diff options
| author | Rémy Coutable <remy@rymai.me> | 2017-10-11 16:47:08 +0200 |
|---|---|---|
| committer | Rémy Coutable <remy@rymai.me> | 2018-02-27 16:02:22 +0100 |
| commit | bf41063679b25371b2e64542f2f469b38502edf6 (patch) | |
| tree | bc7363df6d75c628f593b29426b59ba05b10a223 /app/controllers | |
| parent | 3bf448267b117e79f08ab2f4b769d24a705a5f0f (diff) | |
| download | gitlab-ce-bf41063679b25371b2e64542f2f469b38502edf6.tar.gz | |
Remove explicit audit event log in MembershipActions
Move it to Members::ApproveAccessRequestService.
Also, note that there was a double audit event log for access request
destruction.
Signed-off-by: Rémy Coutable <remy@rymai.me>
Diffstat (limited to 'app/controllers')
| -rw-r--r-- | app/controllers/concerns/membership_actions.rb | 13 | ||||
| -rw-r--r-- | app/controllers/groups/group_members_controller.rb | 9 | ||||
| -rw-r--r-- | app/controllers/projects/project_members_controller.rb | 9 |
3 files changed, 17 insertions, 14 deletions
diff --git a/app/controllers/concerns/membership_actions.rb b/app/controllers/concerns/membership_actions.rb index c6b1e443de6..a6f1509b451 100644 --- a/app/controllers/concerns/membership_actions.rb +++ b/app/controllers/concerns/membership_actions.rb @@ -15,8 +15,9 @@ module MembershipActions end def destroy + member = membershipable.members_and_requesters.find(params[:id]) Members::DestroyService.new(membershipable, current_user, params) - .execute(:all) + .execute(member) respond_to do |format| format.html do @@ -36,14 +37,18 @@ module MembershipActions end def approve_access_request - Members::ApproveAccessRequestService.new(membershipable, current_user, params).execute + access_requester = membershipable.requesters.find(params[:id]) + Members::ApproveAccessRequestService + .new(membershipable, current_user, params) + .execute(access_requester) redirect_to members_page_url end def leave - member = Members::DestroyService.new(membershipable, current_user, user_id: current_user.id) - .execute(:all) + member = membershipable.members_and_requesters.find_by!(user_id: current_user.id) + Members::DestroyService.new(membershipable, current_user) + .execute(member) notice = if member.request? diff --git a/app/controllers/groups/group_members_controller.rb b/app/controllers/groups/group_members_controller.rb index 2c371e76313..1efd07835e2 100644 --- a/app/controllers/groups/group_members_controller.rb +++ b/app/controllers/groups/group_members_controller.rb @@ -28,12 +28,11 @@ class Groups::GroupMembersController < Groups::ApplicationController end def update - @group_member = @group.members_and_requesters.find(params[:id]) + member = @group.members_and_requesters.find(params[:id]) + @group_member = Members::UpdateService + .new(@group, current_user, member_params) + .execute(member) .present(current_user: current_user) - - return render_403 unless can?(current_user, :update_group_member, @group_member) - - @group_member.update_attributes(member_params) end def resend_invite diff --git a/app/controllers/projects/project_members_controller.rb b/app/controllers/projects/project_members_controller.rb index d7372beb9d3..06388055d52 100644 --- a/app/controllers/projects/project_members_controller.rb +++ b/app/controllers/projects/project_members_controller.rb @@ -27,12 +27,11 @@ class Projects::ProjectMembersController < Projects::ApplicationController end def update - @project_member = @project.members_and_requesters.find(params[:id]) + member = @project.members_and_requesters.find(params[:id]) + @project_member = Members::UpdateService + .new(@project, current_user, member_params) + .execute(member) .present(current_user: current_user) - - return render_403 unless can?(current_user, :update_project_member, @project_member) - - @project_member.update_attributes(member_params) end def resend_invite |