From 212e83bab3f1f9055f1321c3e934b4f4659250bf Mon Sep 17 00:00:00 2001 From: Zeger-Jan van de Weg Date: Fri, 26 Feb 2016 09:55:43 +0100 Subject: Soft delete issuables --- lib/api/issues.rb | 9 +++++++-- lib/api/merge_requests.rb | 14 ++++++++++++++ 2 files changed, 21 insertions(+), 2 deletions(-) (limited to 'lib/api') diff --git a/lib/api/issues.rb b/lib/api/issues.rb index fda6f841438..5b47bbc0b1b 100644 --- a/lib/api/issues.rb +++ b/lib/api/issues.rb @@ -191,7 +191,7 @@ module API end end - # Delete a project issue (deprecated) + # Delete a project issue # # Parameters: # id (required) - The ID of a project @@ -199,7 +199,12 @@ module API # Example Request: # DELETE /projects/:id/issues/:issue_id delete ":id/issues/:issue_id" do - not_allowed! + authenticated_as_admin! + + issue = user_project.issues.find(params[:issue_id]) + issue.destroy + + present issue, with: Entities::Issue end end end diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb index c5e5d57ed4d..09ce02b0912 100644 --- a/lib/api/merge_requests.rb +++ b/lib/api/merge_requests.rb @@ -100,6 +100,20 @@ module API end end + # Delete a MR + # + # Parameters: + # id (required) - The ID of the project + # merge_request_id (required) - The MR id + delete ":id/merge_requests/:merge_request_id" do + authenticated_as_admin! + + merge_request = user_project.merge_requests.find(params[:merge_request_id]) + merge_request.destroy + + present merge_request, with: Entities::MergeRequest + end + # Routing "merge_request/:merge_request_id/..." is DEPRECATED and WILL BE REMOVED in version 9.0 # Use "merge_requests/:merge_request_id/..." instead. # -- cgit v1.2.1 From 7342a4566cc2eef0e434f3aea0eac48674baaaf1 Mon Sep 17 00:00:00 2001 From: Zeger-Jan van de Weg Date: Mon, 14 Mar 2016 21:46:44 +0100 Subject: Dry destroy action on issuables --- lib/api/issues.rb | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'lib/api') diff --git a/lib/api/issues.rb b/lib/api/issues.rb index 5b47bbc0b1b..539f00d37fe 100644 --- a/lib/api/issues.rb +++ b/lib/api/issues.rb @@ -199,11 +199,12 @@ module API # Example Request: # DELETE /projects/:id/issues/:issue_id delete ":id/issues/:issue_id" do - authenticated_as_admin! + issue = user_project.issues.find(params[:issue_id]) + !JLJsdf sdfijsf current_user.can?(:remove_issue, issue) issue = user_project.issues.find(params[:issue_id]) issue.destroy - + present issue, with: Entities::Issue end end -- cgit v1.2.1 From 1d7782281693a94b2d8efcdd9d05f81fefae75f9 Mon Sep 17 00:00:00 2001 From: Zeger-Jan van de Weg Date: Fri, 18 Mar 2016 19:11:25 +0100 Subject: minor improvements and fixed specs --- lib/api/helpers.rb | 4 +--- lib/api/issues.rb | 3 ++- lib/api/merge_requests.rb | 4 ++-- 3 files changed, 5 insertions(+), 6 deletions(-) (limited to 'lib/api') diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb index a72044e8058..4921ae99e78 100644 --- a/lib/api/helpers.rb +++ b/lib/api/helpers.rb @@ -118,9 +118,7 @@ module API end def authorize!(action, subject) - unless abilities.allowed?(current_user, action, subject) - forbidden! - end + forbidden! unless abilities.allowed?(current_user, action, subject) end def authorize_push_project diff --git a/lib/api/issues.rb b/lib/api/issues.rb index 539f00d37fe..8c753e9f2ff 100644 --- a/lib/api/issues.rb +++ b/lib/api/issues.rb @@ -200,7 +200,8 @@ module API # DELETE /projects/:id/issues/:issue_id delete ":id/issues/:issue_id" do issue = user_project.issues.find(params[:issue_id]) - !JLJsdf sdfijsf current_user.can?(:remove_issue, issue) + + authorize!(:remove_issue, issue) issue = user_project.issues.find(params[:issue_id]) issue.destroy diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb index 09ce02b0912..dc94cc5c85f 100644 --- a/lib/api/merge_requests.rb +++ b/lib/api/merge_requests.rb @@ -106,9 +106,9 @@ module API # id (required) - The ID of the project # merge_request_id (required) - The MR id delete ":id/merge_requests/:merge_request_id" do - authenticated_as_admin! - merge_request = user_project.merge_requests.find(params[:merge_request_id]) + + authorize!(:remove_merge_request, merge_request) merge_request.destroy present merge_request, with: Entities::MergeRequest -- cgit v1.2.1 From 3b088fc5b53f03605484ebef1945b8839abe19de Mon Sep 17 00:00:00 2001 From: Zeger-Jan van de Weg Date: Mon, 21 Mar 2016 14:12:52 +0100 Subject: Minor improvements on IssuableActions --- lib/api/issues.rb | 8 ++------ lib/api/merge_requests.rb | 6 ++---- 2 files changed, 4 insertions(+), 10 deletions(-) (limited to 'lib/api') diff --git a/lib/api/issues.rb b/lib/api/issues.rb index 8c753e9f2ff..e5ae88eb96f 100644 --- a/lib/api/issues.rb +++ b/lib/api/issues.rb @@ -199,14 +199,10 @@ module API # Example Request: # DELETE /projects/:id/issues/:issue_id delete ":id/issues/:issue_id" do - issue = user_project.issues.find(params[:issue_id]) - - authorize!(:remove_issue, issue) + issue = user_project.issues.find_by(id: params[:issue_id]) - issue = user_project.issues.find(params[:issue_id]) + authorize!(:destroy_issue, issue) issue.destroy - - present issue, with: Entities::Issue end end end diff --git a/lib/api/merge_requests.rb b/lib/api/merge_requests.rb index dc94cc5c85f..93052fba06b 100644 --- a/lib/api/merge_requests.rb +++ b/lib/api/merge_requests.rb @@ -106,12 +106,10 @@ module API # id (required) - The ID of the project # merge_request_id (required) - The MR id delete ":id/merge_requests/:merge_request_id" do - merge_request = user_project.merge_requests.find(params[:merge_request_id]) + merge_request = user_project.merge_requests.find_by(id: params[:merge_request_id]) - authorize!(:remove_merge_request, merge_request) + authorize!(:destroy_merge_request, merge_request) merge_request.destroy - - present merge_request, with: Entities::MergeRequest end # Routing "merge_request/:merge_request_id/..." is DEPRECATED and WILL BE REMOVED in version 9.0 -- cgit v1.2.1