Revoking administrator role on current user should fail

author mmd-osm <mmd.osm@gmail.com>

Tue, 19 Dec 2017 17:31:34 +0000 (17:31 +0000)

committer Tom Hughes <tom@compton.nu>

Tue, 19 Dec 2017 17:31:34 +0000 (17:31 +0000)
author mmd-osm <mmd.osm@gmail.com>
Tue, 19 Dec 2017 17:31:34 +0000 (17:31 +0000)
committer Tom Hughes <tom@compton.nu>
Tue, 19 Dec 2017 17:31:34 +0000 (17:31 +0000)
diff --git a/app/controllers/user_roles_controller.rb b/app/controllers/user_roles_controller.rb

index 536790dc5b36f9e924b971d3cd9c66ed46248558..5ef68216bf81e8cc26a53845bf138110edbc1a10 100644 (file)
--- a/app/controllers/user_roles_controller.rb
+++ b/app/controllers/user_roles_controller.rb
@@ -15,7 +15,12 @@ class UserRolesController < ApplicationController
    end
  
    def revoke
    end
  
    def revoke
-    UserRole.where(:user_id => @this_user.id, :role => @role).delete_all
+    # checks that administrator role is not revoked from current user
+    if current_user == @this_user && @role == "administrator"
+      flash[:error] = t("user_role.filter.not_revoke_admin_current_user")
+    else
+      UserRole.where(:user_id => @this_user.id, :role => @role).delete_all
+    end
      redirect_to :controller => "user", :action => "view", :display_name => @this_user.display_name
    end
  
      redirect_to :controller => "user", :action => "view", :display_name => @this_user.display_name
    end
  
diff --git a/config/locales/en.yml b/config/locales/en.yml

index 5737e690a046336c99fe9718370b0b53dbeb426d..317dee88ea66b668b10e5510126da7bf5beb871d 100644 (file)
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -2036,6 +2036,7 @@ en:
        not_a_role: "The string `%{role}' is not a valid role."
        already_has_role: "The user already has role %{role}."
        doesnt_have_role: "The user does not have role %{role}."
        not_a_role: "The string `%{role}' is not a valid role."
        already_has_role: "The user already has role %{role}."
        doesnt_have_role: "The user does not have role %{role}."
+      not_revoke_admin_current_user: "Cannot revoke administrator role from current user."
      grant:
        title: Confirm role granting
        heading: Confirm role granting
      grant:
        title: Confirm role granting
        heading: Confirm role granting
diff --git a/test/controllers/user_roles_controller_test.rb b/test/controllers/user_roles_controller_test.rb

index f73fc9056293571f54845211fb60575cf664fcb0..f9e32140621081672573fd07ae88477a9ba5a998 100644 (file)
--- a/test/controllers/user_roles_controller_test.rb
+++ b/test/controllers/user_roles_controller_test.rb
@@ -134,5 +134,10 @@ class UserRolesControllerTest < ActionController::TestCase
      end
      assert_redirected_to user_path(target_user.display_name)
      assert_equal "The string `no_such_role' is not a valid role.", flash[:error]
      end
      assert_redirected_to user_path(target_user.display_name)
      assert_equal "The string `no_such_role' is not a valid role.", flash[:error]
+
+    # Revoking administrator role from current user should fail
+    post :revoke, :params => { :display_name => administrator_user.display_name, :role => "administrator" }
+    assert_redirected_to user_path(administrator_user.display_name)
+    assert_equal "Cannot revoke administrator role from current user.", flash[:error]
    end
  end
    end
  end
author	mmd-osm <mmd.osm@gmail.com>
	Tue, 19 Dec 2017 17:31:34 +0000 (17:31 +0000)
committer	Tom Hughes <tom@compton.nu>
	Tue, 19 Dec 2017 17:31:34 +0000 (17:31 +0000)
app/controllers/user_roles_controller.rb		patch \| blob \| history
config/locales/en.yml		patch \| blob \| history
test/controllers/user_roles_controller_test.rb		patch \| blob \| history