3 files changed, 78 insertions, 14 deletions

diff --git a/app/controllers/concerns/issuable_actions.rb b/app/controllers/concerns/issuable_actions.rb
index 337957c366d..a21e658fda1 100644
--- a/app/controllers/concerns/issuable_actions.rb
+++ b/app/controllers/concerns/issuable_actions.rb
@@ -77,6 +77,20 @@ module IssuableActions
     render json: { notice: "#{quantity} #{resource_name.pluralize(quantity)} updated" }
   end
 
+  def discussions
+    notes = issuable.notes
+      .inc_relations_for_view
+      .includes(:noteable)
+      .fresh
+
+    notes = prepare_notes_for_rendering(notes)
+    notes = notes.reject { |n| n.cross_reference_not_visible_for?(current_user) }
+
+    discussions = Discussion.build_collection(notes, issuable)
+
+    render json: DiscussionSerializer.new(project: project, noteable: issuable, current_user: current_user).represent(discussions, context: self)
+  end
+
   private
 
   def recaptcha_check_if_spammable(should_redirect = true, &block)
diff --git a/app/controllers/concerns/membership_actions.rb b/app/controllers/concerns/membership_actions.rb
index c6b1e443de6..7a6a00b8e13 100644
--- a/app/controllers/concerns/membership_actions.rb
+++ b/app/controllers/concerns/membership_actions.rb
@@ -3,20 +3,31 @@ module MembershipActions
 
   def create
     create_params = params.permit(:user_ids, :access_level, :expires_at)
-    result = Members::CreateService.new(membershipable, current_user, create_params).execute
-
-    redirect_url = members_page_url
+    result = Members::CreateService.new(current_user, create_params).execute(membershipable)
 
     if result[:status] == :success
-      redirect_to redirect_url, notice: 'Users were successfully added.'
+      redirect_to members_page_url, notice: 'Users were successfully added.'
     else
-      redirect_to redirect_url, alert: result[:message]
+      redirect_to members_page_url, alert: result[:message]
+    end
+  end
+
+  def update
+    update_params = params.require(root_params_key).permit(:access_level, :expires_at)
+    member = membershipable.members_and_requesters.find(params[:id])
+    member = Members::UpdateService
+      .new(current_user, update_params)
+      .execute(member)
+      .present(current_user: current_user)
+
+    respond_to do |format|
+      format.js { render 'shared/members/update', locals: { member: member } }
     end
   end
 
   def destroy
-    Members::DestroyService.new(membershipable, current_user, params)
-      .execute(:all)
+    member = membershipable.members_and_requesters.find(params[:id])
+    Members::DestroyService.new(current_user).execute(member)
 
     respond_to do |format|
       format.html do
@@ -36,14 +47,17 @@ module MembershipActions
   end
 
   def approve_access_request
-    Members::ApproveAccessRequestService.new(membershipable, current_user, params).execute
+    access_requester = membershipable.requesters.find(params[:id])
+    Members::ApproveAccessRequestService
+      .new(current_user, params)
+      .execute(access_requester)
 
     redirect_to members_page_url
   end
 
   def leave
-    member = Members::DestroyService.new(membershipable, current_user, user_id: current_user.id)
-      .execute(:all)
+    member = membershipable.members_and_requesters.find_by!(user_id: current_user.id)
+    Members::DestroyService.new(current_user).execute(member)
 
     notice =
       if member.request?
@@ -62,17 +76,43 @@ module MembershipActions
     end
   end
 
+  def resend_invite
+    member = membershipable.members.find(params[:id])
+
+    if member.invite?
+      member.resend_invite
+
+      redirect_to members_page_url, notice: 'The invitation was successfully resent.'
+    else
+      redirect_to members_page_url, alert: 'The invitation has already been accepted.'
+    end
+  end
+
   protected
 
   def membershipable
     raise NotImplementedError
   end
 
+  def root_params_key
+    case membershipable
+    when Namespace
+      :group_member
+    when Project
+      :project_member
+    else
+      raise "Unknown membershipable type: #{membershipable}!"
+    end
+  end
+
   def members_page_url
-    if membershipable.is_a?(Project)
+    case membershipable
+    when Namespace
+      polymorphic_url([membershipable, :members])
+    when Project
       project_project_members_path(membershipable)
     else
-      polymorphic_url([membershipable, :members])
+      raise "Unknown membershipable type: #{membershipable}!"
     end
   end
 
diff --git a/app/controllers/concerns/notes_actions.rb b/app/controllers/concerns/notes_actions.rb
index e82a5650935..03ed5b5310b 100644
--- a/app/controllers/concerns/notes_actions.rb
+++ b/app/controllers/concerns/notes_actions.rb
@@ -22,7 +22,7 @@ module NotesActions
     notes = notes.reject { |n| n.cross_reference_not_visible_for?(current_user) }
 
     notes_json[:notes] =
-      if noteable.discussions_rendered_on_frontend?
+      if use_note_serializer?
         note_serializer.represent(notes)
       else
         notes.map { |note| note_json(note) }
@@ -95,7 +95,7 @@ module NotesActions
     if note.persisted?
       attrs[:valid] = true
 
-      if noteable.discussions_rendered_on_frontend?
+      if use_note_serializer?
         attrs.merge!(note_serializer.represent(note))
       else
         attrs.merge!(
@@ -233,4 +233,14 @@ module NotesActions
       the_project
     end
   end
+
+  def use_note_serializer?
+    return false if params['html']
+
+    if noteable.is_a?(MergeRequest)
+      cookies[:vue_mr_discussions] == 'true'
+    else
+      noteable.discussions_rendered_on_frontend?
+    end
+  end
 end