lino.jorzick/greenlight
1
0
Fork 0
forked from External/greenlight
Code Issues Pull Requests Projects Releases Wiki Activity

Roles editor bug fix (#721)

Browse Source 
* Allow users with just the manage users permission to edit roles

* Allow users with just the manage users permission to edit roles

* Fix update recordings bug
This commit is contained in:
shawn-higgins1
2019-08-01 16:53:55 -04:00
committed by Jesus Federico
parent 60f5cd5c81
commit e1fdc8f58b
7 changed files with 18 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/controllers/recordings_controller.rb
View File

@ -50,10 +50,9 @@ class RecordingsController < ApplicationController
# Ensure the user is logged into the room they are accessing.
def verify_room_ownership
if !current_user ||
!@room.owned_by?(current_user) ||
!current_user.has_role?(:admin) ||
!current_user.has_role?(:super_admin)
if !current_user || (!@room.owned_by?(current_user) &&
!current_user.highest_priority_role.can_edit_site_settings &&
!current_user.has_role?(:super_admin))
redirect_to root_path
end
end

4
app/controllers/users_controller.rb
View File

@ -260,8 +260,8 @@ class UsersController < ApplicationController
# Updates as user's roles
def update_roles
# Check that the user can edit roles
if current_user.highest_priority_role.can_edit_roles
# Check that the user can manage users
if current_user.highest_priority_role.can_manage_users
new_roles = params[:user][:role_ids].split(' ').map(&:to_i)
old_roles = @user.roles.pluck(:id)