Support discussion locking in the backend

author: Jarka Kadlecova <jarka@gitlab.com> 2017-08-30 16:57:50 +0200
committer: Jarka Kadlecova <jarka@gitlab.com> 2017-09-14 14:50:32 +0200
commit: b9287208523e1a5c05939fe0db038df51a9082fc (patch)
tree: 7cc859ffab52ae526924676395374d4621fd96c3 /app
parent: 1140fcce4f8b5463f451356b76fea125826478b2 (diff)
download: gitlab-ce-b9287208523e1a5c05939fe0db038df51a9082fc.tar.gz
10 files changed, 57 insertions, 1 deletions
diff --git a/app/controllers/projects/issues_controller.rb b/app/controllers/projects/issues_controller.rb
index 8990c919ca0..ab75a68e56a 100644
--- a/app/controllers/projects/issues_controller.rb
+++ b/app/controllers/projects/issues_controller.rb
@@ -289,6 +289,7 @@ class Projects::IssuesController < Projects::ApplicationController
       state_event
       task_num
       lock_version
+      discussion_locked
     ] + [{ label_ids: [], assignee_ids: [] }]
   end
 
diff --git a/app/controllers/projects/merge_requests/application_controller.rb b/app/controllers/projects/merge_requests/application_controller.rb
index 6602b204fcb..eb7d7bf374c 100644
--- a/app/controllers/projects/merge_requests/application_controller.rb
+++ b/app/controllers/projects/merge_requests/application_controller.rb
@@ -34,6 +34,7 @@ class Projects::MergeRequests::ApplicationController < Projects::ApplicationCont
       :target_project_id,
       :task_num,
       :title,
+      :discussion_locked,
 
       label_ids: []
     ]
diff --git a/app/controllers/projects/notes_controller.rb b/app/controllers/projects/notes_controller.rb
index 41a13f6f577..dd3dc71c004 100644
--- a/app/controllers/projects/notes_controller.rb
+++ b/app/controllers/projects/notes_controller.rb
@@ -66,7 +66,21 @@ class Projects::NotesController < Projects::ApplicationController
     params.merge(last_fetched_at: last_fetched_at)
   end
 
+  def authorize_admin_note!
+    return access_denied! unless can?(current_user, :admin_note, note)
+  end
+
   def authorize_resolve_note!
     return access_denied! unless can?(current_user, :resolve_note, note)
   end
+
+  def authorize_create_note!
+    noteable_type = note_params[:noteable_type]
+
+    return unless ['MergeRequest', 'Issue'].include?(noteable_type)
+    return access_denied! unless can?(current_user, :create_note, project)
+
+    noteable = noteable_type.constantize.find(note_params[:noteable_id])
+    access_denied! unless can?(current_user, :create_note, noteable)
+  end
 end
diff --git a/app/helpers/notes_helper.rb b/app/helpers/notes_helper.rb
index ce028195e51..c219aa3d6a9 100644
--- a/app/helpers/notes_helper.rb
+++ b/app/helpers/notes_helper.rb
@@ -130,8 +130,12 @@ module NotesHelper
   end
 
   def can_create_note?
+    issuable = @issue || @merge_request
+
     if @snippet.is_a?(PersonalSnippet)
       can?(current_user, :comment_personal_snippet, @snippet)
+    elsif issuable
+      can?(current_user, :create_note, issuable)
     else
       can?(current_user, :create_note, @project)
     end
diff --git a/app/models/system_note_metadata.rb b/app/models/system_note_metadata.rb
index 0b33e45473b..1f9f8d7286b 100644
--- a/app/models/system_note_metadata.rb
+++ b/app/models/system_note_metadata.rb
@@ -2,7 +2,7 @@ class SystemNoteMetadata < ActiveRecord::Base
   ICON_TYPES = %w[
     commit description merge confidential visible label assignee cross_reference
     title time_tracking branch milestone discussion task moved
-    opened closed merged duplicate
+    opened closed merged duplicate locked unlocked
     outdated
   ].freeze
 
diff --git a/app/policies/issuable_policy.rb b/app/policies/issuable_policy.rb
index daf6fa9e18a..212f4989557 100644
--- a/app/policies/issuable_policy.rb
+++ b/app/policies/issuable_policy.rb
@@ -1,6 +1,9 @@
 class IssuablePolicy < BasePolicy
   delegate { @subject.project }
 
+  condition(:locked) { @subject.discussion_locked? }
+  condition(:is_project_member) { @user && @subject.project && @subject.project.team.member?(@user) }
+
   desc "User is the assignee or author"
   condition(:assignee_or_author) do
     @user && @subject.assignee_or_author?(@user)
@@ -12,4 +15,6 @@ class IssuablePolicy < BasePolicy
     enable :read_merge_request
     enable :update_merge_request
   end
+
+  rule { locked & ~is_project_member }.prevent :create_note
 end
diff --git a/app/policies/note_policy.rb b/app/policies/note_policy.rb
index 20cd51cfb99..5d51fbf4f4a 100644
--- a/app/policies/note_policy.rb
+++ b/app/policies/note_policy.rb
@@ -2,14 +2,18 @@ class NotePolicy < BasePolicy
   delegate { @subject.project }
 
   condition(:is_author) { @user && @subject.author == @user }
+  condition(:is_project_member) { @user && @subject.project && @subject.project.team.member?(@user) }
   condition(:for_merge_request, scope: :subject) { @subject.for_merge_request? }
   condition(:is_noteable_author) { @user && @subject.noteable.author_id == @user.id }
 
   condition(:editable, scope: :subject) { @subject.editable? }
+  condition(:locked) { @subject.noteable.discussion_locked? }
 
   rule { ~editable | anonymous }.prevent :edit_note
+
   rule { is_author | admin }.enable :edit_note
   rule { can?(:master_access) }.enable :edit_note
+  rule { locked & ~is_author & ~is_project_member }.prevent :edit_note
 
   rule { is_author }.policy do
     enable :read_note
@@ -21,4 +25,10 @@ class NotePolicy < BasePolicy
   rule { for_merge_request & is_noteable_author }.policy do
     enable :resolve_note
   end
+
+  rule { locked & ~is_project_member }.policy do
+    prevent :update_note
+    prevent :admin_note
+    prevent :resolve_note
+  end
 end
diff --git a/app/services/issuable_base_service.rb b/app/services/issuable_base_service.rb
index 8b967b78052..40793201664 100644
--- a/app/services/issuable_base_service.rb
+++ b/app/services/issuable_base_service.rb
@@ -57,6 +57,7 @@ class IssuableBaseService < BaseService
       params.delete(:due_date)
       params.delete(:canonical_issue_id)
       params.delete(:project)
+      params.delete(:discussion_locked)
     end
 
     filter_assignee(issuable)
diff --git a/app/services/issues/update_service.rb b/app/services/issues/update_service.rb
index b4ca3966505..2a24ee85c45 100644
--- a/app/services/issues/update_service.rb
+++ b/app/services/issues/update_service.rb
@@ -41,6 +41,10 @@ module Issues
         create_confidentiality_note(issue)
       end
 
+      if issue.previous_changes.include?('discussion_locked')
+        create_discussion_lock_note(issue)
+      end
+
       added_labels = issue.labels - old_labels
 
       if added_labels.present?
@@ -95,5 +99,9 @@ module Issues
     def create_confidentiality_note(issue)
       SystemNoteService.change_issue_confidentiality(issue, issue.project, current_user)
     end
+
+    def create_discussion_lock_note(issue)
+      SystemNoteService.discussion_lock(issue, current_user)
+    end
   end
 end
diff --git a/app/services/system_note_service.rb b/app/services/system_note_service.rb
index 1f66a2668f9..cec0a1b6efa 100644
--- a/app/services/system_note_service.rb
+++ b/app/services/system_note_service.rb
@@ -591,6 +591,18 @@ module SystemNoteService
     create_note(NoteSummary.new(noteable, project, author, body, action: 'duplicate'))
   end
 
+  def discussion_lock(issuable, author)
+    if issuable.discussion_locked
+      body = 'locked this issue'
+      action = 'locked'
+    else
+      body = 'unlocked this issue'
+      action = 'unlocked'
+    end
+
+    create_note(NoteSummary.new(issuable, issuable.project, author, body, action: action))
+  end
+
   private
 
   def notes_for_mentioner(mentioner, noteable, notes)
author	Jarka Kadlecova <jarka@gitlab.com>	2017-08-30 16:57:50 +0200
committer	Jarka Kadlecova <jarka@gitlab.com>	2017-09-14 14:50:32 +0200
commit	b9287208523e1a5c05939fe0db038df51a9082fc (patch)
tree	7cc859ffab52ae526924676395374d4621fd96c3 /app
parent	1140fcce4f8b5463f451356b76fea125826478b2 (diff)
download	gitlab-ce-b9287208523e1a5c05939fe0db038df51a9082fc.tar.gz