From a27884733dec5dcfe680f3206e85de090b2a7f69 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Toni=20F=C3=B6rster?= <toni.foerster@gmail.com>
Date: Tue, 15 Sep 2020 22:08:32 +0200
Subject: [PATCH] fixes #2082 proper link in mail (#2083)

* fixes #2082 proper link in mail

only send the promoted user a link to the admin page if their role
allows them to.

* addressed review

Co-authored-by: Ahmad Farhat <ahmad.af.farhat@gmail.com>
---
 app/mailers/user_mailer.rb                   | 4 ++++
 app/views/user_mailer/user_promoted.html.erb | 4 ++--
 app/views/user_mailer/user_promoted.text.erb | 2 +-
 3 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/app/mailers/user_mailer.rb b/app/mailers/user_mailer.rb
index a28ef222..f7ac797a 100644
--- a/app/mailers/user_mailer.rb
+++ b/app/mailers/user_mailer.rb
@@ -47,6 +47,10 @@ class UserMailer < ApplicationMailer
     @image = logo_image
     @color = user_color
     @role = translated_role_name(role)
+    @admin_role = role.get_permission("can_manage_users") ||
+                  role.get_permission("can_manage_rooms_recordings") ||
+                  role.get_permission("can_edit_site_settings") ||
+                  role.get_permission("can_edit_roles")
     mail to: user.email, subject: t('mailer.user.promoted.subtitle', role: translated_role_name(role))
   end
 
diff --git a/app/views/user_mailer/user_promoted.html.erb b/app/views/user_mailer/user_promoted.html.erb
index 02b00c1f..b40f2abc 100644
--- a/app/views/user_mailer/user_promoted.html.erb
+++ b/app/views/user_mailer/user_promoted.html.erb
@@ -32,8 +32,8 @@
       <%= t('mailer.user.promoted.more-info', url: @url) %>
     </p>
 
-    <a style="background: <%= @color %>;color: #ffffff; padding: 10px 15px; box-shadow: 0 2px 4px 0 rgba(0,0,0,.25);border: 1px solid transparent;text-decoration:none;" href="<%= @admin_url %>">
-      <%= t('mailer.user.promoted.admins_link') %>
+    <a style="background: <%= @color %>;color: #ffffff; padding: 10px 15px; box-shadow: 0 2px 4px 0 rgba(0,0,0,.25);border: 1px solid transparent;text-decoration:none;" href="<%= @admin_role ? @admin_url : @url%>">
+      <%= @admin_role ? t('mailer.user.promoted.admins_link') : t('mailer.user.approve.signin_link')%>
     </a>
   </div>
 </div>
diff --git a/app/views/user_mailer/user_promoted.text.erb b/app/views/user_mailer/user_promoted.text.erb
index 4db97844..a61fd002 100644
--- a/app/views/user_mailer/user_promoted.text.erb
+++ b/app/views/user_mailer/user_promoted.text.erb
@@ -23,4 +23,4 @@
 
 <%= t('mailer.user.promoted.more-info', url: @url) %>
 
-<%= @admin_url %>
+<%= @admin_role ? @admin_url : @url %>