Ensure group/project owners can see their members' access_level
When you are the last owner of a group or the owner of a project, you don't have the :update_<source>_member / :destroy_<source>_member abilities, but you do have the :admin_<source>_member so you should be able to see your members access levels. Signed-off-by: Rémy Coutable <remy@rymai.me>
This commit is contained in:
parent
b2dc917601
commit
e71ce77e39
|
@ -6,6 +6,12 @@ module MembersHelper
|
||||||
"#{action}_#{member.type.underscore}".to_sym
|
"#{action}_#{member.type.underscore}".to_sym
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def default_show_roles(member)
|
||||||
|
can?(current_user, action_member_permission(:update, member), member) ||
|
||||||
|
can?(current_user, action_member_permission(:destroy, member), member) ||
|
||||||
|
can?(current_user, action_member_permission(:admin, member), member.source)
|
||||||
|
end
|
||||||
|
|
||||||
def remove_member_message(member, user: nil)
|
def remove_member_message(member, user: nil)
|
||||||
user = current_user if defined?(current_user)
|
user = current_user if defined?(current_user)
|
||||||
|
|
||||||
|
|
|
@ -1,5 +1,4 @@
|
||||||
- default_show_roles = can?(current_user, action_member_permission(:update, member), member) || can?(current_user, action_member_permission(:destroy, member), member)
|
- show_roles = local_assigns.fetch(:show_roles, default_show_roles(member))
|
||||||
- show_roles = local_assigns.fetch(:show_roles, default_show_roles)
|
|
||||||
- show_controls = local_assigns.fetch(:show_controls, true)
|
- show_controls = local_assigns.fetch(:show_controls, true)
|
||||||
- user = member.user
|
- user = member.user
|
||||||
|
|
||||||
|
|
|
@ -9,6 +9,54 @@ describe MembersHelper do
|
||||||
it { expect(action_member_permission(:admin, group_member)).to eq :admin_group_member }
|
it { expect(action_member_permission(:admin, group_member)).to eq :admin_group_member }
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe '#default_show_roles' do
|
||||||
|
let(:user) { double }
|
||||||
|
let(:member) { build(:project_member) }
|
||||||
|
|
||||||
|
before do
|
||||||
|
allow(helper).to receive(:current_user).and_return(user)
|
||||||
|
allow(helper).to receive(:can?).with(user, :update_project_member, member).and_return(false)
|
||||||
|
allow(helper).to receive(:can?).with(user, :destroy_project_member, member).and_return(false)
|
||||||
|
allow(helper).to receive(:can?).with(user, :admin_project_member, member.source).and_return(false)
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when the current cannot update, destroy or admin the passed member' do
|
||||||
|
it 'returns false' do
|
||||||
|
expect(helper.default_show_roles(member)).to be_falsy
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when the current can update the passed member' do
|
||||||
|
before do
|
||||||
|
allow(helper).to receive(:can?).with(user, :update_project_member, member).and_return(true)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'returns true' do
|
||||||
|
expect(helper.default_show_roles(member)).to be_truthy
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when the current can destroy the passed member' do
|
||||||
|
before do
|
||||||
|
allow(helper).to receive(:can?).with(user, :destroy_project_member, member).and_return(true)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'returns true' do
|
||||||
|
expect(helper.default_show_roles(member)).to be_truthy
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when the current can admin the passed member source' do
|
||||||
|
before do
|
||||||
|
allow(helper).to receive(:can?).with(user, :admin_project_member, member.source).and_return(true)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'returns true' do
|
||||||
|
expect(helper.default_show_roles(member)).to be_truthy
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
describe '#remove_member_message' do
|
describe '#remove_member_message' do
|
||||||
let(:requester) { build(:user) }
|
let(:requester) { build(:user) }
|
||||||
let(:project) { create(:project) }
|
let(:project) { create(:project) }
|
||||||
|
|
Loading…
Reference in New Issue