Signed in admin should be able to add/remove himself to a group

9ab7bdf7 · Douglas Barbosa Alexandre · 1ad8b731 · 9ab7bdf7 · 9ab7bdf7 · 9ab7bdf7
Commit 9ab7bdf7 authored Dec 01, 2015 by Douglas Barbosa Alexandre
4 changed files
--- a/app/models/ability.rb
+++ b/app/models/ability.rb
@@ -346,12 +346,10 @@ class Ability
      unless group.last_owner?(target_user)
        can_manage = group_abilities(user, group).include?(:admin_group_member)

-        if can_manage && user != target_user
+        if can_manage
          rules << :update_group_member
          rules << :destroy_group_member
-        end
-
-        if user == target_user
+        elsif user == target_user
          rules << :destroy_group_member
        end
      end

--- a/features/admin/groups.feature
+++ b/features/admin/groups.feature
@@ -33,3 +33,19 @@ Feature: Admin Groups
    When I visit admin group page
    When I select user "johndoe@gitlab.com" from user list as "Reporter"
    Then I should see "johndoe@gitlab.com" in team list in every project as "Reporter"
+
+  @javascript
+  Scenario: Signed in admin should be able to add himself to a group
+    Given "John Doe" is owner of group "Owned"
+    When I visit group "Owned" members page
+    When I select current user as "Developer"
+    Then I should see current user as "Developer"
+
+  @javascript
+  Scenario: Signed in admin should be able to remove himself from group
+    Given current user is developer of group "Owned"
+    When I visit group "Owned" members page
+    Then I should see current user as "Developer"
+    When I click on the "Remove User From Group" button for current user
+    When I visit group "Owned" members page
+    Then I should not see current user as "Developer"
--- a/features/steps/admin/groups.rb
+++ b/features/steps/admin/groups.rb
 class Spinach::Features::AdminGroups < Spinach::FeatureSteps
  include SharedAuthentication
+  include SharedGroup
  include SharedPaths
  include SharedUser
  include SharedActiveTab
@@ -88,6 +89,34 @@ class Spinach::Features::AdminGroups < Spinach::FeatureSteps
    end
  end

+  step 'I select current user as "Developer"' do
+    page.within ".users-group-form" do
+      select2(current_user.id, from: "#user_ids", multiple: true)
+      select "Developer", from: "access_level"
+    end
+
+    click_button "Add users to group"
+  end
+
+  step 'I should see current user as "Developer"' do
+    page.within '.content-list' do
+      expect(page).to have_content(current_user.name)
+      expect(page).to have_content('Developer')
+    end
+  end
+
+  step 'I click on the "Remove User From Group" button for current user' do
+    find(:css, 'li', text: current_user.name).find(:css, 'a.btn-remove').click
+    # poltergeist always confirms popups.
+  end
+
+  step 'I should not see current user as "Developer"' do
+    page.within '.content-list' do
+      expect(page).not_to have_content(current_user.name)
+      expect(page).not_to have_content('Developer')
+    end
+  end
+
  protected

  def current_group

--- a/features/steps/shared/group.rb
+++ b/features/steps/shared/group.rb
 module SharedGroup
  include Spinach::DSL

+  step 'current user is developer of group "Owned"' do
+    is_member_of(current_user.name, "Owned", Gitlab::Access::DEVELOPER)
+  end
+
  step '"John Doe" is owner of group "Owned"' do
    is_member_of("John Doe", "Owned", Gitlab::Access::OWNER)
  end