From e9915cb65493f925335e92182335d173664cc099 Mon Sep 17 00:00:00 2001
From: yystopf <yystopf@163.com>
Date: Fri, 3 Sep 2021 09:37:30 +0800
Subject: [PATCH] add: change project menu authorize

---
 app/controllers/issues_controller.rb        | 6 +++++-
 app/controllers/projects_controller.rb      | 2 +-
 app/controllers/pull_requests_controller.rb | 6 +++++-
 app/controllers/versions_controller.rb      | 6 +++++-
 4 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/app/controllers/issues_controller.rb b/app/controllers/issues_controller.rb
index cfbd8a624..266d746d7 100644
--- a/app/controllers/issues_controller.rb
+++ b/app/controllers/issues_controller.rb
@@ -3,6 +3,7 @@ class IssuesController < ApplicationController
   before_action :require_profile_completed, only: [:create]
   before_action :load_project
   before_action :set_user
+  before_action :check_menu_authorize, except: [:index_chosen]
   before_action :check_issue_permission
   before_action :operate_issue_permission, only:[:create, :update, :destroy, :clean, :series_update, :copy]
   before_action :check_project_public, only: [:index ,:show, :copy, :index_chosen, :close_issue]
@@ -14,7 +15,6 @@ class IssuesController < ApplicationController
   include TagChosenHelper
 
   def index
-    return render_not_found unless @project.has_menu_permission("issues")
     @user_admin_or_member = current_user.present? && current_user.logged? && (current_user.admin || @project.member?(current_user))
     issues = @project.issues.issue_issue.issue_index_includes
     issues = issues.where(is_private: false) unless @user_admin_or_member
@@ -500,4 +500,8 @@ class IssuesController < ApplicationController
       return normal_status(-1, "您的token值不足") if JSON.parse(response.body)["balance"].to_i < params[:token].to_i
     end
   end
+
+  def check_menu_authorize
+    return render_not_found unless @project.has_menu_permission("issues")
+  end
 end
diff --git a/app/controllers/projects_controller.rb b/app/controllers/projects_controller.rb
index 02403bbd9..9b3909690 100644
--- a/app/controllers/projects_controller.rb
+++ b/app/controllers/projects_controller.rb
@@ -22,7 +22,7 @@ class ProjectsController < ApplicationController
     menu.append(menu_hash_by_name("versions")) if @project.has_menu_permission("versions")
     menu.append(menu_hash_by_name("resources")) if @project.has_menu_permission("resources")
     menu.append(menu_hash_by_name("activity"))
-    menu.append(menu_hash_by_name("setting")) if current_user.admin? || @project.manager?(current_user)
+    menu.append(menu_hash_by_name("settings")) if current_user.admin? || @project.manager?(current_user)
 
     render json: menu
   end
diff --git a/app/controllers/pull_requests_controller.rb b/app/controllers/pull_requests_controller.rb
index e1639969a..79221a665 100644
--- a/app/controllers/pull_requests_controller.rb
+++ b/app/controllers/pull_requests_controller.rb
@@ -2,6 +2,7 @@ class PullRequestsController < ApplicationController
   before_action :require_login, except: [:index, :show, :files, :commits]
   before_action :require_profile_completed, only: [:create]
   before_action :load_repository
+  before_action :check_menu_authorize
   before_action :find_pull_request, except: [:index, :new, :create, :check_can_merge,:get_branches,:create_merge_infos, :files, :commits]
   before_action :load_pull_request, only: [:files, :commits]
   include TagChosenHelper
@@ -9,7 +10,6 @@ class PullRequestsController < ApplicationController
 
 
   def index
-    return render_not_found unless @project.has_menu_permission("pulls")
     # @issues = Gitea::PullRequest::ListService.new(@user,@repository.try(:identifier)).call   #通过gitea获取
     issues = @project.issues.issue_pull_request.issue_index_includes.includes(pull_request: :user)
     issues = issues.where(is_private: false) unless current_user.present? && (current_user.admin? || @project.member?(current_user))
@@ -261,4 +261,8 @@ class PullRequestsController < ApplicationController
       status_id: 1,
     }
   end
+
+  def check_menu_authorize
+    return render_not_found unless @project.has_menu_permission("pulls")
+  end
 end
diff --git a/app/controllers/versions_controller.rb b/app/controllers/versions_controller.rb
index cf5b3b9f1..4e515db71 100644
--- a/app/controllers/versions_controller.rb
+++ b/app/controllers/versions_controller.rb
@@ -2,11 +2,11 @@ class VersionsController < ApplicationController
   before_action :require_login, except: [:index, :show]
   before_action :require_profile_completed, only: [:create]
   before_action :load_repository
+  before_action :check_menu_authorize
   before_action :check_issue_permission, except: [:show, :index]
   before_action :set_version, only: [:edit, :update, :destroy, :show,:update_status]
 
   def index
-    return render_not_found unless @project.has_menu_permission("versions")
     @user_admin_or_member = current_user.present? && (current_user.admin || @project.member?(current_user))
     status = params[:status]
     versions = @project.versions.version_includes
@@ -183,4 +183,8 @@ class VersionsController < ApplicationController
     %w(desc asc).include?(params[:order_type]) ? params[:order_type] : 'desc'
    end
 
+   def check_menu_authorize
+    return render_not_found unless @project.has_menu_permission("versions")
+   end
+
 end