diff options
Diffstat (limited to 'app/controllers/projects/project_members_controller.rb')
-rw-r--r-- | app/controllers/projects/project_members_controller.rb | 45 |
1 files changed, 20 insertions, 25 deletions
diff --git a/app/controllers/projects/project_members_controller.rb b/app/controllers/projects/project_members_controller.rb index e7bddc4a6f1..35d067cd029 100644 --- a/app/controllers/projects/project_members_controller.rb +++ b/app/controllers/projects/project_members_controller.rb @@ -1,10 +1,12 @@ class Projects::ProjectMembersController < Projects::ApplicationController + include MembershipActions + # Authorize - before_action :authorize_admin_project_member!, except: :leave + before_action :authorize_admin_project_member!, except: [:index, :leave, :request_access] def index @project_members = @project.project_members - @project_members = @project_members.non_invite unless can?(current_user, :admin_project, @project) + @project_members = @project_members.non_pending unless can?(current_user, :admin_project, @project) if params[:search].present? users = @project.users.search(params[:search]).to_a @@ -14,9 +16,10 @@ class Projects::ProjectMembersController < Projects::ApplicationController @project_members = @project_members.order('access_level DESC') @group = @project.group + if @group @group_members = @group.group_members - @group_members = @group_members.non_invite unless can?(current_user, :admin_group, @group) + @group_members = @group_members.non_pending unless can?(current_user, :admin_group, @group) if params[:search].present? users = @group.users.search(params[:search]).to_a @@ -55,7 +58,7 @@ class Projects::ProjectMembersController < Projects::ApplicationController format.html do redirect_to namespace_project_project_members_path(@project.namespace, @project) end - format.js { render nothing: true } + format.js { head :ok } end end @@ -73,30 +76,15 @@ class Projects::ProjectMembersController < Projects::ApplicationController end end - def leave - @project_member = @project.project_members.find_by(user_id: current_user) - - if can?(current_user, :destroy_project_member, @project_member) - @project_member.destroy + def apply_import + source_project = Project.find(params[:source_project_id]) - respond_to do |format| - format.html { redirect_to dashboard_projects_path, notice: "You left the project." } - format.js { render nothing: true } - end + if can?(current_user, :read_project_member, source_project) + status = @project.team.import(source_project, current_user) + notice = status ? "Successfully imported" : "Import failed" else - if current_user == @project.owner - message = 'You can not leave your own project. Transfer or delete the project.' - redirect_back_or_default(default: { action: 'index' }, options: { alert: message }) - else - render_403 - end + return render_404 end - end - - def apply_import - giver = Project.find(params[:source_project_id]) - status = @project.team.import(giver, current_user) - notice = status ? "Successfully imported" : "Import failed" redirect_to(namespace_project_project_members_path(project.namespace, project), notice: notice) @@ -107,4 +95,11 @@ class Projects::ProjectMembersController < Projects::ApplicationController def member_params params.require(:project_member).permit(:user_id, :access_level) end + + # MembershipActions concern + alias_method :membershipable, :project + + def cannot_leave? + current_user == @project.owner + end end |