diff options
| author | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-09-26 10:28:43 +0300 |
|---|---|---|
| committer | Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com> | 2013-09-26 10:28:43 +0300 |
| commit | 02cf9aa6873c4c2e35dfedc8d4c6ad375bd8a219 (patch) | |
| tree | 68ff59db63fe1b4bf31c10223bb74754fc0402a8 | |
| parent | 8674e1c22704e89ea030c9e38c296cae735610ee (diff) | |
| download | gitlab-ce-02cf9aa6873c4c2e35dfedc8d4c6ad375bd8a219.tar.gz | |
Group owner or admin can remove other group owners
| -rw-r--r-- | app/controllers/users_groups_controller.rb | 2 | ||||
| -rw-r--r-- | app/views/users_groups/_users_group.html.haml | 4 |
2 files changed, 3 insertions, 3 deletions
diff --git a/app/controllers/users_groups_controller.rb b/app/controllers/users_groups_controller.rb index df13b86fdcd..749da1e1413 100644 --- a/app/controllers/users_groups_controller.rb +++ b/app/controllers/users_groups_controller.rb @@ -19,7 +19,7 @@ class UsersGroupsController < ApplicationController def destroy @users_group = @group.users_groups.find(params[:id]) - @users_group.destroy unless @users_group.user == @group.owner + @users_group.destroy respond_to do |format| format.html { redirect_to members_group_path(@group), notice: 'User was successfully removed from group.' } diff --git a/app/views/users_groups/_users_group.html.haml b/app/views/users_groups/_users_group.html.haml index c8d306838f7..5cdb5bb8c40 100644 --- a/app/views/users_groups/_users_group.html.haml +++ b/app/views/users_groups/_users_group.html.haml @@ -10,7 +10,7 @@ %span.pull-right %strong= member.human_access - - if show_controls && user != @group.owner && user != current_user + - if show_controls && can?(current_user, :manage_group, @group) && current_user != user = link_to '#', class: "btn-tiny btn js-toggle-button", title: 'Edit access level' do %i.icon-edit = link_to group_users_group_path(@group, member), confirm: remove_user_from_group_message(@group, user), method: :delete, remote: true, class: "btn-tiny btn btn-remove", title: 'Remove user from group' do @@ -20,4 +20,4 @@ = form_for [@group, member], remote: true do |f| .alert.prepend-top-20 = f.select :group_access, options_for_select(UsersGroup.group_access_roles, member.group_access) - = f.submit 'Save', class: 'btn btn-save' + = f.submit 'Save', class: 'btn btn-save btn-small' |