Added test for updating groups permissions

This commit is contained in:
Phil Hughes 2016-09-05 09:24:47 +01:00
parent 97a51817bf
commit e747626fad
3 changed files with 41 additions and 4 deletions

View file

@ -21,7 +21,7 @@ class Projects::GroupLinksController < Projects::ApplicationController
def update
@group_link = @project.project_group_links.find(params[:id])
return render_403 unless can?(current_user, :admin_group, @group_link.group)
return render_403 unless can?(current_user, :admin_project_member, @project)
@group_link.update_attributes(group_link_params)
end

View file

@ -13,11 +13,11 @@
Expires in #{distance_of_time_in_words_to_now(group_link.expires_at)}
.controls.member-controls
= form_tag namespace_project_group_link_path(@project.namespace, @project, group_link), method: :put, remote: true, class: 'form-horizontal js-edit-member-form' do
= select_tag 'group_link[group_access]', options_for_select(ProjectGroupLink.access_options, group_link.group_access), class: 'form-control member-form-control append-right-5 js-member-update-control', id: "member_access_level_#{group.id}", disabled: !can?(current_user, action_member_permission(:admin, group), group)
= select_tag 'group_link[group_access]', options_for_select(ProjectGroupLink.access_options, group_link.group_access), class: 'form-control member-form-control append-right-5 js-member-update-control', id: "member_access_level_#{group.id}", disabled: !can?(current_user, :admin_project_member, @project)
.prepend-left-5.clearable-input.member-form-control
= text_field_tag 'group_link[expires_at]', group_link.expires_at, class: 'form-control js-access-expiration-date js-member-update-control', placeholder: 'Expiration date', id: "member_expires_at_#{group.id}", disabled: !can?(current_user, action_member_permission(:admin, group), group)
= text_field_tag 'group_link[expires_at]', group_link.expires_at, class: 'form-control js-access-expiration-date js-member-update-control', placeholder: 'Expiration date', id: "member_expires_at_#{group.id}", disabled: !can?(current_user, :admin_project_member, @project)
%i.clear-icon.js-clear-input
- if can?(current_user, action_member_permission(:admin, group), group)
- if can?(current_user, :admin_project_member, @project)
= link_to namespace_project_group_link_path(@project.namespace, @project, group_link),
remote: true,
method: :delete,

View file

@ -0,0 +1,37 @@
require 'spec_helper'
feature 'Projects > Members > Anonymous user sees members', feature: true, js: true do
include WaitForAjax
let(:user) { create(:user) }
let(:group) { create(:group, :public) }
let(:project) { create(:empty_project, :public) }
background do
project.team << [user, :master]
@group_link = create(:project_group_link, project: project, group: group)
login_as(user)
visit namespace_project_project_members_path(project.namespace, project)
end
it 'updates group access level' do
select 'Guest', from: "member_access_level_#{group.id}"
wait_for_ajax
visit namespace_project_project_members_path(project.namespace, project)
expect(page).to have_select("member_access_level_#{group.id}", selected: 'Guest')
end
it 'updates expiry date' do
tomorrow = Date.today + 3
fill_in "member_expires_at_#{group.id}", with: tomorrow.strftime("%F")
wait_for_ajax
page.within(first('li.member')) do
expect(page).to have_content('Expires in 3 days')
end
end
end