diff options
author | Phil Hughes <me@iamphill.com> | 2016-06-17 09:01:03 +0100 |
---|---|---|
committer | Phil Hughes <me@iamphill.com> | 2016-06-17 09:01:03 +0100 |
commit | 85fab13ebaf10982c0957daca0afd1ea145e64df (patch) | |
tree | 0515480dd7d509dca5e0a7e2b714b6e1bdf29573 /app/controllers/projects/todos_controller.rb | |
parent | f011b86beb89557afdaf2b0ec5ae904d0be237d8 (diff) | |
download | gitlab-ce-85fab13ebaf10982c0957daca0afd1ea145e64df.tar.gz |
Improved manual todos
Based on feedback from !4502
Diffstat (limited to 'app/controllers/projects/todos_controller.rb')
-rw-r--r-- | app/controllers/projects/todos_controller.rb | 25 |
1 files changed, 13 insertions, 12 deletions
diff --git a/app/controllers/projects/todos_controller.rb b/app/controllers/projects/todos_controller.rb index a51bd5e2b49..f58f7f34574 100644 --- a/app/controllers/projects/todos_controller.rb +++ b/app/controllers/projects/todos_controller.rb @@ -1,18 +1,13 @@ class Projects::TodosController < Projects::ApplicationController - def create - todos = TodoService.new.mark_todo(issuable, current_user) + before_action :authorize_read_issue!, only: [:create] - render json: { - todo: todos, - count: current_user.todos.pending.count, - } - end - - def update - current_user.todos.find_by_id(params[:id]).update(state: :done) + def create + todo = TodoService.new.mark_todo(issuable, current_user) render json: { - count: current_user.todos.pending.count, + todo: todo, + count: TodosFinder.new(current_user, state: :pending).execute.count, + delete_path: dashboard_todo_path(todo) } end @@ -22,7 +17,13 @@ class Projects::TodosController < Projects::ApplicationController @issuable ||= begin case params[:issuable_type] when "issue" - @project.issues.find(params[:issuable_id]) + issue = @project.issues.find(params[:issuable_id]) + + if can?(current_user, :read_issue, issue) + issue + else + render_404 + end when "merge_request" @project.merge_requests.find(params[:issuable_id]) end |