Merge branch 'backport-view-condition-improvement-from-ee-460' into 'master'

Fix permission checks in member row (backport from gitlab-org/gitlab-ee!460) ## What does this MR do? It improves the check we use to display or not the members' access and controls in the members list. ## Are there points in the code the reviewer needs to double check? No, I replaced an helper with just a permission check so I think it's a better solution. ## Why was this MR needed? There were a spec failure in gitlab-org/gitlab-ee!460 because of the refactor done in the "request access" MR. ## What are the relevant issue numbers? None. ## Does this MR meet the acceptance criteria? - No CHANGELOG needed - [x] Tests - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4670

Merge branch 'backport-view-condition-improvement-from-ee-460' into 'master'
Fix permission checks in member row (backport from gitlab-org/gitlab-ee!460) ## What does this MR do? It improves the check we use to display or not the members' access and controls in the members list. ## Are there points in the code the reviewer needs to double check? No, I replaced an helper with just a permission check so I think it's a better solution. ## Why was this MR needed? There were a spec failure in gitlab-org/gitlab-ee!460 because of the refactor done in the "request access" MR. ## What are the relevant issue numbers? None. ## Does this MR meet the acceptance criteria? - No CHANGELOG needed - [x] Tests - [x] All builds are passing - [x] Conform by the [style guides](https://gitlab.com/gitlab-org/gitlab-ce/blob/master/CONTRIBUTING.md#style-guides) - [x] Branch has no merge conflicts with `master` (if you do - rebase it please) - [x] [Squashed related commits together](https://git-scm.com/book/en/Git-Tools-Rewriting-History#Squashing-Commits) See merge request !4670
4a1b42b0 · Douwe Maan · Robert Speicher · 30c20263 · 4a1b42b0 · 4a1b42b0
Commit 4a1b42b0 authored Jun 16, 2016 by Douwe Maan Committed by Robert Speicher Jun 17, 2016
5 changed files
--- a/app/helpers/members_helper.rb
+++ b/app/helpers/members_helper.rb
@@ -6,12 +6,6 @@ module MembersHelper
    "#{action}_#{member.type.underscore}".to_sym
  end

-  def can_see_member_roles?(source:, user: nil)
-    return false unless user
-
-    user.is_admin? || source.members.exists?(user_id: user.id)
-  end
-
  def remove_member_message(member, user: nil)
    user = current_user if defined?(current_user)


--- a/app/views/groups/group_members/update.js.haml
+++ b/app/views/groups/group_members/update.js.haml
 :plain
-  $("##{dom_id(@group_member)}").replaceWith('#{escape_javascript(render(@group_member, member: @group_member))}');
+  $("##{dom_id(@group_member)}").replaceWith('#{escape_javascript(render('shared/members/member', member: @group_member))}');
--- a/app/views/projects/project_members/update.js.haml
+++ b/app/views/projects/project_members/update.js.haml
 :plain
-  $("##{dom_id(@project_member)}").replaceWith('#{escape_javascript(render("project_member", member: @project_member))}');
+  $("##{dom_id(@project_member)}").replaceWith('#{escape_javascript(render('shared/members/member', member: @project_member))}');
--- a/app/views/shared/members/_member.html.haml
+++ b/app/views/shared/members/_member.html.haml
- show_roles = local_assigns.fetch(:show_roles, true)
+- default_show_roles = can?(current_user, action_member_permission(:update, member), member) || can?(current_user, action_member_permission(:destroy, member), member)
+- show_roles = local_assigns.fetch(:show_roles, default_show_roles)
 - show_controls = local_assigns.fetch(:show_controls, true)
 - user = member.user

@@ -36,7 +37,7 @@
                  method: :post,
                  class: 'btn-xs btn'

-  - if show_roles && can_see_member_roles?(source: member.source, user: current_user)
+  - if show_roles
    %span.pull-right
      %strong= member.human_access
      - if show_controls

--- a/spec/helpers/members_helper_spec.rb
+++ b/spec/helpers/members_helper_spec.rb
@@ -9,22 +9,6 @@ describe MembersHelper do
    it { expect(action_member_permission(:admin, group_member)).to eq :admin_group_member }
  end

-  describe '#can_see_member_roles?' do
-    let(:project) { create(:empty_project) }
-    let(:group) { create(:group) }
-    let(:user) { build(:user) }
-    let(:admin) { build(:user, :admin) }
-    let(:project_member) { create(:project_member, project: project) }
-    let(:group_member) { create(:group_member, group: group) }
-
-    it { expect(can_see_member_roles?(source: project, user: nil)).to be_falsy }
-    it { expect(can_see_member_roles?(source: group, user: nil)).to be_falsy }
-    it { expect(can_see_member_roles?(source: project, user: admin)).to be_truthy }
-    it { expect(can_see_member_roles?(source: group, user: admin)).to be_truthy }
-    it { expect(can_see_member_roles?(source: project, user: project_member.user)).to be_truthy }
-    it { expect(can_see_member_roles?(source: group, user: group_member.user)).to be_truthy }
-  end
-
  describe '#remove_member_message' do
    let(:requester) { build(:user) }
    let(:project) { create(:project) }