Roles editor bug fix (#721)

* Allow users with just the manage users permission to edit roles * Allow users with just the manage users permission to edit roles * Fix update recordings bug
2019-08-01 16:53:55 -04:00 · 2019-08-01 16:53:55 -04:00 · e1fdc8f58b
parent 60f5cd5c81
commit e1fdc8f58b
7 changed files with 18 additions and 12 deletions
--- a/app/assets/stylesheets/rooms.scss
+++ b/app/assets/stylesheets/rooms.scss
@ -69,3 +69,8 @@
 .allow-icon-click{
  pointer-events: auto;
 }
+
+.cant-create-rooms-title{
+  align-items: center;
+  justify-content: center;
+}
--- a/app/controllers/recordings_controller.rb
+++ b/app/controllers/recordings_controller.rb
@ -50,10 +50,9 @@ class RecordingsController < ApplicationController

  # Ensure the user is logged into the room they are accessing.
  def verify_room_ownership
-    if !current_user ||
-       !@room.owned_by?(current_user) ||
-       !current_user.has_role?(:admin) ||
-       !current_user.has_role?(:super_admin)
+    if !current_user || (!@room.owned_by?(current_user) &&
+           !current_user.highest_priority_role.can_edit_site_settings &&
+           !current_user.has_role?(:super_admin))
      redirect_to root_path
    end
  end
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@ -260,8 +260,8 @@ class UsersController < ApplicationController

  # Updates as user's roles
  def update_roles
-    # Check that the user can edit roles
-    if current_user.highest_priority_role.can_edit_roles
+    # Check that the user can manage users
+    if current_user.highest_priority_role.can_manage_users
      new_roles = params[:user][:role_ids].split(' ').map(&:to_i)
      old_roles = @user.roles.pluck(:id)

--- a/app/views/rooms/cant_create_rooms.html.erb
+++ b/app/views/rooms/cant_create_rooms.html.erb
@ -21,10 +21,11 @@
            <div class="offset-3 col-6 offset-3">
                <div class="card">
                    <div class="card-status bg-primary"></div>
-                    <div class="card-header">
+                    <div class="card-header cant-create-rooms-title">
                        <h3 class="card-title"><%= t("room.no_room.title") %></h3>
                    </div>
                    <div class="card-body">
+                        <p><%= t("room.no_room.description") %></p>
                        <%= form_for(:join_room, url: join_room_path) do |f| %>
                            <div class="input-icon mb-2">
                                <span class="input-icon-addon">
--- a/app/views/shared/settings/_account.html.erb
+++ b/app/views/shared/settings/_account.html.erb
@ -46,7 +46,7 @@
      <% @user.roles.by_priority.each do |role| %>
        <span id="<%= "user-role-tag_#{role.id}" %>" style="<%= "background-color: #{role_colour(role)};border-color: #{role_colour(role)};" %>" class="tag user-role-tag">
          <%= translated_role_name(role) %>
-          <% if (current_user_role.can_edit_roles || current_user_role.name == "super_admin") && (role.priority > current_user_role.priority || current_user_role.name == "admin") %>
+          <% if (current_user_role.can_manage_users || current_user_role.name == "super_admin") && (role.priority > current_user_role.priority || current_user_role.name == "admin") %>
            <a data-role-id="<%= role.id %>" class="tag-addon clear-role">
              <i data-role-id="<%= role.id %>" class="fas fa-times"></i>
            </a>
@ -54,7 +54,7 @@
        </span>
      <% end %>
    </div>
-    <% if current_user_role.can_edit_roles || current_user_role.name == "super_admin" %>
+    <% if current_user_role.can_manage_users || current_user_role.name == "super_admin" %>
      <% provider = Rails.configuration.loadbalanced_configuration ? current_user.provider : "greenlight" %>
      <%= f.select :roles, Role.editable_roles(@user_domain).map{|role| [translated_role_name(role), role.id, {'data-colour' => role_colour(role)}]}.unshift(["", nil, {'data-colour' => nil}]), {disabled: disabled_roles(@user)}, { class: "form-control custom-select", id: "role-select-dropdown" } %>
    <% end %>
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -413,8 +413,9 @@ en:
    owner: Owner
    no_room:
      title: Join a Room
-      placeholder: Enter the room url or the room id for the room you want to join.
+      description: Enter the room url or the room id for the room you want to join.
      invalid_room_uid: The room url/uid you entered was invalid.
+      placeholder: Room url/uid
    no_sessions: This room has no sessions, yet!
    recordings: Room Recordings
    room_limit: You have reached the maximum number of rooms allowed
--- a/spec/controllers/users_controller_spec.rb
+++ b/spec/controllers/users_controller_spec.rb
@ -341,7 +341,7 @@ describe UsersController, type: :controller do

        user_role = user.highest_priority_role

-        user_role.can_edit_roles = true
+        user_role.can_manage_users = true

        user_role.save!

@ -364,7 +364,7 @@ describe UsersController, type: :controller do

        user_role = user.highest_priority_role

-        user_role.can_edit_roles = true
+        user_role.can_manage_users = true

        user_role.save!