Add an action to update the override attribute on the group membership

cc65fb54 · Douglas Barbosa Alexandre · Phil Hughes · 059eb92f · cc65fb54 · cc65fb54
Commit cc65fb54 authored Dec 06, 2016 by Douglas Barbosa Alexandre Committed by Phil Hughes Dec 12, 2016
3 changed files
--- a/app/controllers/groups/group_members_controller.rb
+++ b/app/controllers/groups/group_members_controller.rb
@@ -78,6 +78,20 @@ class Groups::GroupMembersController < Groups::ApplicationController
    end
  end
+  def override
+    @group_member = @group.group_members.find(params[:id])
+    return render_403 unless can?(current_user, :override_group_member, @group_member)
+    if @group_member.update_attributes(override_params)
+      log_audit_event(@group_member, action: :override)
+      respond_to do |format|
+        format.js { head :ok }
+      end
+    end
+  end
  protected
  def member_params

--- a/app/views/shared/members/_member.html.haml
+++ b/app/views/shared/members/_member.html.haml
@@ -77,7 +77,7 @@
                      %li.divider
                      %li
                        = link_to "Revert to LDAP group sync settings", "javascript:void(0)",
-                          data: { revert: "true", endpoint: update_url, id: dom_id(member) }
+                          data: { revert: "true", endpoint: override_group_group_member_path(@group, member), id: dom_id(member) }
            .prepend-left-5.clearable-input.member-form-control
              = f.text_field :expires_at, class: 'form-control js-access-expiration-date js-member-update-control', placeholder: 'Expiration date', id: "member_expires_at_#{member.id}", disabled: !can_admin_member
              %i.clear-icon.js-clear-input
@@ -128,7 +128,7 @@
    .controls
      %button.btn.btn-warning.js-ldap-override{ type: "button",
        "aria-label" => "Change LDAP member permissions",
-        data: { id: dom_id(member), endpoint: update_url } }
+        data: { id: dom_id(member), endpoint: override_group_group_member_path(@group, member) } }
        Change permissions
      %button.btn.btn-default.js-ldap-permissions{ type: "button",
        "aria-label" => "Close permissions override",

--- a/config/routes/group.rb
+++ b/config/routes/group.rb
@@ -18,6 +18,10 @@ scope(path: 'groups/*group_id',
  resources :group_members, only: [:index, :create, :update, :destroy], concerns: :access_requestable do
    post :resend_invite, on: :member
    delete :leave, on: :collection
+    ## EE-specific
+    patch :override, on: :member
+    ## EE-specific
  end
  resource :avatar, only: [:destroy]