diff --git a/app/Http/Controllers/TeamController.php b/app/Http/Controllers/TeamController.php index e4eb513..dca57fc 100644 --- a/app/Http/Controllers/TeamController.php +++ b/app/Http/Controllers/TeamController.php @@ -7,6 +7,7 @@ use App\Http\Requests\TeamUpdateRequest; use App\Models\Team; use Illuminate\Http\Request; +use Spatie\Permission\Models\Role; class TeamController extends Controller { @@ -20,7 +21,8 @@ public function setCurrent(SetCurrentTeamRequest $request, Team $team) public function edit(Request $request) { return view('team.edit', [ - 'team' => $request->user()->currentTeam + 'team' => $request->user()->currentTeam->load(['members.roles', 'invites.team']), + 'roles' => Role::get() ]); } diff --git a/app/Policies/TeamPolicy.php b/app/Policies/TeamPolicy.php index cba7770..834cccc 100644 --- a/app/Policies/TeamPolicy.php +++ b/app/Policies/TeamPolicy.php @@ -64,6 +64,12 @@ public function revokeInvite(User $user, Team $team) public function changeMemberRole(User $user, Team $team, User $member) { + if ($user->id === $member->id) { + return $team->members->filter(function ($teamMember) { + return $teamMember->hasRole('team admin'); + })->count() >= 2; + } + if ($team->members->doesntContain($member)) { return false; } diff --git a/resources/views/components/team-member-item.blade.php b/resources/views/components/team-member-item.blade.php index 33f43a7..c7ab269 100644 --- a/resources/views/components/team-member-item.blade.php +++ b/resources/views/components/team-member-item.blade.php @@ -57,7 +57,7 @@ - @foreach(Role::get() as $role) + @foreach($roles as $role) @endforeach diff --git a/resources/views/team/partials/team-members.blade.php b/resources/views/team/partials/team-members.blade.php index 603e3c6..4f5d6b9 100644 --- a/resources/views/team/partials/team-members.blade.php +++ b/resources/views/team/partials/team-members.blade.php @@ -12,7 +12,7 @@
diff --git a/tests/Feature/Controllers/TeamMemberControllerTest.php b/tests/Feature/Controllers/TeamMemberControllerTest.php index 1010601..484e489 100644 --- a/tests/Feature/Controllers/TeamMemberControllerTest.php +++ b/tests/Feature/Controllers/TeamMemberControllerTest.php @@ -70,6 +70,42 @@ ->and($member->roles->count())->toBe(1); }); +it('can not downgrade own role if no other team admin', function () { + $user = User::factory()->create(); + + setPermissionsTeamId($user->currentTeam->id); + + actingAs($user) + ->patch(route('team.members.update', [$user->currentTeam, $user]), [ + 'role' => 'team member', + ]) + ->assertForbidden(); + + expect($user->fresh()->hasRole('team admin')) + ->toBeTrue(); +}); + +it('can downgrade own role if there is another team admin', function () { + $user = User::factory()->create(); + + $user->currentTeam->members()->attach( + $anotherAdmin = User::factory()->createQuietly() + ); + + $anotherAdmin->assignRole('team admin'); + + setPermissionsTeamId($user->currentTeam->id); + + actingAs($user) + ->patch(route('team.members.update', [$user->currentTeam, $user]), [ + 'role' => 'team member', + ]) + ->assertRedirect(); + + expect($user->fresh()->hasRole('team member')) + ->toBeTrue(); +}); + it('only updates role if provided', function () { $user = User::factory()->create();