Commit 7d57b96ee0f668acf10067b06a614b3052e27f89
1 parent
5bed576a
Exists in
master
and in
4 other branches
Update authorized/owned resources with new group permissions
Showing
2 changed files
with
12 additions
and
5 deletions
Show diff stats
app/models/user.rb
| ... | ... | @@ -71,7 +71,9 @@ class User < ActiveRecord::Base |
| 71 | 71 | has_many :keys, dependent: :destroy |
| 72 | 72 | |
| 73 | 73 | # Groups |
| 74 | - has_many :groups, class_name: "Group", foreign_key: :owner_id | |
| 74 | + has_many :own_groups, class_name: "Group", foreign_key: :owner_id | |
| 75 | + has_many :users_groups, dependent: :destroy | |
| 76 | + has_many :groups, through: :users_groups | |
| 75 | 77 | |
| 76 | 78 | # Teams |
| 77 | 79 | has_many :own_teams, dependent: :destroy, class_name: "UserTeam", foreign_key: :owner_id |
| ... | ... | @@ -230,7 +232,7 @@ class User < ActiveRecord::Base |
| 230 | 232 | |
| 231 | 233 | # Groups where user is an owner |
| 232 | 234 | def owned_groups |
| 233 | - groups | |
| 235 | + own_groups | |
| 234 | 236 | end |
| 235 | 237 | |
| 236 | 238 | def owned_teams |
| ... | ... | @@ -239,14 +241,14 @@ class User < ActiveRecord::Base |
| 239 | 241 | |
| 240 | 242 | # Groups user has access to |
| 241 | 243 | def authorized_groups |
| 242 | - @group_ids ||= (groups.pluck(:id) + authorized_projects.pluck(:namespace_id)) | |
| 244 | + @group_ids ||= (groups.pluck(:id) + own_groups.pluck(:id) + authorized_projects.pluck(:namespace_id)) | |
| 243 | 245 | Group.where(id: @group_ids) |
| 244 | 246 | end |
| 245 | 247 | |
| 246 | 248 | |
| 247 | 249 | # Projects user has access to |
| 248 | 250 | def authorized_projects |
| 249 | - @project_ids ||= (owned_projects.pluck(:id) + projects.pluck(:id)).uniq | |
| 251 | + @project_ids ||= (owned_projects.pluck(:id) + groups.map(&:projects).flatten.map(&:id) + projects.pluck(:id)).uniq | |
| 250 | 252 | Project.where(id: @project_ids) |
| 251 | 253 | end |
| 252 | 254 | ... | ... |
app/views/groups/people.html.haml
| 1 | 1 | - can_manage_group = current_user.can? :manage_group, @group |
| 2 | 2 | .row |
| 3 | 3 | .span6 |
| 4 | - = render "new_group_member" | |
| 4 | + - if can_manage_group | |
| 5 | + = render "new_group_member" | |
| 6 | + - else | |
| 7 | + .light-well | |
| 8 | + %h4.nothing_here_message | |
| 9 | + Only group owners can manage group members | |
| 5 | 10 | .span6 |
| 6 | 11 | .ui-box |
| 7 | 12 | %h5.title | ... | ... |