diff --git a/src/main/scala/app/IssuesController.scala b/src/main/scala/app/IssuesController.scala index c8a1dbd..9b6fab5 100644 --- a/src/main/scala/app/IssuesController.scala +++ b/src/main/scala/app/IssuesController.scala @@ -79,6 +79,7 @@ (getCollaborators(owner, repository) :+ owner).sorted, getMilestones(owner, repository), getLabels(owner, repository), + hasWritePermission(owner, repository, context.loginAccount), _) } getOrElse NotFound }) @@ -110,15 +111,12 @@ val owner = params("owner") val repository = params("repository") val issueId = params("id").toInt - val writable = hasWritePermission(owner, repository, context.loginAccount) getIssue(owner, repository, issueId.toString).map { issue => - if(writable || issue.openedUserName == context.loginAccount.get.userName){ + if(hasWritePermission(owner, repository, context.loginAccount) || issue.openedUserName == context.loginAccount.get.userName){ updateIssue(owner, repository, issueId, form.title, form.content) redirect("/%s/%s/issues/_data/%d".format(owner, repository, issueId)) - } else { - Unauthorized - } + } else Unauthorized } getOrElse NotFound }) @@ -139,50 +137,55 @@ val owner = params("owner") val repository = params("repository") val commentId = params("id").toInt - val writable = hasWritePermission(owner, repository, context.loginAccount) getComment(commentId.toString).map { comment => - if(writable || comment.commentedUserName == context.loginAccount.get.userName){ + if(hasWritePermission(owner, repository, context.loginAccount) || comment.commentedUserName == context.loginAccount.get.userName){ updateComment(commentId, form.content) redirect("/%s/%s/issue_comments/_data/%d".format(owner, repository, commentId)) - } else { - Unauthorized - } + } else Unauthorized } getOrElse NotFound }) - // TODO Authenticator - ajaxGet("/:owner/:repository/issues/_data/:id"){ - getIssue(params("owner"), params("repository"), params("id")) map { x => - params.get("dataType") collect { - case t if t == "html" => issues.html.editissue( - x.title, x.content, x.issueId, x.userName, x.repositoryName) - } getOrElse { - contentType = formats("json") - org.json4s.jackson.Serialization.write( - Map("title" -> x.title, - "content" -> view.Markdown.toHtml(x.content getOrElse "No description given.", - getRepository(x.userName, x.repositoryName, baseUrl).get, false, true, true) - )) - } - } getOrElse NotFound - } + ajaxGet("/:owner/:repository/issues/_data/:id")(readableUsersOnly { + val owner = params("owner") + val repository = params("repository") - // TODO Authenticator - ajaxGet("/:owner/:repository/issue_comments/_data/:id"){ - getComment(params("id")) map { x => - params.get("dataType") collect { - case t if t == "html" => issues.html.editcomment( - x.content, x.commentId, x.userName, x.repositoryName) - } getOrElse { - contentType = formats("json") - org.json4s.jackson.Serialization.write( - Map("content" -> view.Markdown.toHtml(x.content, - getRepository(x.userName, x.repositoryName, baseUrl).get, false, true, true) - )) - } + getIssue(params("owner"), params("repository"), params("id")) map { x => + if(hasWritePermission(owner, repository, context.loginAccount) || x.openedUserName == context.loginAccount.get.userName){ + params.get("dataType") collect { + case t if t == "html" => issues.html.editissue( + x.title, x.content, x.issueId, x.userName, x.repositoryName) + } getOrElse { + contentType = formats("json") + org.json4s.jackson.Serialization.write( + Map("title" -> x.title, + "content" -> view.Markdown.toHtml(x.content getOrElse "No description given.", + getRepository(x.userName, x.repositoryName, baseUrl).get, false, true, true) + )) + } + } else Unauthorized } getOrElse NotFound - } + }) + + ajaxGet("/:owner/:repository/issue_comments/_data/:id")(readableUsersOnly { + val owner = params("owner") + val repository = params("repository") + + getComment(params("id")) map { x => + if(hasWritePermission(owner, repository, context.loginAccount) || x.commentedUserName == context.loginAccount.get.userName){ + params.get("dataType") collect { + case t if t == "html" => issues.html.editcomment( + x.content, x.commentId, x.userName, x.repositoryName) + } getOrElse { + contentType = formats("json") + org.json4s.jackson.Serialization.write( + Map("content" -> view.Markdown.toHtml(x.content, + getRepository(x.userName, x.repositoryName, baseUrl).get, false, true, true) + )) + } + } else Unauthorized + } getOrElse NotFound + }) ajaxPost("/:owner/:repository/issues/:id/label/new")(collaboratorsOnly { val owner = params("owner") diff --git a/src/main/twirl/issues/create.scala.html b/src/main/twirl/issues/create.scala.html index 8beff73..74356e6 100644 --- a/src/main/twirl/issues/create.scala.html +++ b/src/main/twirl/issues/create.scala.html @@ -1,6 +1,7 @@ @(collaborators: List[String], milestones: List[model.Milestone], labels: List[model.Label], + hasWritePermission: Boolean, repository: service.RepositoryService.RepositoryInfo)(implicit context: app.Context) @import context._ @import view.helpers._ @@ -16,22 +17,26 @@
No one is assigned - - @helper.html.dropdown { -
  • Clear assignee
    • -
  • - @collaborators.map { collaborator => -
  • @collaborator
    • + @if(hasWritePermission){ + + @helper.html.dropdown { +
  • Clear assignee
    • +
  • + @collaborators.map { collaborator => +
  • @collaborator
    • + } } }
    No milestone - - @helper.html.dropdown { -
  • No milestone
    • -
  • - @milestones.map { milestone => -
  • @milestone.title
    • + @if(hasWritePermission){ + + @helper.html.dropdown { +
  • No milestone
    • +
  • + @milestones.map { milestone => +
  • @milestone.title
    • + } } }
    @@ -43,22 +48,24 @@
    - Add Labels -
    -
    - - + @if(hasWritePermission){ + Add Labels +
    +
    + + +
    -
    + }