Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Tatuya Kamada
gitlab-ce
Commits
16a0a4ae
Commit
16a0a4ae
authored
Jun 26, 2014
by
Dmitriy Zaporozhets
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Note strong_params
Signed-off-by:
Dmitriy Zaporozhets
<
dmitriy.zaporozhets@gmail.com
>
parent
98ba075c
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
9 additions
and
4 deletions
+9
-4
app/controllers/projects/notes_controller.rb
app/controllers/projects/notes_controller.rb
+9
-2
app/models/note.rb
app/models/note.rb
+0
-2
No files found.
app/controllers/projects/notes_controller.rb
View file @
16a0a4ae
...
@@ -21,7 +21,7 @@ class Projects::NotesController < Projects::ApplicationController
...
@@ -21,7 +21,7 @@ class Projects::NotesController < Projects::ApplicationController
end
end
def
create
def
create
@note
=
Notes
::
CreateService
.
new
(
project
,
current_user
,
params
[
:note
]
).
execute
@note
=
Notes
::
CreateService
.
new
(
project
,
current_user
,
note_params
).
execute
respond_to
do
|
format
|
respond_to
do
|
format
|
format
.
json
{
render_note_json
(
@note
)
}
format
.
json
{
render_note_json
(
@note
)
}
...
@@ -30,7 +30,7 @@ class Projects::NotesController < Projects::ApplicationController
...
@@ -30,7 +30,7 @@ class Projects::NotesController < Projects::ApplicationController
end
end
def
update
def
update
note
.
update_attributes
(
params
[
:note
]
)
note
.
update_attributes
(
note_params
)
note
.
reset_events_cache
note
.
reset_events_cache
respond_to
do
|
format
|
respond_to
do
|
format
|
...
@@ -109,4 +109,11 @@ class Projects::NotesController < Projects::ApplicationController
...
@@ -109,4 +109,11 @@ class Projects::NotesController < Projects::ApplicationController
def
authorize_admin_note!
def
authorize_admin_note!
return
access_denied!
unless
can?
(
current_user
,
:admin_note
,
note
)
return
access_denied!
unless
can?
(
current_user
,
:admin_note
,
note
)
end
end
def
note_params
params
.
require
(
:note
).
permit
(
:note
,
:noteable
,
:noteable_id
,
:noteable_type
,
:project_id
,
:attachment
,
:line_code
,
:commit_id
)
end
end
end
app/models/note.rb
View file @
16a0a4ae
...
@@ -25,8 +25,6 @@ class Note < ActiveRecord::Base
...
@@ -25,8 +25,6 @@ class Note < ActiveRecord::Base
default_value_for
:system
,
false
default_value_for
:system
,
false
#attr_accessible :note, :noteable, :noteable_id, :noteable_type, :project_id,
#:attachment, :line_code, :commit_id
attr_mentionable
:note
attr_mentionable
:note
belongs_to
:project
belongs_to
:project
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment