From 3d4220ce5ffc34186ef8f9e0f031507cd91b10fa Mon Sep 17 00:00:00 2001 From: =Corey Hulen Date: Tue, 6 Oct 2015 09:50:27 -0700 Subject: PLT-435 adding ability to demote system admin --- web/react/components/admin_console/user_item.jsx | 1 - web/react/components/member_list_team_item.jsx | 44 +++++++++++++----------- 2 files changed, 24 insertions(+), 21 deletions(-) diff --git a/web/react/components/admin_console/user_item.jsx b/web/react/components/admin_console/user_item.jsx index 32812e875..c5c6e19d4 100644 --- a/web/react/components/admin_console/user_item.jsx +++ b/web/react/components/admin_console/user_item.jsx @@ -126,7 +126,6 @@ export default class UserItem extends React.Component { let showMakeNotActive = user.roles !== 'system_admin'; if (user.delete_at > 0) { - currentRoles = 'Inactive'; currentRoles = 'Inactive'; showMakeMember = false; showMakeAdmin = false; diff --git a/web/react/components/member_list_team_item.jsx b/web/react/components/member_list_team_item.jsx index b7e81f843..629fb2ec4 100644 --- a/web/react/components/member_list_team_item.jsx +++ b/web/react/components/member_list_team_item.jsx @@ -24,32 +24,32 @@ export default class MemberListTeamItem extends React.Component { }; Client.updateRoles(data, - function handleMakeMemberSuccess() { + () => { AsyncClient.getProfiles(); }, - function handleMakeMemberError(err) { + (err) => { this.setState({serverError: err.message}); - }.bind(this) + } ); } handleMakeActive() { Client.updateActive(this.props.user.id, true, - function handleMakeActiveSuccess() { + () => { AsyncClient.getProfiles(); }, - function handleMakeActiveError(err) { + (err) => { this.setState({serverError: err.message}); - }.bind(this) + } ); } handleMakeNotActive() { Client.updateActive(this.props.user.id, false, - function handleMakeNotActiveSuccess() { + () => { AsyncClient.getProfiles(); }, - function handleMakeNotActiveError(err) { + (err) => { this.setState({serverError: err.message}); - }.bind(this) + } ); } handleMakeAdmin() { @@ -59,12 +59,12 @@ export default class MemberListTeamItem extends React.Component { }; Client.updateRoles(data, - function handleMakeAdminSuccess() { + () => { AsyncClient.getProfiles(); }, - function handleMakeAdmitError(err) { + (err) => { this.setState({serverError: err.message}); - }.bind(this) + } ); } render() { @@ -82,14 +82,18 @@ export default class MemberListTeamItem extends React.Component { const timestamp = UserStore.getCurrentUser().update_at; if (user.roles.length > 0) { - currentRoles = user.roles.charAt(0).toUpperCase() + user.roles.slice(1); + if (user.roles.indexOf('system_admin') > -1) { + currentRoles = 'System Admin'; + } else { + currentRoles = user.roles.charAt(0).toUpperCase() + user.roles.slice(1); + } } const email = user.email; - let showMakeMember = user.roles === 'admin'; - let showMakeAdmin = user.roles === ''; + let showMakeMember = user.roles === 'admin' || user.roles === 'system_admin'; + let showMakeAdmin = user.roles === '' || user.roles === 'system_admin'; let showMakeActive = false; - let showMakeNotActive = true; + let showMakeNotActive = user.roles !== 'system_admin'; if (user.delete_at > 0) { currentRoles = 'Inactive'; @@ -108,7 +112,7 @@ export default class MemberListTeamItem extends React.Component { href='#' onClick={this.handleMakeAdmin} > - Make Admin + {'Make Admin'} ); @@ -123,7 +127,7 @@ export default class MemberListTeamItem extends React.Component { href='#' onClick={this.handleMakeMember} > - Make Member + {'Make Member'} ); @@ -138,7 +142,7 @@ export default class MemberListTeamItem extends React.Component { href='#' onClick={this.handleMakeActive} > - Make Active + {'Make Active'} ); @@ -153,7 +157,7 @@ export default class MemberListTeamItem extends React.Component { href='#' onClick={this.handleMakeNotActive} > - Make Inactive + {'Make Inactive'} ); -- cgit v1.2.3-1-g7c22 From 3b4b79d99f8795a26c38b843ca822f38e27ddc23 Mon Sep 17 00:00:00 2001 From: =Corey Hulen Date: Tue, 6 Oct 2015 10:50:38 -0700 Subject: Adding checkout for system admin role --- api/user.go | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/api/user.go b/api/user.go index 2d7dd9ab1..78f8768a4 100644 --- a/api/user.go +++ b/api/user.go @@ -991,7 +991,7 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) { } if model.IsInRole(new_roles, model.ROLE_SYSTEM_ADMIN) && !c.IsSystemAdmin() { - c.Err = model.NewAppError("updateRoles", "The system_admin role can only be set by another system admin", "") + c.Err = model.NewAppError("updateRoles", "The system admin role can only be set by another system admin", "") c.Err.StatusCode = http.StatusForbidden return } @@ -1014,6 +1014,12 @@ func updateRoles(c *Context, w http.ResponseWriter, r *http.Request) { return } + if user.IsInRole(model.ROLE_SYSTEM_ADMIN) && !c.IsSystemAdmin() { + c.Err = model.NewAppError("updateRoles", "The system admin role can only by modified by another system admin", "") + c.Err.StatusCode = http.StatusForbidden + return + } + ruser := UpdateRoles(c, user, new_roles) if c.Err != nil { return -- cgit v1.2.3-1-g7c22