diff options
Diffstat (limited to 'app/controllers/notification_settings_controller.rb')
-rw-r--r-- | app/controllers/notification_settings_controller.rb | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/app/controllers/notification_settings_controller.rb b/app/controllers/notification_settings_controller.rb index eddd03cc229..aacbefd4ab8 100644 --- a/app/controllers/notification_settings_controller.rb +++ b/app/controllers/notification_settings_controller.rb @@ -2,11 +2,11 @@ class NotificationSettingsController < ApplicationController before_action :authenticate_user! def create - project = Project.find(params[:project][:id]) + resource = find_resource - return render_404 unless can?(current_user, :read_project, project) + return render_404 unless can_read?(resource) - @notification_setting = current_user.notification_settings_for(project) + @notification_setting = current_user.notification_settings_for(resource) @saved = @notification_setting.update_attributes(notification_setting_params) render_response @@ -21,6 +21,22 @@ class NotificationSettingsController < ApplicationController private + def find_resource + resource = + if params[:project].present? + Project.find(params[:project][:id]) + elsif params[:namespace].present? + Group.find(params[:namespace][:id]) + end + end + + def can_read?(resource) + ability_name = resource.class.name.downcase + ability_name = "read_#{ability_name}".to_sym + + can?(current_user, ability_name, resource) + end + def render_response render json: { html: view_to_html_string("shared/notifications/_button", notification_setting: @notification_setting), |