allow non-primary community admins to edit user roles and reactivate …

…friends in their communities
CZagrobelny · Jun 18, 2021 · 555b994 · 555b994
1 parent 3e7a38f
commit 555b994
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 4 deletions.
diff --git a/app/controllers/admin/friends_controller.rb b/app/controllers/admin/friends_controller.rb
@@ -1,5 +1,5 @@
 class Admin::FriendsController < AdminController
-  before_action :require_access_to_region, only: [:reactivate]
+  before_action :require_access_to_region_or_non_primary_community_admin, only: [:reactivate]
   before_action :restrict_access_to_archived_friend, only: [:edit, :update, :destroy]
 
   def index
@@ -210,6 +210,13 @@ def update_friend_params
     update_friend_params
   end
 
+  def require_access_to_region_or_non_primary_community_admin
+    return if current_user.can_access_region?(current_region)
+    return if current_user.admin? && !current_community.primary?
+
+    not_found
+  end
+
   def current_tab
     # TODO: See if params[:tab] is ever an empty string, otherwise can remove the presence
     params[:tab].presence || '#basic'

diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb
@@ -52,7 +52,7 @@ def update
     @user = current_community.users.find(params[:id])
     ActiveRecord::Base.transaction do
       @user.update!(
-        current_user.can_access_region?(current_region) ? user_params : user_params_excluding_role
+        current_user.can_access_region?(current_region) || !current_community.primary? ? user_params : user_params_excluding_role
       )
       if current_user.can_access_region?(current_region) && password_params.present?
         unless @user.reset_password(password_params[:password], password_params[:password])

diff --git a/app/views/admin/friends/index.html.erb b/app/views/admin/friends/index.html.erb
@@ -68,7 +68,7 @@
                 <ul class='dropdown-menu'>
                   <li><%= link_to 'Delete', community_admin_friend_path(current_community.slug, friend), method: :delete, confirm: true %></li>
                 </ul>
-              <% elsif current_user.can_access_region?(current_region) %>
+              <% elsif current_user.can_access_region?(current_region) || (current_user.admin? && !current_community.primary?) %>
                 <%= link_to 'Reactivate', reactivate_community_admin_friend_path(friend.community.slug, friend), method: :patch %>
               <% else %>
                 Archived

diff --git a/app/views/admin/users/_form.html.erb b/app/views/admin/users/_form.html.erb
@@ -40,7 +40,7 @@
       <% end %>
     </div>
 
-    <% if current_user.can_access_region?(current_region) %>
+    <% if current_user.can_access_region?(current_region) || !current_community.primary? %>
       <% available_roles = current_community.primary? ? User::PRIMARY_ROLES : User::NON_PRIMARY_ROLES %>
       <div class='form-group'>
         <%= f.label :role, class: 'col-md-2 control-label required' %>