Download as
Browse Code »

Commit da7091785238f5cb94580d90e52ce22668456464

Authored by Larissa Reis
Committed by Rodrigo Souto
1 parent 4befe13d
Exists in master and in 28 other branches 1.2+SPB2, 2_split_by_role, add_fields_in_api, api_fixies, api_pagination, api_private_token, api_tasks, article_hit_count, blog_page_bug, checkbox_to_user_can_edit_page, communities_ratings, communities_ratings_moderation, community_ratings_rebase, fix_cloned_article_parent, fix_gallery_image_url, fix_javascript_categories, fix_optional_fields, fix_suggest_article, fix_user_email_validation, highlight_block_fix, notification_plugin, notification_plugin_rebase, script_to_update, split_by_role, stable, temp_ratings, tests, tests_fixies

Remove Control Panel button in the memberships listing when user doesn't have access

Showing 2 changed files with 24 additions and 3 deletions   Show diff stats
app/views/shared/_list_groups.html.erb
  Diff comments   View file @da70917
... ... @@ -12,7 +12,9 @@
12 12 <%= _('Members: %s') % group.members_count.to_s %> <br/>
13 13 <%= _('Created at: %s') % show_date(group.created_at) unless group.enterprise? %> <br/>
14 14 <% button_bar do %>
15   - <%= button 'menu-ctrl-panel', _('Control panel of this group'), group.admin_url %>
  15 + <% if user.has_permission?(:edit_profile, group) %>
  16 + <%= button 'menu-ctrl-panel', _('Control panel of this group'), group.admin_url %>
  17 + <% end %>
16 18 <%= button 'menu-logout', _('Leave community'), group.leave_url(true), :class => 'leave-community' %>
17 19 <% if (group.community? && user.has_permission?(:destroy_profile, group)) %>
18 20 <%= button 'delete', _('Remove'), { :controller => 'profile_editor', :action => 'destroy_profile', :profile => group.identifier } %>
... ...
test/functional/memberships_controller_test.rb
  Diff comments   View file @da70917
... ... @@ -6,7 +6,7 @@ require &#39;memberships_controller&#39;
6 6 class MembershipsController; def rescue_action(e) raise e end; end
7 7  
8 8 class MembershipsControllerTest < ActionController::TestCase
9   -
  9 +
10 10 include ApplicationHelper
11 11  
12 12 def setup
... ... @@ -22,7 +22,7 @@ class MembershipsControllerTest &lt; ActionController::TestCase
22 22 def test_local_files_reference
23 23 assert_local_files_reference :get, :index, :profile => profile.identifier
24 24 end
25   -
  25 +
26 26 def test_valid_xhtml
27 27 assert_valid_xhtml
28 28 end
... ... @@ -245,4 +245,23 @@ class MembershipsControllerTest &lt; ActionController::TestCase
245 245 assert_tag :tag => 'input', :attributes => {:id => 'community_plugin2', :type => 'hidden', :value => 'Plugin 2'}
246 246 end
247 247  
  248 + should 'only display control panel link to members with permission' do
  249 + c1 = fast_create(Community, :name => 'My own community')
  250 + c2 = fast_create(Community, :name => 'Not my community')
  251 +
  252 + owner = fast_create(Person)
  253 + c2.add_admin(owner)
  254 +
  255 + person = Person['testuser']
  256 + c1.add_admin(person)
  257 + c2.add_member(person)
  258 +
  259 + login_as('testuser')
  260 + get :index, :profile => 'testuser'
  261 +
  262 + assert_template 'index'
  263 + assert_no_tag :tag => 'a', :attributes => { :href => "/myprofile/#{c2.identifier}" }
  264 + assert_tag :tag => 'a', :attributes => { :href => "/myprofile/#{c1.identifier}" }
  265 + end
  266 +
248 267 end
... ...