Commit c31d48dd250c56164280343a2cbe6ae14bd72a4a
1 parent
2f22874b
Exists in
master
and in
4 other branches
Allow project creation in scope of group for non-admin but group owners
Showing
7 changed files
with
62 additions
and
13 deletions
Show diff stats
app/models/project.rb
| @@ -95,7 +95,6 @@ class Project < ActiveRecord::Base | @@ -95,7 +95,6 @@ class Project < ActiveRecord::Base | ||
| 95 | 95 | ||
| 96 | def create_by_user(params, user) | 96 | def create_by_user(params, user) |
| 97 | namespace_id = params.delete(:namespace_id) | 97 | namespace_id = params.delete(:namespace_id) |
| 98 | - namespace_id ||= user.namespace.try(:id) | ||
| 99 | 98 | ||
| 100 | project = Project.new params | 99 | project = Project.new params |
| 101 | 100 | ||
| @@ -109,7 +108,18 @@ class Project < ActiveRecord::Base | @@ -109,7 +108,18 @@ class Project < ActiveRecord::Base | ||
| 109 | project.path = project.name.dup.parameterize | 108 | project.path = project.name.dup.parameterize |
| 110 | 109 | ||
| 111 | project.owner = user | 110 | project.owner = user |
| 112 | - project.namespace_id = namespace_id | 111 | + |
| 112 | + # Apply namespace if user has access to it | ||
| 113 | + # else fallback to user namespace | ||
| 114 | + project.namespace_id = user.namespace_id | ||
| 115 | + | ||
| 116 | + if namespace_id | ||
| 117 | + group = Group.find_by_id(namespace_id) | ||
| 118 | + if user.can? :manage_group, group | ||
| 119 | + project.namespace_id = namespace_id | ||
| 120 | + end | ||
| 121 | + end | ||
| 122 | + | ||
| 113 | project.save! | 123 | project.save! |
| 114 | 124 | ||
| 115 | # Add user as project master | 125 | # Add user as project master |
app/models/user.rb
| @@ -48,6 +48,7 @@ class User < ActiveRecord::Base | @@ -48,6 +48,7 @@ class User < ActiveRecord::Base | ||
| 48 | 48 | ||
| 49 | # Namespace for personal projects | 49 | # Namespace for personal projects |
| 50 | has_one :namespace, class_name: "Namespace", foreign_key: :owner_id, conditions: 'type IS NULL', dependent: :destroy | 50 | has_one :namespace, class_name: "Namespace", foreign_key: :owner_id, conditions: 'type IS NULL', dependent: :destroy |
| 51 | + has_many :groups, class_name: "Group", foreign_key: :owner_id | ||
| 51 | 52 | ||
| 52 | has_many :keys, dependent: :destroy | 53 | has_many :keys, dependent: :destroy |
| 53 | has_many :projects, through: :users_projects | 54 | has_many :projects, through: :users_projects |
| @@ -120,15 +121,4 @@ class User < ActiveRecord::Base | @@ -120,15 +121,4 @@ class User < ActiveRecord::Base | ||
| 120 | self.password = self.password_confirmation = Devise.friendly_token.first(8) | 121 | self.password = self.password_confirmation = Devise.friendly_token.first(8) |
| 121 | end | 122 | end |
| 122 | end | 123 | end |
| 123 | - | ||
| 124 | - def namespaces | ||
| 125 | - namespaces = [] | ||
| 126 | - namespaces << self.namespace if self.namespace | ||
| 127 | - namespaces = namespaces + Group.all if admin | ||
| 128 | - namespaces | ||
| 129 | - end | ||
| 130 | - | ||
| 131 | - def several_namespaces? | ||
| 132 | - namespaces.size > 1 | ||
| 133 | - end | ||
| 134 | end | 124 | end |
app/roles/account.rb
| @@ -26,6 +26,18 @@ module Account | @@ -26,6 +26,18 @@ module Account | ||
| 26 | is_admin? | 26 | is_admin? |
| 27 | end | 27 | end |
| 28 | 28 | ||
| 29 | + def abilities | ||
| 30 | + @abilities ||= begin | ||
| 31 | + abilities = Six.new | ||
| 32 | + abilities << Ability | ||
| 33 | + abilities | ||
| 34 | + end | ||
| 35 | + end | ||
| 36 | + | ||
| 37 | + def can? action, subject | ||
| 38 | + abilities.allowed?(self, action, subject) | ||
| 39 | + end | ||
| 40 | + | ||
| 29 | def last_activity_project | 41 | def last_activity_project |
| 30 | projects.first | 42 | projects.first |
| 31 | end | 43 | end |
| @@ -70,4 +82,27 @@ module Account | @@ -70,4 +82,27 @@ module Account | ||
| 70 | def projects_sorted_by_activity | 82 | def projects_sorted_by_activity |
| 71 | projects.order("(SELECT max(events.created_at) FROM events WHERE events.project_id = projects.id) DESC") | 83 | projects.order("(SELECT max(events.created_at) FROM events WHERE events.project_id = projects.id) DESC") |
| 72 | end | 84 | end |
| 85 | + | ||
| 86 | + def namespaces | ||
| 87 | + namespaces = [] | ||
| 88 | + | ||
| 89 | + # Add user account namespace | ||
| 90 | + namespaces << self.namespace if self.namespace | ||
| 91 | + | ||
| 92 | + # Add groups you can manage | ||
| 93 | + namespaces += if admin | ||
| 94 | + Group.all | ||
| 95 | + else | ||
| 96 | + groups.all | ||
| 97 | + end | ||
| 98 | + namespaces | ||
| 99 | + end | ||
| 100 | + | ||
| 101 | + def several_namespaces? | ||
| 102 | + namespaces.size > 1 | ||
| 103 | + end | ||
| 104 | + | ||
| 105 | + def namespace_id | ||
| 106 | + namespace.try :id | ||
| 107 | + end | ||
| 73 | end | 108 | end |
app/views/groups/people.html.haml
| @@ -9,4 +9,6 @@ | @@ -9,4 +9,6 @@ | ||
| 9 | = image_tag gravatar_icon(user.email, 16), class: "avatar s16" | 9 | = image_tag gravatar_icon(user.email, 16), class: "avatar s16" |
| 10 | %strong= user.name | 10 | %strong= user.name |
| 11 | %span.cgray= user.email | 11 | %span.cgray= user.email |
| 12 | + - if @group.owner == user | ||
| 13 | + %span.btn.btn-small.disabled.right Owner | ||
| 12 | 14 |
spec/models/namespace_spec.rb
| @@ -22,4 +22,14 @@ describe Namespace do | @@ -22,4 +22,14 @@ describe Namespace do | ||
| 22 | it { should validate_presence_of :path } | 22 | it { should validate_presence_of :path } |
| 23 | it { should validate_uniqueness_of(:path) } | 23 | it { should validate_uniqueness_of(:path) } |
| 24 | it { should validate_presence_of :owner } | 24 | it { should validate_presence_of :owner } |
| 25 | + | ||
| 26 | + describe "Mass assignment" do | ||
| 27 | + it { should allow_mass_assignment_of(:name) } | ||
| 28 | + it { should allow_mass_assignment_of(:path) } | ||
| 29 | + end | ||
| 30 | + | ||
| 31 | + describe "Respond to" do | ||
| 32 | + it { should respond_to(:human_name) } | ||
| 33 | + it { should respond_to(:to_param) } | ||
| 34 | + end | ||
| 25 | end | 35 | end |
spec/models/project_spec.rb
| @@ -40,6 +40,7 @@ describe Project do | @@ -40,6 +40,7 @@ describe Project do | ||
| 40 | end | 40 | end |
| 41 | 41 | ||
| 42 | describe "Mass assignment" do | 42 | describe "Mass assignment" do |
| 43 | + it { should_not allow_mass_assignment_of(:namespace_id) } | ||
| 43 | it { should_not allow_mass_assignment_of(:owner_id) } | 44 | it { should_not allow_mass_assignment_of(:owner_id) } |
| 44 | it { should_not allow_mass_assignment_of(:private_flag) } | 45 | it { should_not allow_mass_assignment_of(:private_flag) } |
| 45 | end | 46 | end |
spec/models/user_spec.rb
| @@ -40,6 +40,7 @@ describe User do | @@ -40,6 +40,7 @@ describe User do | ||
| 40 | it { should have_one(:namespace) } | 40 | it { should have_one(:namespace) } |
| 41 | it { should have_many(:users_projects).dependent(:destroy) } | 41 | it { should have_many(:users_projects).dependent(:destroy) } |
| 42 | it { should have_many(:projects) } | 42 | it { should have_many(:projects) } |
| 43 | + it { should have_many(:groups) } | ||
| 43 | it { should have_many(:my_own_projects).class_name('Project') } | 44 | it { should have_many(:my_own_projects).class_name('Project') } |
| 44 | it { should have_many(:keys).dependent(:destroy) } | 45 | it { should have_many(:keys).dependent(:destroy) } |
| 45 | it { should have_many(:events).class_name('Event').dependent(:destroy) } | 46 | it { should have_many(:events).class_name('Event').dependent(:destroy) } |