|
|
|
@@ -2,8 +2,8 @@ class Api::Pm::IssuesController < Api::Pm::BaseController |
|
|
|
before_action :require_login, except: [:index] |
|
|
|
before_action :load_project |
|
|
|
before_action :load_issue, only: %i[show update destroy] |
|
|
|
before_action :load_issues, only: [:batch_update, :batch_destroy] |
|
|
|
before_action :check_issue_operate_permission, only: [:update, :destroy] |
|
|
|
before_action :load_issues, only: %i[batch_update batch_destroy] |
|
|
|
before_action :check_issue_operate_permission, only: %i[update destroy] |
|
|
|
|
|
|
|
def index |
|
|
|
@object_result = Api::V1::Issues::ListService.call(@project, query_params, current_user) |
|
|
|
@@ -91,15 +91,9 @@ class Api::Pm::IssuesController < Api::Pm::BaseController |
|
|
|
|
|
|
|
private |
|
|
|
def check_issue_operate_permission |
|
|
|
return if params[:project_id].zero? |
|
|
|
return if params[:project_id].to_i.zero? |
|
|
|
render_forbidden('您没有操作权限!') unless @project.member?(current_user) || current_user.admin? || @issue.user == current_user |
|
|
|
end |
|
|
|
|
|
|
|
def load_issue |
|
|
|
@issue = @project.issues.issue_issue.where(pm_project_id: params[:pm_project_id]).find_by_id(params[:id]) |
|
|
|
render_not_found('疑修不存在!') if @issue.blank? |
|
|
|
end |
|
|
|
|
|
|
|
def load_issues |
|
|
|
return render_error('请输入正确的ID数组!') unless params[:ids].is_a?(Array) |
|
|
|
params[:ids].each do |id| |
|
|
|
|