From d3449ac9f04fdd34112b1e099e57983177fd3c72 Mon Sep 17 00:00:00 2001 From: Fabrice Bellingard Date: Thu, 22 Dec 2011 15:04:29 +0100 Subject: [PATCH] SONAR-2662 Display review detail in the context of the project --- .../controllers/project_reviews_controller.rb | 239 ++++++++++++++++++ .../app/controllers/reviews_controller.rb | 209 +-------------- .../widgets/reviews/_reviews_list.html.erb | 2 +- .../_action_plan_form.html.erb | 0 .../_assign_form.html.erb | 0 .../_change_severity_form.html.erb | 0 .../_change_status_form.html.erb | 0 .../_comment_form.html.erb | 0 .../_false_positive_form.html.erb | 0 .../_review.html.erb | 16 +- .../app/views/project_reviews/_view.html.erb | 3 + .../WEB-INF/app/views/reviews/_view.html.erb | 3 - 12 files changed, 255 insertions(+), 217 deletions(-) rename sonar-server/src/main/webapp/WEB-INF/app/views/{reviews => project_reviews}/_action_plan_form.html.erb (100%) rename sonar-server/src/main/webapp/WEB-INF/app/views/{reviews => project_reviews}/_assign_form.html.erb (100%) rename sonar-server/src/main/webapp/WEB-INF/app/views/{reviews => project_reviews}/_change_severity_form.html.erb (100%) rename sonar-server/src/main/webapp/WEB-INF/app/views/{reviews => project_reviews}/_change_status_form.html.erb (100%) rename sonar-server/src/main/webapp/WEB-INF/app/views/{reviews => project_reviews}/_comment_form.html.erb (100%) rename sonar-server/src/main/webapp/WEB-INF/app/views/{reviews => project_reviews}/_false_positive_form.html.erb (100%) rename sonar-server/src/main/webapp/WEB-INF/app/views/{reviews => project_reviews}/_review.html.erb (87%) create mode 100644 sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_view.html.erb delete mode 100644 sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_view.html.erb diff --git a/sonar-server/src/main/webapp/WEB-INF/app/controllers/project_reviews_controller.rb b/sonar-server/src/main/webapp/WEB-INF/app/controllers/project_reviews_controller.rb index d0ad9ee6037..644c2fa0bfb 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/controllers/project_reviews_controller.rb +++ b/sonar-server/src/main/webapp/WEB-INF/app/controllers/project_reviews_controller.rb @@ -22,6 +22,12 @@ class ProjectReviewsController < ApplicationController SECTION=Navigation::SECTION_RESOURCE + verify :method => :post, + :only => [:assign, :flag_as_false_positive, :save_comment, :delete_comment, :change_status, + :link_to_action_plan, :unlink_from_action_plan], + :redirect_to => {:action => :error_not_post} + helper SourceHelper, UsersHelper + def index @project=Project.by_key(params[:projects]) not_found("Project not found") unless @project @@ -33,5 +39,238 @@ class ProjectReviewsController < ApplicationController @security_exclusions = true end end + + + # Used for the permalink, e.g. http://localhost:9000/project_reviews/view/1 + def view + @review = Review.find(params[:id], :include => ['project']) + @resource = @review.project + if has_role?(:user, @review.project) + render 'project_reviews/_view', :locals => {:review => @review} + else + render :text => "Cannot access this review : access denied." + end + end + + + # + # + # ACTIONS FROM REVIEW SERVICE PAGE + # + # + + def show + @review = Review.find(params[:id], :include => ['project']) + @resource = @review.project + if has_role?(:user, @resource) + render :partial => 'project_reviews/view' + else + render :text => "access denied" + end + end + + # GET + def assign_form + @review = Review.find(params[:id]) + render :partial => "assign_form" + end + + # POST + def assign + @review = Review.find(params[:id], :include => ['project']) + @resource = @review.project + unless has_rights_to_modify?(@resource) + render :text => "Cannot edit the review : access denied." + return + end + + assignee = nil + if params[:me]=='true' + assignee = current_user + + elsif params[:assignee_login].present? + assignee = findUserByLogin(params[:assignee_login]) + end + + @review.reassign(current_user, assignee, params) + render :partial => 'project_reviews/view' + end + + # GET + def comment_form + @review = Review.find(params[:id]) + if !params[:comment_id].blank? && @review + @comment = @review.comments.find(params[:comment_id]) + end + render :partial => 'project_reviews/comment_form' + end + + # POST + def save_comment + @review = Review.find(params[:id], :include => ['project']) + @resource = @review.project + unless has_rights_to_modify?(@resource) + render :text => "Cannot create the comment : access denied." + return + end + + unless params[:text].blank? + if params[:comment_id] + @review.edit_comment(current_user, params[:comment_id].to_i, params[:text]) + else + @review.create_comment(:user => current_user, :text => params[:text]) + end + end + + render :partial => "project_reviews/view" + end + + # GET + def false_positive_form + @review = Review.find(params[:id]) + render :partial => 'project_reviews/false_positive_form' + end + + # POST + def flag_as_false_positive + @review = Review.find(params[:id], :include => ['project']) + @resource = @review.project + unless has_rights_to_modify?(@resource) + render :text => "Cannot create the comment : access denied." + return + end + + @review.set_false_positive(params[:false_positive]=='true', current_user, params) + render :partial => "project_reviews/view" + end + + # POST + def delete_comment + @review = Review.find(params[:id], :include => ['project']) + @resource = @review.project + unless has_rights_to_modify?(@resource) + render :text => "Cannot delete the comment : access denied." + return + end + + if @review + @review.delete_comment(current_user, params[:comment_id].to_i) + end + render :partial => "project_reviews/view" + end + + def change_status_form + @review = Review.find(params[:id]) + render :partial => 'project_reviews/change_status_form' + end + + # POST + def change_status + @review = Review.find(params[:id], :include => ['project']) + @resource = @review.project + unless has_rights_to_modify?(@resource) + render :text => "Cannot change the status : access denied." + return + end + + if @review.resolved? + @review.reopen(current_user, params) + else + # for the moment, if a review is not open, it can only be "RESOLVED" + @review.resolve(current_user, params) + end + + render :partial => "project_reviews/view" + end + + # GET + def change_severity_form + render :partial => 'project_reviews/change_severity_form' + end + + # POST + def change_severity + @review=Review.find(params[:id], :include => 'project') + @resource = @review.project + unless has_rights_to_modify?(@resource) + render :text => "Cannot change severity : access denied." + return + end + + @review.set_severity(params[:severity], current_user, params) + render :partial => "project_reviews/review" + end + + # GET + def action_plan_form + @review = Review.find(params[:id]) + @action_plans = ActionPlan.open_by_project_id(@review.project_id) + render :partial => 'project_reviews/action_plan_form' + end + + # POST + def link_to_action_plan + @review = Review.find(params[:id]) + @resource = @review.project + unless has_rights_to_modify?(@resource) + render :text => "Cannot link to action plan : access denied." + return + end + + action_plan = params[:action_plan_id].to_i==-1 ? nil : ActionPlan.find(params[:action_plan_id]) + @review.link_to_action_plan(action_plan, current_user, params) + + render :partial => "project_reviews/review" + end + + # POST + def unlink_from_action_plan + @review = Review.find(params[:id]) + @resource = @review.project + unless has_rights_to_modify?(@resource) + render :text => "Cannot link to action plan : access denied." + return + end + + @review.link_to_action_plan(nil, current_user, params) + + render :partial => "project_reviews/review" + end + + + # + # + # ACTIONS FROM THE REVIEW WIDGETS + # + # + + # GET + def widget_reviews_list + @snapshot = Snapshot.find(params[:snapshot_id]) + unless @snapshot && has_role?(:user, @snapshot) + render :text => "Cannot access the reviews of this project: access denied." + return + end + + @dashboard_configuration=Api::DashboardConfiguration.new(nil, :period_index => params[:period], :snapshot => @snapshot) + render :partial => 'project/widgets/reviews/reviews_list' + end + + + + ## -------------- PRIVATE -------------- ## + private + + def findUserByLogin(login) + User.find(:first, :conditions => ["login = ?", login]) + end + + def has_rights_to_modify?(object) + current_user && has_role?(:user, object) + end + + def error_not_post + render :text => "Create actions must use POST method." + end end diff --git a/sonar-server/src/main/webapp/WEB-INF/app/controllers/reviews_controller.rb b/sonar-server/src/main/webapp/WEB-INF/app/controllers/reviews_controller.rb index bdcac759ba3..fe933cb062c 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/controllers/reviews_controller.rb +++ b/sonar-server/src/main/webapp/WEB-INF/app/controllers/reviews_controller.rb @@ -23,9 +23,7 @@ class ReviewsController < ApplicationController SECTION=Navigation::SECTION_HOME verify :method => :post, - :only => [:assign, :flag_as_false_positive, :save_comment, :delete_comment, :change_status, - :link_to_action_plan, :unlink_from_action_plan, - :violation_assign, :violation_flag_as_false_positive, :violation_change_severity, + :only => [:violation_assign, :violation_flag_as_false_positive, :violation_change_severity, :violation_save_comment, :violation_delete_comment, :violation_change_status, :violation_link_to_action_plan, :violation_unlink_from_action_plan], :redirect_to => {:action => :error_not_post} @@ -36,190 +34,10 @@ class ReviewsController < ApplicationController search_reviews() end - # Used for the permalink, e.g. http://localhost:9000/reviews/view/1 + # Used for the "OLD" permalink "http://localhost:9000/reviews/view/1" + # => Since Sonar 2.13, permalinks are "http://localhost:9000/project_reviews/view/1" and are displayed in the context of the project def view - @review = Review.find(params[:id], :include => ['project']) - if has_role?(:user, @review.project) - render 'reviews/_view', :locals => {:review => @review} - else - render :text => "Cannot access this review : access denied." - end - end - - - # - # - # ACTIONS FROM REVIEW SERVICE PAGE - # - # - - def show - @review = Review.find(params[:id], :include => ['project']) - if has_role?(:user, @review.project) - render :partial => 'reviews/view' - else - render :text => "access denied" - end - end - - # GET - def assign_form - @review = Review.find(params[:id]) - render :partial => "assign_form" - end - - # POST - def assign - @review = Review.find(params[:id], :include => ['project']) - unless has_rights_to_modify?(@review.project) - render :text => "Cannot edit the review : access denied." - return - end - - assignee = nil - if params[:me]=='true' - assignee = current_user - - elsif params[:assignee_login].present? - assignee = findUserByLogin(params[:assignee_login]) - end - - @review.reassign(current_user, assignee, params) - render :partial => 'reviews/view' - end - - # GET - def comment_form - @review = Review.find(params[:id]) - if !params[:comment_id].blank? && @review - @comment = @review.comments.find(params[:comment_id]) - end - render :partial => 'reviews/comment_form' - end - - # POST - def save_comment - @review = Review.find(params[:id], :include => ['project']) - unless has_rights_to_modify?(@review.project) - render :text => "Cannot create the comment : access denied." - return - end - - unless params[:text].blank? - if params[:comment_id] - @review.edit_comment(current_user, params[:comment_id].to_i, params[:text]) - else - @review.create_comment(:user => current_user, :text => params[:text]) - end - end - - render :partial => "reviews/view" - end - - # GET - def false_positive_form - @review = Review.find(params[:id]) - render :partial => 'reviews/false_positive_form' - end - - # POST - def flag_as_false_positive - @review = Review.find(params[:id], :include => ['project']) - unless has_rights_to_modify?(@review.project) - render :text => "Cannot create the comment : access denied." - return - end - - @review.set_false_positive(params[:false_positive]=='true', current_user, params) - render :partial => "reviews/view" - end - - # POST - def delete_comment - @review = Review.find(params[:id], :include => ['project']) - unless has_rights_to_modify?(@review.project) - render :text => "Cannot delete the comment : access denied." - return - end - - if @review - @review.delete_comment(current_user, params[:comment_id].to_i) - end - render :partial => "reviews/view" - end - - def change_status_form - @review = Review.find(params[:id]) - render :partial => 'reviews/change_status_form' - end - - # POST - def change_status - @review = Review.find(params[:id], :include => ['project']) - unless has_rights_to_modify?(@review.project) - render :text => "Cannot change the status : access denied." - return - end - - if @review.resolved? - @review.reopen(current_user, params) - else - # for the moment, if a review is not open, it can only be "RESOLVED" - @review.resolve(current_user, params) - end - - render :partial => "reviews/view" - end - - # GET - def change_severity_form - render :partial => 'reviews/change_severity_form' - end - - # POST - def change_severity - @review=Review.find(params[:id], :include => 'project') - unless has_rights_to_modify?(@review.project) - render :text => "Cannot change severity : access denied." - return - end - - @review.set_severity(params[:severity], current_user, params) - render :partial => "reviews/review" - end - - # GET - def action_plan_form - @review = Review.find(params[:id]) - @action_plans = ActionPlan.open_by_project_id(@review.project_id) - render :partial => 'reviews/action_plan_form' - end - - # POST - def link_to_action_plan - @review = Review.find(params[:id]) - unless has_rights_to_modify?(@review.project) - render :text => "Cannot link to action plan : access denied." - return - end - - action_plan = params[:action_plan_id].to_i==-1 ? nil : ActionPlan.find(params[:action_plan_id]) - @review.link_to_action_plan(action_plan, current_user, params) - - render :partial => "reviews/review" - end - - # POST - def unlink_from_action_plan - @review = Review.find(params[:id]) - unless has_rights_to_modify?(@review.project) - render :text => "Cannot link to action plan : access denied." - return - end - - @review.link_to_action_plan(nil, current_user, params) - - render :partial => "reviews/review" + redirect_to :controller => 'project_reviews', :action => 'view', :id => params[:id] end @@ -431,25 +249,6 @@ class ReviewsController < ApplicationController end - # - # - # ACTIONS FROM THE REVIEW WIDGETS - # - # - - # GET - def widget_reviews_list - @snapshot = Snapshot.find(params[:snapshot_id]) - unless @snapshot && has_role?(:user, @snapshot) - render :text => "Cannot access the reviews of this project: access denied." - return - end - - @dashboard_configuration=Api::DashboardConfiguration.new(nil, :period_index => params[:period], :snapshot => @snapshot) - render :partial => 'project/widgets/reviews/reviews_list' - end - - ## -------------- PRIVATE -------------- ## private diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/project/widgets/reviews/_reviews_list.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/project/widgets/reviews/_reviews_list.html.erb index 20fd792cde8..c94baa77a67 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/views/project/widgets/reviews/_reviews_list.html.erb +++ b/sonar-server/src/main/webapp/WEB-INF/app/views/project/widgets/reviews/_reviews_list.html.erb @@ -48,7 +48,7 @@ if page_count page_count = 20 if page_count>20 link_params = search_options - link_params[:controller] = 'reviews' + link_params[:controller] = 'project_reviews' link_params[:action] = 'widget_reviews_list' link_params[:snapshot_id] = @snapshot.id link_params[:limit] = limit diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_action_plan_form.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_action_plan_form.html.erb similarity index 100% rename from sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_action_plan_form.html.erb rename to sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_action_plan_form.html.erb diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_assign_form.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_assign_form.html.erb similarity index 100% rename from sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_assign_form.html.erb rename to sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_assign_form.html.erb diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_change_severity_form.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_change_severity_form.html.erb similarity index 100% rename from sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_change_severity_form.html.erb rename to sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_change_severity_form.html.erb diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_change_status_form.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_change_status_form.html.erb similarity index 100% rename from sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_change_status_form.html.erb rename to sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_change_status_form.html.erb diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_comment_form.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_comment_form.html.erb similarity index 100% rename from sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_comment_form.html.erb rename to sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_comment_form.html.erb diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_false_positive_form.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_false_positive_form.html.erb similarity index 100% rename from sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_false_positive_form.html.erb rename to sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_false_positive_form.html.erb diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_review.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_review.html.erb similarity index 87% rename from sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_review.html.erb rename to sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_review.html.erb index c14286d71f9..dfae7b2a1ee 100644 --- a/sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_review.html.erb +++ b/sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_review.html.erb @@ -10,7 +10,7 @@
<% unless review.resolved? %> <%= button_to_remote message('reviews.assign'), - :url => {:controller => "reviews", :action => "assign_form", :id => review.id}, + :url => {:controller => "project_reviews", :action => "assign_form", :id => review.id}, :update => "actionForm", :complete => "$('actionButtons').remove();$('actionForm').show();" -%> @@ -20,7 +20,7 @@ if !violation_switched_off %> <%= button_to_remote (review.resolved? ? message('reviews.reopen') : message('reviews.resolved')), - :url => {:controller => "reviews", :action => "change_status_form", :id => review.id}, + :url => {:controller => "project_reviews", :action => "change_status_form", :id => review.id}, :update => "actionForm", :complete => "$('actionButtons').remove();$('actionForm').show();$('actionText').focus();" -%> @@ -28,20 +28,20 @@ <% end %> <% if review.can_change_false_positive_flag? %> <%= button_to_remote (violation_switched_off ? message('reviews.unflag_as_false_positive') : message('reviews.flag_as_false_positive')), - :url => {:controller => "reviews", :action => "false_positive_form", :id => review.id, :false_positive => !violation_switched_off}, + :url => {:controller => "project_reviews", :action => "false_positive_form", :id => review.id, :false_positive => !violation_switched_off}, :update => "actionForm", :complete => "$('actionButtons').remove();$('actionForm').show();$('actionText').focus();" -%> <% end %> <% unless review.resolved? %> <%= button_to_remote message('reviews.change_severity'), - :url => {:controller => "reviews", :action => "change_severity_form", :id => review.id}, + :url => {:controller => "project_reviews", :action => "change_severity_form", :id => review.id}, :update => "actionForm", :complete => "$('actionButtons').remove();$('actionForm').show();$('selectSeverity').focus();" -%> <% if ActionPlan.open_by_project_id(@review.project_id).size>0 %> <%= button_to_remote message('reviews.link_to_action_plan'), - :url => {:controller => "reviews", :action => "action_plan_form", :id => review.id}, + :url => {:controller => "project_reviews", :action => "action_plan_form", :id => review.id}, :update => "actionForm", :complete => "$('actionButtons').remove();$('actionForm').show();$('selectSeverity').focus();" -%> <% else %> @@ -160,13 +160,13 @@ if current_user.id == comment.user_id %> <%= link_to_remote message('edit'), - :url => {:controller => "reviews", :action => "comment_form", :comment_id => comment.id, :id => review.id}, + :url => {:controller => "project_reviews", :action => "comment_form", :comment_id => comment.id, :id => review.id}, :update => "lastComment", :complete => "$('commentAction').remove();$('editActions').hide();$('commentText').focus();" -%> <% unless comment_index == 0 %>   <%= link_to_remote message('delete'), - :url => {:controller => "reviews", :action => "delete_comment", :comment_id => comment.id, :id => review.id}, + :url => {:controller => "project_reviews", :action => "delete_comment", :comment_id => comment.id, :id => review.id}, :update => "review", :confirm => message('reviews.do_you_want_to_delete_comment') -%> <% end %> @@ -190,7 +190,7 @@ <% if current_user %> <%= button_to_remote message('reviews.comment'), { - :url => {:controller => "reviews", :action => "comment_form", :id => review.id}, + :url => {:controller => "project_reviews", :action => "comment_form", :id => review.id}, :update => "commentForm", :complete => "$('commentAction').remove();$('commentForm').show();$('commentText').focus();" }, diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_view.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_view.html.erb new file mode 100644 index 00000000000..7f4b77d1e2a --- /dev/null +++ b/sonar-server/src/main/webapp/WEB-INF/app/views/project_reviews/_view.html.erb @@ -0,0 +1,3 @@ +
+ <%= render :partial => 'project_reviews/review', :locals => {:review => @review} -%> +
diff --git a/sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_view.html.erb b/sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_view.html.erb deleted file mode 100644 index 0d749c79c56..00000000000 --- a/sonar-server/src/main/webapp/WEB-INF/app/views/reviews/_view.html.erb +++ /dev/null @@ -1,3 +0,0 @@ -
- <%= render :partial => 'reviews/review', :locals => {:review => @review} -%> -
-- 2.39.5