diff options
| author | Douwe Maan <douwe@gitlab.com> | 2016-06-16 09:54:53 +0000 |
|---|---|---|
| committer | Douwe Maan <douwe@gitlab.com> | 2016-06-16 09:54:53 +0000 |
| commit | 077e32740c150cb4216f5ecf74229df159dceea0 (patch) | |
| tree | 5b4c2bccda21fb1847c304371634e9e11760917c | |
| parent | 5b4e99387a055b196fc89cb96b6c08e9d90e8404 (diff) | |
| parent | b21980bff48de425a3994cb3914650d06d48e486 (diff) | |
| download | gitlab-ce-077e32740c150cb4216f5ecf74229df159dceea0.tar.gz | |
Merge branch 'backport-view-condition-improvement-from-ee-460' into 'master'
Fix permission checks in member row (backport from gitlab-org/gitlab-ee!460)
## What does this MR do?
It improves the check we use to display or not the members' access and controls in the members list.
## Are there points in the code the reviewer needs to double check?
No, I replaced an helper with just a permission check so I think it's a better solution.
## Why was this MR needed?
There were a spec failure in gitlab-org/gitlab-ee!460 because of the refactor done in the "request access" MR.
## What are the relevant issue numbers?
None.
## Does this MR meet the acceptance criteria?
- No CHANGELOG needed
- [x] Tests
- [x] All builds are passing
- [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides)
- [x] Branch has no merge conflicts with `master` (if you do - rebase it please)
- [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits)
See merge request !4670
| -rw-r--r-- | app/helpers/members_helper.rb | 6 | ||||
| -rw-r--r-- | app/views/groups/group_members/update.js.haml | 2 | ||||
| -rw-r--r-- | app/views/projects/project_members/update.js.haml | 2 | ||||
| -rw-r--r-- | app/views/shared/members/_member.html.haml | 5 | ||||
| -rw-r--r-- | spec/helpers/members_helper_spec.rb | 16 |
5 files changed, 5 insertions, 26 deletions
diff --git a/app/helpers/members_helper.rb b/app/helpers/members_helper.rb index a53828ef4e7..877c77050be 100644 --- a/app/helpers/members_helper.rb +++ b/app/helpers/members_helper.rb @@ -6,12 +6,6 @@ module MembersHelper "#{action}_#{member.type.underscore}".to_sym end - def can_see_member_roles?(source:, user: nil) - return false unless user - - user.is_admin? || source.members.exists?(user_id: user.id) - end - def remove_member_message(member, user: nil) user = current_user if defined?(current_user) diff --git a/app/views/groups/group_members/update.js.haml b/app/views/groups/group_members/update.js.haml index b0b3a51ce58..da71de4cd1e 100644 --- a/app/views/groups/group_members/update.js.haml +++ b/app/views/groups/group_members/update.js.haml @@ -1,2 +1,2 @@ :plain - $("##{dom_id(@group_member)}").replaceWith('#{escape_javascript(render(@group_member, member: @group_member))}'); + $("##{dom_id(@group_member)}").replaceWith('#{escape_javascript(render('shared/members/member', member: @group_member))}'); diff --git a/app/views/projects/project_members/update.js.haml b/app/views/projects/project_members/update.js.haml index 2fb3a41d541..45f8ef89060 100644 --- a/app/views/projects/project_members/update.js.haml +++ b/app/views/projects/project_members/update.js.haml @@ -1,2 +1,2 @@ :plain - $("##{dom_id(@project_member)}").replaceWith('#{escape_javascript(render("project_member", member: @project_member))}'); + $("##{dom_id(@project_member)}").replaceWith('#{escape_javascript(render('shared/members/member', member: @project_member))}'); diff --git a/app/views/shared/members/_member.html.haml b/app/views/shared/members/_member.html.haml index c69d4cbfbe3..0191814849a 100644 --- a/app/views/shared/members/_member.html.haml +++ b/app/views/shared/members/_member.html.haml @@ -1,4 +1,5 @@ -- show_roles = local_assigns.fetch(:show_roles, true) +- default_show_roles = can?(current_user, action_member_permission(:update, member), member) || can?(current_user, action_member_permission(:destroy, member), member) +- show_roles = local_assigns.fetch(:show_roles, default_show_roles) - show_controls = local_assigns.fetch(:show_controls, true) - user = member.user @@ -36,7 +37,7 @@ method: :post, class: 'btn-xs btn' - - if show_roles && can_see_member_roles?(source: member.source, user: current_user) + - if show_roles %span.pull-right %strong= member.human_access - if show_controls diff --git a/spec/helpers/members_helper_spec.rb b/spec/helpers/members_helper_spec.rb index 0b1a76156e0..7998209b7b0 100644 --- a/spec/helpers/members_helper_spec.rb +++ b/spec/helpers/members_helper_spec.rb @@ -9,22 +9,6 @@ describe MembersHelper do it { expect(action_member_permission(:admin, group_member)).to eq :admin_group_member } end - describe '#can_see_member_roles?' do - let(:project) { create(:empty_project) } - let(:group) { create(:group) } - let(:user) { build(:user) } - let(:admin) { build(:user, :admin) } - let(:project_member) { create(:project_member, project: project) } - let(:group_member) { create(:group_member, group: group) } - - it { expect(can_see_member_roles?(source: project, user: nil)).to be_falsy } - it { expect(can_see_member_roles?(source: group, user: nil)).to be_falsy } - it { expect(can_see_member_roles?(source: project, user: admin)).to be_truthy } - it { expect(can_see_member_roles?(source: group, user: admin)).to be_truthy } - it { expect(can_see_member_roles?(source: project, user: project_member.user)).to be_truthy } - it { expect(can_see_member_roles?(source: group, user: group_member.user)).to be_truthy } - end - describe '#remove_member_message' do let(:requester) { build(:user) } let(:project) { create(:project) } |