Commit 02cf9aa6873c4c2e35dfedc8d4c6ad375bd8a219
1 parent
8674e1c2
Exists in
master
and in
4 other branches
Group owner or admin can remove other group owners
Showing
2 changed files
with
3 additions
and
3 deletions
Show diff stats
app/controllers/users_groups_controller.rb
| ... | ... | @@ -19,7 +19,7 @@ class UsersGroupsController < ApplicationController |
| 19 | 19 | |
| 20 | 20 | def destroy |
| 21 | 21 | @users_group = @group.users_groups.find(params[:id]) |
| 22 | - @users_group.destroy unless @users_group.user == @group.owner | |
| 22 | + @users_group.destroy | |
| 23 | 23 | |
| 24 | 24 | respond_to do |format| |
| 25 | 25 | format.html { redirect_to members_group_path(@group), notice: 'User was successfully removed from group.' } | ... | ... |
app/views/users_groups/_users_group.html.haml
| ... | ... | @@ -10,7 +10,7 @@ |
| 10 | 10 | %span.pull-right |
| 11 | 11 | %strong= member.human_access |
| 12 | 12 | |
| 13 | - - if show_controls && user != @group.owner && user != current_user | |
| 13 | + - if show_controls && can?(current_user, :manage_group, @group) && current_user != user | |
| 14 | 14 | = link_to '#', class: "btn-tiny btn js-toggle-button", title: 'Edit access level' do |
| 15 | 15 | %i.icon-edit |
| 16 | 16 | = link_to group_users_group_path(@group, member), confirm: remove_user_from_group_message(@group, user), method: :delete, remote: true, class: "btn-tiny btn btn-remove", title: 'Remove user from group' do |
| ... | ... | @@ -20,4 +20,4 @@ |
| 20 | 20 | = form_for [@group, member], remote: true do |f| |
| 21 | 21 | .alert.prepend-top-20 |
| 22 | 22 | = f.select :group_access, options_for_select(UsersGroup.group_access_roles, member.group_access) |
| 23 | - = f.submit 'Save', class: 'btn btn-save' | |
| 23 | + = f.submit 'Save', class: 'btn btn-save btn-small' | ... | ... |