TheDude
/
openproject
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Add authorization to API watchers#create

Browse Source
pull/1611/head
Till Breuer 10 years ago
parent 0e0713e19d
commit d7c7f957ac
1 changed files with 8 additions and 4 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 12
      lib/api/v3/work_packages/watchers_api.rb

12
lib/api/v3/work_packages/watchers_api.rb
Unescape View File

@ -8,13 +8,17 @@ module API
requires :user_id, desc: 'Id of the user watching the work package'
end
before do
@user = User.find params[:user_id]
end
post do
user = User.find params[:user_id]
authorize(:add_work_package_watchers, context: @work_package.project)
if @work_package.watcher_users.include?(user)
if @work_package.watcher_users.include?(@user)
status 200
else
watcher = Watcher.new(user: user, watchable: @work_package)
watcher = Watcher.new(user: @user, watchable: @work_package)
if watcher.valid?
@work_package.watchers << watcher
@ -23,7 +27,7 @@ module API
end
end
model = ::API::V3::Users::UserModel.new(user)
model = ::API::V3::Users::UserModel.new(@user)
@representer = ::API::V3::Users::UserRepresenter.new(model).to_json
end

Write Preview
Loading…
Cancel
Save