diff --git a/app/views/boards/_access_toggle.erb b/app/views/boards/_access_toggle.html.erb
similarity index 100%
rename from app/views/boards/_access_toggle.erb
rename to app/views/boards/_access_toggle.html.erb
diff --git a/app/views/boards/edit/_users.html.erb b/app/views/boards/edit/_users.html.erb
index 3214a2f2c..d8c16484a 100644
--- a/app/views/boards/edit/_users.html.erb
+++ b/app/views/boards/edit/_users.html.erb
@@ -1,3 +1,4 @@
+<% disabled = !Current.user.can_administer_board?(board) %>
Who can access this board?
@@ -16,7 +17,7 @@
@@ -26,14 +27,14 @@
-
+ <%= button_tag "Select all", type: "button", class: "btn btn--plain txt-x-small txt-link font-weight-normal", data: { action: "click->toggle-class#checkAll" }, disabled: %>
·
-
+ <%= button_tag "Select none", type: "button", class: "btn btn--plain txt-x-small txt-link font-weight-normal", data: { action: "click->toggle-class#checkNone" }, disabled: %>
- <%= access_toggles_for selected_users, selected: true, disabled: !Current.user.can_administer_board?(board) %>
- <%= access_toggles_for unselected_users, selected: false, disabled: !Current.user.can_administer_board?(board) %>
+ <%= access_toggles_for selected_users, selected: true, disabled: %>
+ <%= access_toggles_for unselected_users, selected: false, disabled: %>
<% end %>
diff --git a/test/controllers/boards_controller_test.rb b/test/controllers/boards_controller_test.rb
index 816a2e7b3..d9314775b 100644
--- a/test/controllers/boards_controller_test.rb
+++ b/test/controllers/boards_controller_test.rb
@@ -145,4 +145,25 @@ class BoardsControllerTest < ActionDispatch::IntegrationTest
assert_response :forbidden
end
+
+ test "disables select all/none buttons for non-privileged user" do
+ logout_and_sign_in_as :jz
+ assert_not users(:jz).can_administer_board?(boards(:writebook))
+
+ get edit_board_path(boards(:writebook))
+
+ assert_response :success
+ assert_select "button[disabled]", text: "Select all"
+ assert_select "button[disabled]", text: "Select none"
+ end
+
+ test "enables select all/none buttons for privileged user" do
+ assert users(:kevin).can_administer_board?(boards(:writebook))
+
+ get edit_board_path(boards(:writebook))
+
+ assert_response :success
+ assert_select "button:not([disabled])", text: "Select all"
+ assert_select "button:not([disabled])", text: "Select none"
+ end
end