From e71ce77e39837f3e18403ceb07d27a0497b7196c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9my=20Coutable?= <remy@rymai.me>
Date: Fri, 17 Jun 2016 10:34:37 +0200
Subject: [PATCH] Ensure group/project owners can see their members'
access_level
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
When you are the last owner of a group or the owner of a project,
you don't have the :update_<source>_member / :destroy_<source>_member
abilities, but you do have the :admin_<source>_member so you should
be able to see your members access levels.
Signed-off-by: Rémy Coutable <remy@rymai.me>
---
app/helpers/members_helper.rb | 6 +++
app/views/shared/members/_member.html.haml | 3 +-
spec/helpers/members_helper_spec.rb | 48 ++++++++++++++++++++++
3 files changed, 55 insertions(+), 2 deletions(-)
diff --git a/app/helpers/members_helper.rb b/app/helpers/members_helper.rb
index 877c77050be..3897cfa2e10 100644
--- a/app/helpers/members_helper.rb
+++ b/app/helpers/members_helper.rb
@@ -6,6 +6,12 @@ module MembersHelper
"#{action}_#{member.type.underscore}".to_sym
end
+ def default_show_roles(member)
+ can?(current_user, action_member_permission(:update, member), member) ||
+ can?(current_user, action_member_permission(:destroy, member), member) ||
+ can?(current_user, action_member_permission(:admin, member), member.source)
+ end
+
def remove_member_message(member, user: nil)
user = current_user if defined?(current_user)
diff --git a/app/views/shared/members/_member.html.haml b/app/views/shared/members/_member.html.haml
index 0191814849a..a884e78e6e7 100644
--- a/app/views/shared/members/_member.html.haml
+++ b/app/views/shared/members/_member.html.haml
@@ -1,5 +1,4 @@
-- default_show_roles = can?(current_user, action_member_permission(:update, member), member) || can?(current_user, action_member_permission(:destroy, member), member)
-- show_roles = local_assigns.fetch(:show_roles, default_show_roles)
+- show_roles = local_assigns.fetch(:show_roles, default_show_roles(member))
- show_controls = local_assigns.fetch(:show_controls, true)
- user = member.user
diff --git a/spec/helpers/members_helper_spec.rb b/spec/helpers/members_helper_spec.rb
index 7998209b7b0..f75fdb739f6 100644
--- a/spec/helpers/members_helper_spec.rb
+++ b/spec/helpers/members_helper_spec.rb
@@ -9,6 +9,54 @@ describe MembersHelper do
it { expect(action_member_permission(:admin, group_member)).to eq :admin_group_member }
end
+ describe '#default_show_roles' do
+ let(:user) { double }
+ let(:member) { build(:project_member) }
+
+ before do
+ allow(helper).to receive(:current_user).and_return(user)
+ allow(helper).to receive(:can?).with(user, :update_project_member, member).and_return(false)
+ allow(helper).to receive(:can?).with(user, :destroy_project_member, member).and_return(false)
+ allow(helper).to receive(:can?).with(user, :admin_project_member, member.source).and_return(false)
+ end
+
+ context 'when the current cannot update, destroy or admin the passed member' do
+ it 'returns false' do
+ expect(helper.default_show_roles(member)).to be_falsy
+ end
+ end
+
+ context 'when the current can update the passed member' do
+ before do
+ allow(helper).to receive(:can?).with(user, :update_project_member, member).and_return(true)
+ end
+
+ it 'returns true' do
+ expect(helper.default_show_roles(member)).to be_truthy
+ end
+ end
+
+ context 'when the current can destroy the passed member' do
+ before do
+ allow(helper).to receive(:can?).with(user, :destroy_project_member, member).and_return(true)
+ end
+
+ it 'returns true' do
+ expect(helper.default_show_roles(member)).to be_truthy
+ end
+ end
+
+ context 'when the current can admin the passed member source' do
+ before do
+ allow(helper).to receive(:can?).with(user, :admin_project_member, member.source).and_return(true)
+ end
+
+ it 'returns true' do
+ expect(helper.default_show_roles(member)).to be_truthy
+ end
+ end
+ end
+
describe '#remove_member_message' do
let(:requester) { build(:user) }
let(:project) { create(:project) }
--
GitLab