Commit e747626f authored by Phil Hughes's avatar Phil Hughes

Added test for updating groups permissions

parent 97a51817
...@@ -21,7 +21,7 @@ class Projects::GroupLinksController < Projects::ApplicationController ...@@ -21,7 +21,7 @@ class Projects::GroupLinksController < Projects::ApplicationController
def update def update
@group_link = @project.project_group_links.find(params[:id]) @group_link = @project.project_group_links.find(params[:id])
return render_403 unless can?(current_user, :admin_group, @group_link.group) return render_403 unless can?(current_user, :admin_project_member, @project)
@group_link.update_attributes(group_link_params) @group_link.update_attributes(group_link_params)
end end
......
...@@ -13,11 +13,11 @@ ...@@ -13,11 +13,11 @@
Expires in #{distance_of_time_in_words_to_now(group_link.expires_at)} Expires in #{distance_of_time_in_words_to_now(group_link.expires_at)}
.controls.member-controls .controls.member-controls
= form_tag namespace_project_group_link_path(@project.namespace, @project, group_link), method: :put, remote: true, class: 'form-horizontal js-edit-member-form' do = form_tag namespace_project_group_link_path(@project.namespace, @project, group_link), method: :put, remote: true, class: 'form-horizontal js-edit-member-form' do
= select_tag 'group_link[group_access]', options_for_select(ProjectGroupLink.access_options, group_link.group_access), class: 'form-control member-form-control append-right-5 js-member-update-control', id: "member_access_level_#{group.id}", disabled: !can?(current_user, action_member_permission(:admin, group), group) = select_tag 'group_link[group_access]', options_for_select(ProjectGroupLink.access_options, group_link.group_access), class: 'form-control member-form-control append-right-5 js-member-update-control', id: "member_access_level_#{group.id}", disabled: !can?(current_user, :admin_project_member, @project)
.prepend-left-5.clearable-input.member-form-control .prepend-left-5.clearable-input.member-form-control
= text_field_tag 'group_link[expires_at]', group_link.expires_at, class: 'form-control js-access-expiration-date js-member-update-control', placeholder: 'Expiration date', id: "member_expires_at_#{group.id}", disabled: !can?(current_user, action_member_permission(:admin, group), group) = text_field_tag 'group_link[expires_at]', group_link.expires_at, class: 'form-control js-access-expiration-date js-member-update-control', placeholder: 'Expiration date', id: "member_expires_at_#{group.id}", disabled: !can?(current_user, :admin_project_member, @project)
%i.clear-icon.js-clear-input %i.clear-icon.js-clear-input
- if can?(current_user, action_member_permission(:admin, group), group) - if can?(current_user, :admin_project_member, @project)
= link_to namespace_project_group_link_path(@project.namespace, @project, group_link), = link_to namespace_project_group_link_path(@project.namespace, @project, group_link),
remote: true, remote: true,
method: :delete, method: :delete,
......
require 'spec_helper'
feature 'Projects > Members > Anonymous user sees members', feature: true, js: true do
include WaitForAjax
let(:user) { create(:user) }
let(:group) { create(:group, :public) }
let(:project) { create(:empty_project, :public) }
background do
project.team << [user, :master]
@group_link = create(:project_group_link, project: project, group: group)
login_as(user)
visit namespace_project_project_members_path(project.namespace, project)
end
it 'updates group access level' do
select 'Guest', from: "member_access_level_#{group.id}"
wait_for_ajax
visit namespace_project_project_members_path(project.namespace, project)
expect(page).to have_select("member_access_level_#{group.id}", selected: 'Guest')
end
it 'updates expiry date' do
tomorrow = Date.today + 3
fill_in "member_expires_at_#{group.id}", with: tomorrow.strftime("%F")
wait_for_ajax
page.within(first('li.member')) do
expect(page).to have_content('Expires in 3 days')
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment