diff options
Diffstat (limited to 'app/controllers/projects/releases/evidences_controller.rb')
-rw-r--r-- | app/controllers/projects/releases/evidences_controller.rb | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/app/controllers/projects/releases/evidences_controller.rb b/app/controllers/projects/releases/evidences_controller.rb new file mode 100644 index 00000000000..34e450d903f --- /dev/null +++ b/app/controllers/projects/releases/evidences_controller.rb @@ -0,0 +1,38 @@ +# frozen_string_literal: true + +module Projects + module Releases + class EvidencesController < Projects::ApplicationController + before_action :require_non_empty_project + before_action :release + before_action :authorize_read_release_evidence! + + def show + respond_to do |format| + format.json do + render json: evidence.summary + end + end + end + + private + + def authorize_read_release_evidence! + access_denied! unless Feature.enabled?(:release_evidence, project, default_enabled: true) + access_denied! unless can?(current_user, :read_release_evidence, evidence) + end + + def release + @release ||= project.releases.find_by_tag!(sanitized_tag_name) + end + + def evidence + release.evidences.find(params[:id]) + end + + def sanitized_tag_name + CGI.unescape(params[:tag]) + end + end + end +end |