Prepare for backport

632ee618 · Douwe Maan · 61a1d1fc · 632ee618 · 632ee618 · 632ee618
Commit 632ee618 authored Feb 06, 2017 by Douwe Maan
6 changed files
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -175,7 +175,7 @@ class Admin::UsersController < Admin::ApplicationController
  def user_params_ce
    [
-      :admin,
+      :access_level,
      :avatar,
      :bio,
      :can_create_group,
@@ -203,8 +203,7 @@ class Admin::UsersController < Admin::ApplicationController
  def user_params_ee
    [
-      :note,
+      :note
-      :access_level
    ]
  end
 end
--- a/app/models/ee/user.rb
+++ b/app/models/ee/user.rb
@@ -36,23 +36,5 @@ module EE
    def admin_or_auditor?
      admin? || auditor?
    end
-    def access_level
-      if admin?
-        :admin
-      elsif auditor?
-        :auditor
-      else
-        :regular
-      end
-    end
-    def access_level=(new_level)
-      new_level = new_level.to_s
-      return unless %w(admin auditor regular).include?(new_level)
-      self.admin = (new_level == 'admin')
-      self.auditor = (new_level == 'auditor')
-    end
  end
 end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -934,6 +934,24 @@ class User < ActiveRecord::Base
    Gitlab::UserActivities::ActivitySet.record(self)
  end
+  def access_level
+    if admin?
+      :admin
+    elsif auditor?
+      :auditor
+    else
+      :regular
+    end
+  end
+  def access_level=(new_level)
+    new_level = new_level.to_s
+    return unless %w(admin auditor regular).include?(new_level)
+    self.admin = (new_level == 'admin')
+    self.auditor = (new_level == 'auditor')
+  end
  private
  def ci_projects_union

--- a/app/views/admin/users/_access_levels_ee.html.haml
+++ b/app/views/admin/users/_access_levels_ee.html.haml
@@ -11,22 +11,29 @@
  .form-group
    = f.label :access_level, class: 'control-label'
    .col-sm-10
-      = f.radio_button :access_level, :regular, disabled: (current_user == @user && @user.is_admin?)
+      - editing_current_user = (current_user == @user)
+      = f.radio_button :access_level, :regular, disabled: editing_current_user
      = label_tag :regular do
        Regular
      %p.light
        Regular users have access to their groups and projects
      - if license_allows_auditor_user?
-        = f.radio_button :access_level, :auditor, disabled: (current_user == @user && @user.is_admin?)
+        = f.radio_button :access_level, :auditor, disabled: editing_current_user
        = label_tag :auditor do
          Auditor
        %p.light
          Auditors have read-only access to all groups, projects and users
-      = f.radio_button :access_level, :admin
+      = f.radio_button :access_level, :admin, disabled: editing_current_user
      = label_tag :admin do
        Admin
      %p.light
        Administrators have access to all groups, projects and users and can manage all features in this installation
+      - if editing_current_user
+        %p.light
+          You cannot remove your own admin rights.
  .form-group
    = f.label :external, class: 'control-label'

--- a/app/views/admin/users/_form.html.haml
+++ b/app/views/admin/users/_form.html.haml
@@ -40,7 +40,7 @@
          = f.label :password_confirmation, class: 'control-label'
          .col-sm-10= f.password_field :password_confirmation, disabled: f.object.force_random_password, class: 'form-control'
-    = render partial: 'access_levels_ee', locals: { f: f }
+    = render partial: 'access_levels', locals: { f: f }
    %fieldset
      %legend Profile

--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -1493,66 +1493,7 @@ describe User, models: true do
    end
  end
-  describe 'the GitLab_Auditor_User add-on' do
+  describe '#access_level=' do
-    let(:license) { build(:license) }
-    before do
-      allow(::License).to receive(:current).and_return(license)
-    end
-    context 'creating an auditor user' do
-      it "does not allow creating an auditor user if the addon isn't enabled" do
-        allow_any_instance_of(License).to receive(:add_on?).with('GitLab_Auditor_User') { false }
-        expect(build(:user, :auditor)).to be_invalid
-      end
-      it "does not allow creating an auditor user if no license is present" do
-        allow(License).to receive(:current).and_return nil
-        expect(build(:user, :auditor)).to be_invalid
-      end
-      it "allows creating an auditor user if the addon is enabled" do
-        allow_any_instance_of(License).to receive(:add_on?).with('GitLab_Auditor_User') { true }
-        expect(build(:user, :auditor)).to be_valid
-      end
-      it "allows creating a regular user if the addon isn't enabled" do
-        allow_any_instance_of(License).to receive(:add_on?).with('GitLab_Auditor_User') { false }
-        expect(build(:user)).to be_valid
-      end
-    end
-    context '#auditor?' do
-      it "returns true for an auditor user if the addon is enabled" do
-        allow_any_instance_of(License).to receive(:add_on?).with('GitLab_Auditor_User') { true }
-        expect(build(:user, :auditor)).to be_auditor
-      end
-      it "returns false for an auditor user if the addon is not enabled" do
-        allow_any_instance_of(License).to receive(:add_on?).with('GitLab_Auditor_User') { false }
-        expect(build(:user, :auditor)).not_to be_auditor
-      end
-      it "returns false for an auditor user if a license is not present" do
-        allow_any_instance_of(License).to receive(:add_on?).with('GitLab_Auditor_User') { false }
-        expect(build(:user, :auditor)).not_to be_auditor
-      end
-      it "returns false for a non-auditor user even if the addon is present" do
-        allow_any_instance_of(License).to receive(:add_on?).with('GitLab_Auditor_User') { true }
-        expect(build(:user)).not_to be_auditor
-      end
-    end
-    context 'access_level=' do
    let(:user) { build(:user) }
    before do
@@ -1628,5 +1569,64 @@ describe User, models: true do
      expect(user.auditor).to be false
    end
  end
+  describe 'the GitLab_Auditor_User add-on' do
+    let(:license) { build(:license) }
+    before do
+      allow(::License).to receive(:current).and_return(license)
+    end
+    context 'creating an auditor user' do
+      it "does not allow creating an auditor user if the addon isn't enabled" do
+        allow_any_instance_of(License).to receive(:add_on?).with('GitLab_Auditor_User') { false }
+        expect(build(:user, :auditor)).to be_invalid
+      end
+      it "does not allow creating an auditor user if no license is present" do
+        allow(License).to receive(:current).and_return nil
+        expect(build(:user, :auditor)).to be_invalid
+      end
+      it "allows creating an auditor user if the addon is enabled" do
+        allow_any_instance_of(License).to receive(:add_on?).with('GitLab_Auditor_User') { true }
+        expect(build(:user, :auditor)).to be_valid
+      end
+      it "allows creating a regular user if the addon isn't enabled" do
+        allow_any_instance_of(License).to receive(:add_on?).with('GitLab_Auditor_User') { false }
+        expect(build(:user)).to be_valid
+      end
+    end
+    context '#auditor?' do
+      it "returns true for an auditor user if the addon is enabled" do
+        allow_any_instance_of(License).to receive(:add_on?).with('GitLab_Auditor_User') { true }
+        expect(build(:user, :auditor)).to be_auditor
+      end
+      it "returns false for an auditor user if the addon is not enabled" do
+        allow_any_instance_of(License).to receive(:add_on?).with('GitLab_Auditor_User') { false }
+        expect(build(:user, :auditor)).not_to be_auditor
+      end
+      it "returns false for an auditor user if a license is not present" do
+        allow_any_instance_of(License).to receive(:add_on?).with('GitLab_Auditor_User') { false }
+        expect(build(:user, :auditor)).not_to be_auditor
+      end
+      it "returns false for a non-auditor user even if the addon is present" do
+        allow_any_instance_of(License).to receive(:add_on?).with('GitLab_Auditor_User') { true }
+        expect(build(:user)).not_to be_auditor
+      end
+    end
  end
 end