Add role 'owner' to users (#185)

2025-12-16 03:37:56 +01:00 · 2023-01-18 21:11:27 +01:00
parent e86748edca
commit 0e96ff7ad4
25 changed files with 482 additions and 54 deletions
--- a/app/controllers/site_settings_controller.rb
+++ b/app/controllers/site_settings_controller.rb
@@ -4,7 +4,7 @@ class SiteSettingsController < ApplicationController
  before_action :authenticate_admin,
    only: [:general, :boards, :post_statuses, :roadmap, :authentication]

-  before_action :authenticate_power_user,
+  before_action :authenticate_moderator,
    only: [:users]
  
  def general
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -17,6 +17,9 @@ class UsersController < ApplicationController

    @user.assign_attributes user_update_params

+    # Handle special case: trying to set user role to 'owner'
+    raise Pundit::NotAuthorizedError if @user.owner?
+
    if @user.save
      render json: @user
    else