diff options
author | Fabio Huser <fabio.huser@siemens.com> | 2017-03-27 23:18:09 +0300 |
---|---|---|
committer | Fabio Huser <fabio.huser@siemens.com> | 2017-03-30 13:32:45 +0300 |
commit | c6701fef0e2082e1adae15adb97c75311115617f (patch) | |
tree | b87cb3646e4bceb72589ab0e38509c47e69a2312 | |
parent | ad831ace7ed8d2ed999b15f8350aaa51f0490124 (diff) |
fix(subgroups): add verification of group creation capability to subgroup UI
-rw-r--r-- | app/models/user.rb | 4 | ||||
-rw-r--r-- | app/views/groups/subgroups.html.haml | 2 | ||||
-rw-r--r-- | spec/models/user_spec.rb | 22 |
3 files changed, 27 insertions, 1 deletions
diff --git a/app/models/user.rb b/app/models/user.rb index cbd741f96ed..bed2f0cae53 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -570,6 +570,10 @@ class User < ActiveRecord::Base can?(:create_group) end + def can_create_subgroup?(group) + can?(:create_group) && can?(:admin_group, group) + end + def can_select_namespace? several_namespaces? || admin end diff --git a/app/views/groups/subgroups.html.haml b/app/views/groups/subgroups.html.haml index be809083139..3342ba118ef 100644 --- a/app/views/groups/subgroups.html.haml +++ b/app/views/groups/subgroups.html.haml @@ -9,7 +9,7 @@ .nav-controls = form_tag request.path, method: :get do |f| = search_field_tag :filter_groups, params[:filter_groups], placeholder: 'Filter by name', class: 'form-control', spellcheck: false - - if can? current_user, :admin_group, @group + - if current_user.can_create_subgroup? @group = link_to new_group_path(parent_id: @group.id), class: 'btn btn-new pull-right' do New Subgroup diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index a9e37be1157..575b43c3d88 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -464,6 +464,28 @@ describe User, models: true do it { expect(@user2.several_namespaces?).to be_truthy } end + describe 'subgroups' do + let(:group) { create :group } + + it 'allows if owner' do + user = create :user + group.add_user(user, GroupMember::OWNER) + expect(user.can_create_subgroup?(group)).to be_truthy + end + + it 'disallows if missing right' do + user = create(:user, can_create_group: false) + group.add_user(user, GroupMember::MASTER) + expect(user.can_create_subgroup?(group)).to be_falsey + end + + it 'disallows if developer' do + user = create :user + group.add_user(user, GroupMember::DEVELOPER) + expect(user.can_create_subgroup?(group)).to be_falsey + end + end + describe 'namespaced' do before do @user = create :user |