##// END OF EJS Templates
jro_apps » redmine
RSS
Use :only instead of :except option in IssueRelationsController filters....
Jean-Philippe Lang -
r13324:e111e2bc387e
parent child
Show More
Side by Side Unified
Context file:
r13324:e111e2bc387e Loading diff...:
Show file before | Show file after | Hide comments
@@ -1,90 +1,92
1 1 # Redmine - project management software
2 2 # Copyright (C) 2006-2014 Jean-Philippe Lang
3 3 #
4 4 # This program is free software; you can redistribute it and/or
5 5 # modify it under the terms of the GNU General Public License
6 6 # as published by the Free Software Foundation; either version 2
7 7 # of the License, or (at your option) any later version.
8 8 #
9 9 # This program is distributed in the hope that it will be useful,
10 10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 12 # GNU General Public License for more details.
13 13 #
14 14 # You should have received a copy of the GNU General Public License
15 15 # along with this program; if not, write to the Free Software
16 16 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
17 17
18 18 class IssueRelationsController < ApplicationController
19 before_filter :find_issue, :find_project_from_association, :authorize, :only => [:index, :create]
20 before_filter :find_relation, :except => [:index, :create]
19 before_filter :find_issue, :authorize, :only => [:index, :create]
20 before_filter :find_relation, :only => [:show, :destroy]
21 21
22 22 accept_api_auth :index, :show, :create, :destroy
23 23
24 24 def index
25 25 @relations = @issue.relations
26 26
27 27 respond_to do |format|
28 28 format.html { render :nothing => true }
29 29 format.api
30 30 end
31 31 end
32 32
33 33 def show
34 34 raise Unauthorized unless @relation.visible?
35 35
36 36 respond_to do |format|
37 37 format.html { render :nothing => true }
38 38 format.api
39 39 end
40 40 end
41 41
42 42 def create
43 43 @relation = IssueRelation.new(params[:relation])
44 44 @relation.issue_from = @issue
45 45 if params[:relation] && m = params[:relation][:issue_to_id].to_s.strip.match(/^#?(\d+)$/)
46 46 @relation.issue_to = Issue.visible.find_by_id(m[1].to_i)
47 47 end
48 48 @relation.init_journals(User.current)
49 49 saved = @relation.save
50 50
51 51 respond_to do |format|
52 52 format.html { redirect_to issue_path(@issue) }
53 53 format.js {
54 54 @relations = @issue.reload.relations.select {|r| r.other_issue(@issue) && r.other_issue(@issue).visible? }
55 55 }
56 56 format.api {
57 57 if saved
58 58 render :action => 'show', :status => :created, :location => relation_url(@relation)
59 59 else
60 60 render_validation_errors(@relation)
61 61 end
62 62 }
63 63 end
64 64 end
65 65
66 66 def destroy
67 67 raise Unauthorized unless @relation.deletable?
68 68 @relation.init_journals(User.current)
69 69 @relation.destroy
70 70
71 71 respond_to do |format|
72 72 format.html { redirect_to issue_path(@relation.issue_from) }
73 73 format.js
74 74 format.api { render_api_ok }
75 75 end
76 76 end
77 77
78 private
78 private
79
79 80 def find_issue
80 @issue = @object = Issue.find(params[:issue_id])
81 @issue = Issue.find(params[:issue_id])
82 @project = @issue.project
81 83 rescue ActiveRecord::RecordNotFound
82 84 render_404
83 85 end
84 86
85 87 def find_relation
86 88 @relation = IssueRelation.find(params[:id])
87 89 rescue ActiveRecord::RecordNotFound
88 90 render_404
89 91 end
90 92 end
General Comments 0
You need to be logged in to leave comments. Login now