user_group_settings: Disable dropdown if no permission to update it.

Previously, even when a user doesn't have permission to edit
a user group, the dropdown for the group permission settings
was not disabled, and is possible for a user to change the values.

This commit disables the dropdown of the user group permission
settings, in case user doesn't have permission to edit the settings.
This commit is contained in:
roanster007 2024-07-23 01:13:07 +05:30 committed by Tim Abbott
parent fc5a5c7113
commit e22a0c7f73
1 changed files with 34 additions and 1 deletions

View File

@ -101,6 +101,34 @@ function update_add_members_elements(group) {
} }
} }
function update_general_settings_elements(group) {
if (!is_editing_group(group.id)) {
return;
}
// We are concerend with the General tab for changing group permissions.
const $group_permission_settings = $("#group_permission_settings");
// Otherwise, we adjust whether the widgets are disabled based on
// whether this user is authorized to change the group settings.
const $permission_dropdown_elements =
$group_permission_settings.find(".dropdown-widget-button");
if (settings_data.can_edit_user_group(group.id)) {
$permission_dropdown_elements.prop("disabled", false);
$permission_dropdown_elements
.closest(".dropdown_widget_with_label_wrapper")
._tippy?.destroy();
} else {
$permission_dropdown_elements.prop("disabled", true);
settings_components.initialize_disable_btn_hint_popover(
$permission_dropdown_elements.closest(".dropdown_widget_with_label_wrapper"),
$t({defaultMessage: "You do not have permission to edit this setting."}),
);
}
}
function show_membership_settings(group) { function show_membership_settings(group) {
const $edit_container = get_edit_container(group); const $edit_container = get_edit_container(group);
update_add_members_elements(group); update_add_members_elements(group);
@ -112,6 +140,11 @@ function show_membership_settings(group) {
}); });
} }
function show_general_settings(group) {
user_group_components.setup_permissions_dropdown(group, false);
update_general_settings_elements(group);
}
function enable_group_edit_settings(group) { function enable_group_edit_settings(group) {
if (!is_editing_group(group.id)) { if (!is_editing_group(group.id)) {
return; return;
@ -285,7 +318,7 @@ export function show_settings_for(group) {
$edit_container.show(); $edit_container.show();
show_membership_settings(group); show_membership_settings(group);
user_group_components.setup_permissions_dropdown(group, false); show_general_settings(group);
} }
export function setup_group_settings(group) { export function setup_group_settings(group) {