not_allowed! + issue = user_project.issues.find_by(id: params[:issue_id]) + + authorize!(:destroy_issue, issue) + issue.destroy end end end diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb index c5e5d57ed4d..93052fba06b 100644 --- a/lib/api/merge_requests.rb +++ b/lib/api/merge_requests.rb @@ -100,6 +100,18 @@ module API end end + # Delete a MR + # + # Parameters: + # id (required) - The ID of the project + # merge_request_id (required) - The MR id + delete ":id/merge_requests/:merge_request_id" do + merge_request = user_project.merge_requests.find_by(id: params[:merge_request_id]) + + authorize!(:destroy_merge_request, merge_request) + merge_request.destroy + end + # Routing "merge_request/:merge_request_id/..." is DEPRECATED and WILL BE REMOVED in version 9.0 # Use "merge_requests/:merge_request_id/..." instead. # |