From bf40cd98e8227bbaeffb709fa72fd3172dc27a84 Mon Sep 17 00:00:00 2001 From: Eva Marco Date: Wed, 4 Dec 2024 17:36:36 +0100 Subject: [PATCH] :bug: Fix admin can demote owner --- .../dashboard/get-team-members-admin.json | 30 +++++++++++++++++++ .../logged-in-user/get-teams-complete.json | 2 +- .../playwright/ui/specs/dashboard.spec.js | 17 +++++++++++ frontend/src/app/main/ui/dashboard/team.cljs | 13 ++++---- 4 files changed, 56 insertions(+), 6 deletions(-) create mode 100644 frontend/playwright/data/dashboard/get-team-members-admin.json diff --git a/frontend/playwright/data/dashboard/get-team-members-admin.json b/frontend/playwright/data/dashboard/get-team-members-admin.json new file mode 100644 index 000000000..04237e11f --- /dev/null +++ b/frontend/playwright/data/dashboard/get-team-members-admin.json @@ -0,0 +1,30 @@ +[ + { + "~:is-admin": true, + "~:email": "bar@example.com", + "~:team-id": "~udd33ff88-f4e5-8033-8003-8096cc07bdf3", + "~:name": "Han Solo", + "~:fullname": "Han Solo", + "~:is-owner": true, + "~:modified-at": "~m1713533116365", + "~:can-edit": true, + "~:is-active": true, + "~:id": "~u1e162163-87b7-805b-8005-5fd05514b6d3", + "~:profile-id": "~u1e162163-87b7-805b-8005-5fd05514b6d3", + "~:created-at": "~m1733324626956" + }, + { + "~:is-admin": true, + "~:email": "foo@example.com", + "~:team-id": "~udd33ff88-f4e5-8033-8003-8096cc07bdf3", + "~:name": "Princesa Leia", + "~:fullname": "Princesa Leia", + "~:is-owner": false, + "~:modified-at": "~m1713533116365", + "~:can-edit": true, + "~:is-active": true, + "~:id": "~uc7ce0794-0992-8105-8004-38e630f29a9b", + "~:profile-id": "~uf56647eb-19a7-8115-8003-b6bc939ecd1b", + "~:created-at": "~m1713533116365" + } +] diff --git a/frontend/playwright/data/logged-in-user/get-teams-complete.json b/frontend/playwright/data/logged-in-user/get-teams-complete.json index 910e1543f..9ec9e90a0 100644 --- a/frontend/playwright/data/logged-in-user/get-teams-complete.json +++ b/frontend/playwright/data/logged-in-user/get-teams-complete.json @@ -35,7 +35,7 @@ }, "~:permissions": { "~:type": "~:membership", - "~:is-owner": true, + "~:is-owner": false, "~:is-admin": true, "~:can-edit": true }, diff --git a/frontend/playwright/ui/specs/dashboard.spec.js b/frontend/playwright/ui/specs/dashboard.spec.js index b11e1a326..5945045bd 100644 --- a/frontend/playwright/ui/specs/dashboard.spec.js +++ b/frontend/playwright/ui/specs/dashboard.spec.js @@ -52,3 +52,20 @@ test("Lists files in the drafts page", async ({ page }) => { dashboardPage.page.getByRole("button", { name: /New File 2/ }), ).toBeVisible(); }); + +test("Bug 9443, Admin can not demote owner", async ({ page }) => { + const dashboardPage = new DashboardPage(page); + await dashboardPage.setupDashboardFull(); + await DashboardPage.mockRPC( + page, + "get-team-members?team-id=*", + "dashboard/get-team-members-admin.json", + ); + + await dashboardPage.goToSecondTeamMembersSection(); + + await expect(page.getByRole("heading", { name: "Members" })).toBeVisible(); + await expect(page.getByRole("combobox", { name: "Admin" })).toBeVisible(); + await expect(page.getByText("Owner")).toBeVisible(); + await expect(page.getByRole("combobox", { name: "Owner" })).toHaveCount(0); +}); diff --git a/frontend/src/app/main/ui/dashboard/team.cljs b/frontend/src/app/main/ui/dashboard/team.cljs index 431dd2711..34a3d20e7 100644 --- a/frontend/src/app/main/ui/dashboard/team.cljs +++ b/frontend/src/app/main/ui/dashboard/team.cljs @@ -278,27 +278,30 @@ is-you (= (:id profile) (:id member)) can-change-rol (or is-owner is-admin) - not-superior (or is-admin (and can-change-rol (or member-is-admin member-is-editor member-is-viewer))) + not-superior (or (and (not member-is-owner) is-admin) (and can-change-rol (or member-is-admin member-is-editor member-is-viewer))) role (cond member-is-owner "labels.owner" member-is-admin "labels.admin" member-is-editor "labels.editor" - :else "labels.viewer") - + :else "labels.viewer") on-show (mf/use-fn #(reset! show? true)) on-hide (mf/use-fn #(reset! show? false))] [:* (if (and can-change-rol not-superior (not (and is-you is-owner))) [:div {:class (stl/css :rol-selector :has-priv) + :role "combobox" + :aria-labelledby "role-label-id" :on-click on-show} - [:span {:class (stl/css :rol-label)} (tr role)] + [:span {:class (stl/css :rol-label) + :id "role-label-id"} (tr role)] arrow-icon] [:div {:class (stl/css :rol-selector)} [:span {:class (stl/css :rol-label)} (tr role)]]) [:& dropdown {:show @show? :on-close on-hide} - [:ul {:class (stl/css :roles-dropdown)} + [:ul {:class (stl/css :roles-dropdown) + :role "listbox"} [:li {:on-click on-set-viewer :class (stl/css :rol-dropdown-item)} (tr "labels.viewer")]