Remove explicit audit event log in MembershipActions

Move it to Members::ApproveAccessRequestService. Also, note that there was a double audit event log for access request destruction. Signed-off-by: Rémy Coutable <remy@rymai.me>
author: Rémy Coutable <remy@rymai.me> 2017-10-11 16:47:08 +0200
committer: Rémy Coutable <remy@rymai.me> 2018-02-27 16:02:22 +0100
commit: bf41063679b25371b2e64542f2f469b38502edf6 (patch)
tree: bc7363df6d75c628f593b29426b59ba05b10a223 /app/controllers/projects/project_members_controller.rb
parent: 3bf448267b117e79f08ab2f4b769d24a705a5f0f (diff)
download: gitlab-ce-bf41063679b25371b2e64542f2f469b38502edf6.tar.gz
1 files changed, 4 insertions, 5 deletions
diff --git a/app/controllers/projects/project_members_controller.rb b/app/controllers/projects/project_members_controller.rb
index d7372beb9d3..06388055d52 100644
--- a/app/controllers/projects/project_members_controller.rb
+++ b/app/controllers/projects/project_members_controller.rb
@@ -27,12 +27,11 @@ class Projects::ProjectMembersController < Projects::ApplicationController
   end
 
   def update
-    @project_member = @project.members_and_requesters.find(params[:id])
+    member = @project.members_and_requesters.find(params[:id])
+    @project_member = Members::UpdateService
+      .new(@project, current_user, member_params)
+      .execute(member)
       .present(current_user: current_user)
-
-    return render_403 unless can?(current_user, :update_project_member, @project_member)
-
-    @project_member.update_attributes(member_params)
   end
 
   def resend_invite
author	Rémy Coutable <remy@rymai.me>	2017-10-11 16:47:08 +0200
committer	Rémy Coutable <remy@rymai.me>	2018-02-27 16:02:22 +0100
commit	bf41063679b25371b2e64542f2f469b38502edf6 (patch)
tree	bc7363df6d75c628f593b29426b59ba05b10a223 /app/controllers/projects/project_members_controller.rb
parent	3bf448267b117e79f08ab2f4b769d24a705a5f0f (diff)
download	gitlab-ce-bf41063679b25371b2e64542f2f469b38502edf6.tar.gz