Introduce an "owner" role, and prevent it from being administered

to prevent the owner from being demoted or kicked out.

ref: https://app.fizzy.do/5986089/cards/3213
This commit is contained in:
Mike Dalessio
2025-11-29 13:17:59 -05:00
parent 156a23f1f5
commit edf6b53469
20 changed files with 166 additions and 36 deletions
@@ -18,5 +18,29 @@ class Users::RolesControllerTest < ActionDispatch::IntegrationTest
assert_no_changes -> { users(:david).reload.role } do
put user_role_path(users(:david)), params: { user: { role: "system" } }
end
assert_no_changes -> { users(:david).reload.role } do
put user_role_path(users(:david)), params: { user: { role: "owner" } }
end
end
test "admin cannot demote the owner" do
assert users(:jason).owner?
assert_no_changes -> { users(:jason).reload.role } do
put user_role_path(users(:jason)), params: { user: { role: "admin" } }
end
assert_response :forbidden
end
test "admin cannot change owner role to member" do
assert users(:jason).owner?
assert_no_changes -> { users(:jason).reload.role } do
put user_role_path(users(:jason)), params: { user: { role: "member" } }
end
assert_response :forbidden
end
end