Roles editor bug fix (#721)
* Allow users with just the manage users permission to edit roles * Allow users with just the manage users permission to edit roles * Fix update recordings bug
This commit is contained in:
parent
60f5cd5c81
commit
e1fdc8f58b
|
@ -69,3 +69,8 @@
|
||||||
.allow-icon-click{
|
.allow-icon-click{
|
||||||
pointer-events: auto;
|
pointer-events: auto;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
.cant-create-rooms-title{
|
||||||
|
align-items: center;
|
||||||
|
justify-content: center;
|
||||||
|
}
|
||||||
|
|
|
@ -50,10 +50,9 @@ class RecordingsController < ApplicationController
|
||||||
|
|
||||||
# Ensure the user is logged into the room they are accessing.
|
# Ensure the user is logged into the room they are accessing.
|
||||||
def verify_room_ownership
|
def verify_room_ownership
|
||||||
if !current_user ||
|
if !current_user || (!@room.owned_by?(current_user) &&
|
||||||
!@room.owned_by?(current_user) ||
|
!current_user.highest_priority_role.can_edit_site_settings &&
|
||||||
!current_user.has_role?(:admin) ||
|
!current_user.has_role?(:super_admin))
|
||||||
!current_user.has_role?(:super_admin)
|
|
||||||
redirect_to root_path
|
redirect_to root_path
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -260,8 +260,8 @@ class UsersController < ApplicationController
|
||||||
|
|
||||||
# Updates as user's roles
|
# Updates as user's roles
|
||||||
def update_roles
|
def update_roles
|
||||||
# Check that the user can edit roles
|
# Check that the user can manage users
|
||||||
if current_user.highest_priority_role.can_edit_roles
|
if current_user.highest_priority_role.can_manage_users
|
||||||
new_roles = params[:user][:role_ids].split(' ').map(&:to_i)
|
new_roles = params[:user][:role_ids].split(' ').map(&:to_i)
|
||||||
old_roles = @user.roles.pluck(:id)
|
old_roles = @user.roles.pluck(:id)
|
||||||
|
|
||||||
|
|
|
@ -21,10 +21,11 @@
|
||||||
<div class="offset-3 col-6 offset-3">
|
<div class="offset-3 col-6 offset-3">
|
||||||
<div class="card">
|
<div class="card">
|
||||||
<div class="card-status bg-primary"></div>
|
<div class="card-status bg-primary"></div>
|
||||||
<div class="card-header">
|
<div class="card-header cant-create-rooms-title">
|
||||||
<h3 class="card-title"><%= t("room.no_room.title") %></h3>
|
<h3 class="card-title"><%= t("room.no_room.title") %></h3>
|
||||||
</div>
|
</div>
|
||||||
<div class="card-body">
|
<div class="card-body">
|
||||||
|
<p><%= t("room.no_room.description") %></p>
|
||||||
<%= form_for(:join_room, url: join_room_path) do |f| %>
|
<%= form_for(:join_room, url: join_room_path) do |f| %>
|
||||||
<div class="input-icon mb-2">
|
<div class="input-icon mb-2">
|
||||||
<span class="input-icon-addon">
|
<span class="input-icon-addon">
|
||||||
|
|
|
@ -46,7 +46,7 @@
|
||||||
<% @user.roles.by_priority.each do |role| %>
|
<% @user.roles.by_priority.each do |role| %>
|
||||||
<span id="<%= "user-role-tag_#{role.id}" %>" style="<%= "background-color: #{role_colour(role)};border-color: #{role_colour(role)};" %>" class="tag user-role-tag">
|
<span id="<%= "user-role-tag_#{role.id}" %>" style="<%= "background-color: #{role_colour(role)};border-color: #{role_colour(role)};" %>" class="tag user-role-tag">
|
||||||
<%= translated_role_name(role) %>
|
<%= translated_role_name(role) %>
|
||||||
<% if (current_user_role.can_edit_roles || current_user_role.name == "super_admin") && (role.priority > current_user_role.priority || current_user_role.name == "admin") %>
|
<% if (current_user_role.can_manage_users || current_user_role.name == "super_admin") && (role.priority > current_user_role.priority || current_user_role.name == "admin") %>
|
||||||
<a data-role-id="<%= role.id %>" class="tag-addon clear-role">
|
<a data-role-id="<%= role.id %>" class="tag-addon clear-role">
|
||||||
<i data-role-id="<%= role.id %>" class="fas fa-times"></i>
|
<i data-role-id="<%= role.id %>" class="fas fa-times"></i>
|
||||||
</a>
|
</a>
|
||||||
|
@ -54,7 +54,7 @@
|
||||||
</span>
|
</span>
|
||||||
<% end %>
|
<% end %>
|
||||||
</div>
|
</div>
|
||||||
<% if current_user_role.can_edit_roles || current_user_role.name == "super_admin" %>
|
<% if current_user_role.can_manage_users || current_user_role.name == "super_admin" %>
|
||||||
<% provider = Rails.configuration.loadbalanced_configuration ? current_user.provider : "greenlight" %>
|
<% provider = Rails.configuration.loadbalanced_configuration ? current_user.provider : "greenlight" %>
|
||||||
<%= f.select :roles, Role.editable_roles(@user_domain).map{|role| [translated_role_name(role), role.id, {'data-colour' => role_colour(role)}]}.unshift(["", nil, {'data-colour' => nil}]), {disabled: disabled_roles(@user)}, { class: "form-control custom-select", id: "role-select-dropdown" } %>
|
<%= f.select :roles, Role.editable_roles(@user_domain).map{|role| [translated_role_name(role), role.id, {'data-colour' => role_colour(role)}]}.unshift(["", nil, {'data-colour' => nil}]), {disabled: disabled_roles(@user)}, { class: "form-control custom-select", id: "role-select-dropdown" } %>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
|
|
@ -413,8 +413,9 @@ en:
|
||||||
owner: Owner
|
owner: Owner
|
||||||
no_room:
|
no_room:
|
||||||
title: Join a Room
|
title: Join a Room
|
||||||
placeholder: Enter the room url or the room id for the room you want to join.
|
description: Enter the room url or the room id for the room you want to join.
|
||||||
invalid_room_uid: The room url/uid you entered was invalid.
|
invalid_room_uid: The room url/uid you entered was invalid.
|
||||||
|
placeholder: Room url/uid
|
||||||
no_sessions: This room has no sessions, yet!
|
no_sessions: This room has no sessions, yet!
|
||||||
recordings: Room Recordings
|
recordings: Room Recordings
|
||||||
room_limit: You have reached the maximum number of rooms allowed
|
room_limit: You have reached the maximum number of rooms allowed
|
||||||
|
|
|
@ -341,7 +341,7 @@ describe UsersController, type: :controller do
|
||||||
|
|
||||||
user_role = user.highest_priority_role
|
user_role = user.highest_priority_role
|
||||||
|
|
||||||
user_role.can_edit_roles = true
|
user_role.can_manage_users = true
|
||||||
|
|
||||||
user_role.save!
|
user_role.save!
|
||||||
|
|
||||||
|
@ -364,7 +364,7 @@ describe UsersController, type: :controller do
|
||||||
|
|
||||||
user_role = user.highest_priority_role
|
user_role = user.highest_priority_role
|
||||||
|
|
||||||
user_role.can_edit_roles = true
|
user_role.can_manage_users = true
|
||||||
|
|
||||||
user_role.save!
|
user_role.save!
|
||||||
|
|
||||||
|
|
Reference in New Issue