Signed in admin should be able to add/remove himself to a group

4 files changed, 51 insertions, 4 deletions

diff --git a/app/models/ability.rb b/app/models/ability.rb
index 07f3a56ec7a..10c41306c55 100644
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -346,12 +346,10 @@ class Ability
       unless group.last_owner?(target_user)
         can_manage = group_abilities(user, group).include?(:admin_group_member)
 
-        if can_manage && user != target_user
+        if can_manage
           rules << :update_group_member
           rules << :destroy_group_member
-        end
-
-        if user == target_user
+        elsif user == target_user
           rules << :destroy_group_member
         end
       end
diff --git a/features/admin/groups.feature b/features/admin/groups.feature
index 973918086a3..2edb3964f70 100644
--- a/features/admin/groups.feature
+++ b/features/admin/groups.feature
@@ -33,3 +33,19 @@ Feature: Admin Groups
     When I visit admin group page
     When I select user "johndoe@gitlab.com" from user list as "Reporter"
     Then I should see "johndoe@gitlab.com" in team list in every project as "Reporter"
+
+  @javascript
+  Scenario: Signed in admin should be able to add himself to a group
+    Given "John Doe" is owner of group "Owned"
+    When I visit group "Owned" members page
+    When I select current user as "Developer"
+    Then I should see current user as "Developer"
+
+  @javascript
+  Scenario: Signed in admin should be able to remove himself from group
+    Given current user is developer of group "Owned"
+    When I visit group "Owned" members page
+    Then I should see current user as "Developer"
+    When I click on the "Remove User From Group" button for current user
+    When I visit group "Owned" members page
+    Then I should not see current user as "Developer"
diff --git a/features/steps/admin/groups.rb b/features/steps/admin/groups.rb
index d27634858a2..43fd91d0d4c 100644
--- a/features/steps/admin/groups.rb
+++ b/features/steps/admin/groups.rb
@@ -1,5 +1,6 @@
 class Spinach::Features::AdminGroups < Spinach::FeatureSteps
   include SharedAuthentication
+  include SharedGroup
   include SharedPaths
   include SharedUser
   include SharedActiveTab
@@ -88,6 +89,34 @@ class Spinach::Features::AdminGroups < Spinach::FeatureSteps
     end
   end
 
+  step 'I select current user as "Developer"' do
+    page.within ".users-group-form" do
+      select2(current_user.id, from: "#user_ids", multiple: true)
+      select "Developer", from: "access_level"
+    end
+
+    click_button "Add users to group"
+  end
+
+  step 'I should see current user as "Developer"' do
+    page.within '.content-list' do
+      expect(page).to have_content(current_user.name)
+      expect(page).to have_content('Developer')
+    end
+  end
+
+  step 'I click on the "Remove User From Group" button for current user' do
+    find(:css, 'li', text: current_user.name).find(:css, 'a.btn-remove').click
+    # poltergeist always confirms popups.
+  end
+
+  step 'I should not see current user as "Developer"' do
+    page.within '.content-list' do
+      expect(page).not_to have_content(current_user.name)
+      expect(page).not_to have_content('Developer')
+    end
+  end
+
   protected
 
   def current_group
diff --git a/features/steps/shared/group.rb b/features/steps/shared/group.rb
index 58581653f28..fe6736dacd4 100644
--- a/features/steps/shared/group.rb
+++ b/features/steps/shared/group.rb
@@ -1,6 +1,10 @@
 module SharedGroup
   include Spinach::DSL
 
+  step 'current user is developer of group "Owned"' do
+    is_member_of(current_user.name, "Owned", Gitlab::Access::DEVELOPER)
+  end
+
   step '"John Doe" is owner of group "Owned"' do
     is_member_of("John Doe", "Owned", Gitlab::Access::OWNER)
   end