diff options
Diffstat (limited to 'app/controllers/groups/group_members_controller.rb')
| -rw-r--r-- | app/controllers/groups/group_members_controller.rb | 29 |
1 files changed, 11 insertions, 18 deletions
diff --git a/app/controllers/groups/group_members_controller.rb b/app/controllers/groups/group_members_controller.rb index 48dbf656e84..d0f2e2949f0 100644 --- a/app/controllers/groups/group_members_controller.rb +++ b/app/controllers/groups/group_members_controller.rb @@ -1,11 +1,13 @@ class Groups::GroupMembersController < Groups::ApplicationController + include MembershipActions + # Authorize - before_action :authorize_admin_group_member!, except: [:index, :leave] + before_action :authorize_admin_group_member!, except: [:index, :leave, :request_access] def index @project = @group.projects.find(params[:project_id]) if params[:project_id] @members = @group.group_members - @members = @members.non_invite unless can?(current_user, :admin_group, @group) + @members = @members.non_pending unless can?(current_user, :admin_group, @group) if params[:search].present? users = @group.users.search(params[:search]).to_a @@ -58,25 +60,16 @@ class Groups::GroupMembersController < Groups::ApplicationController end end - def leave - @group_member = @group.group_members.find_by(user_id: current_user) - - if can?(current_user, :destroy_group_member, @group_member) - @group_member.destroy - - redirect_to(dashboard_groups_path, notice: "You left #{group.name} group.") - else - if @group.last_owner?(current_user) - redirect_to(dashboard_groups_path, alert: "You can not leave #{group.name} group because you're the last owner. Transfer or delete the group.") - else - return render_403 - end - end - end - protected def member_params params.require(:group_member).permit(:access_level, :user_id) end + + # MembershipActions concern + alias_method :membershipable, :group + + def cannot_leave? + @group.last_owner?(current_user) + end end |