class NotesController < ApplicationController
  before_filter :project

  # Authorize
  before_filter :add_project_abilities

  before_filter :authorize_read_note!
  before_filter :authorize_write_note!, :only => [:create]

  respond_to :js

  def index
    notes
    respond_with(@notes)
  end

  def create
    @note = @project.notes.new(params[:note])
    @note.author = current_user
    @note.notify = true if params[:notify] == '1'
    @note.notify_author = true if params[:notify_author] == '1'
    @note.save

    respond_to do |format|
      format.html {redirect_to :back}
      format.js
    end
  end

  def destroy
    @note = @project.notes.find(params[:id])
    return access_denied! unless can?(current_user, :admin_note, @note)
    @note.destroy

    respond_to do |format|
      format.js { render :nothing => true }
    end
  end

  protected 

  def notes
    @notes = case params[:target_type]
             when "commit" 
               then project.commit_notes(project.commit((params[:target_id]))).fresh.limit(20)
             when "snippet"
               then  project.snippets.find(params[:target_id]).notes
             when "wall"
               then project.common_notes.order("created_at DESC").fresh.limit(50)
             when "issue"
               then project.issues.find(params[:target_id]).notes.inc_author.order("created_at DESC").limit(20)
             when "merge_request"
               then project.merge_requests.find(params[:target_id]).notes.inc_author.order("created_at DESC").limit(20)
             end

    @notes = if params[:last_id]
               @notes.where("id > ?", params[:last_id])
             elsif params[:first_id]
               @notes.where("id < ?", params[:first_id])
             else 
               @notes
             end
  end
end