Commit c31d48dd250c56164280343a2cbe6ae14bd72a4a
1 parent
2f22874b
Exists in
master
and in
4 other branches
Allow project creation in scope of group for non-admin but group owners
Showing
7 changed files
with
62 additions
and
13 deletions
Show diff stats
app/models/project.rb
| ... | ... | @@ -95,7 +95,6 @@ class Project < ActiveRecord::Base |
| 95 | 95 | |
| 96 | 96 | def create_by_user(params, user) |
| 97 | 97 | namespace_id = params.delete(:namespace_id) |
| 98 | - namespace_id ||= user.namespace.try(:id) | |
| 99 | 98 | |
| 100 | 99 | project = Project.new params |
| 101 | 100 | |
| ... | ... | @@ -109,7 +108,18 @@ class Project < ActiveRecord::Base |
| 109 | 108 | project.path = project.name.dup.parameterize |
| 110 | 109 | |
| 111 | 110 | project.owner = user |
| 112 | - project.namespace_id = namespace_id | |
| 111 | + | |
| 112 | + # Apply namespace if user has access to it | |
| 113 | + # else fallback to user namespace | |
| 114 | + project.namespace_id = user.namespace_id | |
| 115 | + | |
| 116 | + if namespace_id | |
| 117 | + group = Group.find_by_id(namespace_id) | |
| 118 | + if user.can? :manage_group, group | |
| 119 | + project.namespace_id = namespace_id | |
| 120 | + end | |
| 121 | + end | |
| 122 | + | |
| 113 | 123 | project.save! |
| 114 | 124 | |
| 115 | 125 | # Add user as project master | ... | ... |
app/models/user.rb
| ... | ... | @@ -48,6 +48,7 @@ class User < ActiveRecord::Base |
| 48 | 48 | |
| 49 | 49 | # Namespace for personal projects |
| 50 | 50 | has_one :namespace, class_name: "Namespace", foreign_key: :owner_id, conditions: 'type IS NULL', dependent: :destroy |
| 51 | + has_many :groups, class_name: "Group", foreign_key: :owner_id | |
| 51 | 52 | |
| 52 | 53 | has_many :keys, dependent: :destroy |
| 53 | 54 | has_many :projects, through: :users_projects |
| ... | ... | @@ -120,15 +121,4 @@ class User < ActiveRecord::Base |
| 120 | 121 | self.password = self.password_confirmation = Devise.friendly_token.first(8) |
| 121 | 122 | end |
| 122 | 123 | end |
| 123 | - | |
| 124 | - def namespaces | |
| 125 | - namespaces = [] | |
| 126 | - namespaces << self.namespace if self.namespace | |
| 127 | - namespaces = namespaces + Group.all if admin | |
| 128 | - namespaces | |
| 129 | - end | |
| 130 | - | |
| 131 | - def several_namespaces? | |
| 132 | - namespaces.size > 1 | |
| 133 | - end | |
| 134 | 124 | end | ... | ... |
app/roles/account.rb
| ... | ... | @@ -26,6 +26,18 @@ module Account |
| 26 | 26 | is_admin? |
| 27 | 27 | end |
| 28 | 28 | |
| 29 | + def abilities | |
| 30 | + @abilities ||= begin | |
| 31 | + abilities = Six.new | |
| 32 | + abilities << Ability | |
| 33 | + abilities | |
| 34 | + end | |
| 35 | + end | |
| 36 | + | |
| 37 | + def can? action, subject | |
| 38 | + abilities.allowed?(self, action, subject) | |
| 39 | + end | |
| 40 | + | |
| 29 | 41 | def last_activity_project |
| 30 | 42 | projects.first |
| 31 | 43 | end |
| ... | ... | @@ -70,4 +82,27 @@ module Account |
| 70 | 82 | def projects_sorted_by_activity |
| 71 | 83 | projects.order("(SELECT max(events.created_at) FROM events WHERE events.project_id = projects.id) DESC") |
| 72 | 84 | end |
| 85 | + | |
| 86 | + def namespaces | |
| 87 | + namespaces = [] | |
| 88 | + | |
| 89 | + # Add user account namespace | |
| 90 | + namespaces << self.namespace if self.namespace | |
| 91 | + | |
| 92 | + # Add groups you can manage | |
| 93 | + namespaces += if admin | |
| 94 | + Group.all | |
| 95 | + else | |
| 96 | + groups.all | |
| 97 | + end | |
| 98 | + namespaces | |
| 99 | + end | |
| 100 | + | |
| 101 | + def several_namespaces? | |
| 102 | + namespaces.size > 1 | |
| 103 | + end | |
| 104 | + | |
| 105 | + def namespace_id | |
| 106 | + namespace.try :id | |
| 107 | + end | |
| 73 | 108 | end | ... | ... |
app/views/groups/people.html.haml
spec/models/namespace_spec.rb
| ... | ... | @@ -22,4 +22,14 @@ describe Namespace do |
| 22 | 22 | it { should validate_presence_of :path } |
| 23 | 23 | it { should validate_uniqueness_of(:path) } |
| 24 | 24 | it { should validate_presence_of :owner } |
| 25 | + | |
| 26 | + describe "Mass assignment" do | |
| 27 | + it { should allow_mass_assignment_of(:name) } | |
| 28 | + it { should allow_mass_assignment_of(:path) } | |
| 29 | + end | |
| 30 | + | |
| 31 | + describe "Respond to" do | |
| 32 | + it { should respond_to(:human_name) } | |
| 33 | + it { should respond_to(:to_param) } | |
| 34 | + end | |
| 25 | 35 | end | ... | ... |
spec/models/project_spec.rb
| ... | ... | @@ -40,6 +40,7 @@ describe Project do |
| 40 | 40 | end |
| 41 | 41 | |
| 42 | 42 | describe "Mass assignment" do |
| 43 | + it { should_not allow_mass_assignment_of(:namespace_id) } | |
| 43 | 44 | it { should_not allow_mass_assignment_of(:owner_id) } |
| 44 | 45 | it { should_not allow_mass_assignment_of(:private_flag) } |
| 45 | 46 | end | ... | ... |
spec/models/user_spec.rb
| ... | ... | @@ -40,6 +40,7 @@ describe User do |
| 40 | 40 | it { should have_one(:namespace) } |
| 41 | 41 | it { should have_many(:users_projects).dependent(:destroy) } |
| 42 | 42 | it { should have_many(:projects) } |
| 43 | + it { should have_many(:groups) } | |
| 43 | 44 | it { should have_many(:my_own_projects).class_name('Project') } |
| 44 | 45 | it { should have_many(:keys).dependent(:destroy) } |
| 45 | 46 | it { should have_many(:events).class_name('Event').dependent(:destroy) } | ... | ... |