Merge branch '1475-disable-project-members-ldap-override' into 'master'

Disable LDAP permission override in project members edit list

Closes #1475

See merge request !1018

app/views/shared/members/ee/_override_member_buttons.html.haml

@@ -4,7 +4,7 @@
 - action = local_assigns.fetch(:action, :edit).to_s.inquiry
 - can_override = local_assigns.fetch(:can_override, false)
 
-- if can_override
+- if group && can_override
   - if action.edit?
     %button.btn.btn-default.btn-ldap-override.js-ldap-permissions{ type: 'button',
       'aria-label' => 'Edit permissions',

changelogs/unreleased-ee/1475-disable-project-members-ldap-override.yml

+---
+title: Disable LDAP permission override in project members edit list
+merge_request:
+author:

spec/features/groups/members/override_ldap_memberships_spec.rb

@@ -7,6 +7,7 @@ feature 'Groups > Members > Master/Owner can override LDAP access levels', featu
   let(:maryjane) { create(:user, name: 'Mary Jane') }
   let(:owner)    { create(:user) }
   let(:group)    { create(:group_with_ldap_group_link, :public) }
+  let(:project)  { create(:empty_project, namespace: group)  }
 
   let!(:owner_member)   { create(:group_member, :owner, group: group, user: owner) }
   let!(:ldap_member)    { create(:group_member, :guest, group: group, user: johndoe, ldap: true) }
@@ -19,6 +20,12 @@ feature 'Groups > Members > Master/Owner can override LDAP access levels', featu
     login_as(owner)
   end
 
+  scenario 'override not available on project members page', js: true do
+    visit namespace_project_project_members_path(group, project)
+
+    expect(page).not_to have_button 'Edit permissions'
+  end
+
   scenario 'owner can override LDAP access level', js: true do
     ldap_override_message = 'John Doe is currently an LDAP user. Editing their permissions will override the settings from the LDAP group sync.'