diff --git a/frontend/src/app/modules/hal/resources/hal-resource.ts b/frontend/src/app/modules/hal/resources/hal-resource.ts index 5e1e288aa2..cfea1763e4 100644 --- a/frontend/src/app/modules/hal/resources/hal-resource.ts +++ b/frontend/src/app/modules/hal/resources/hal-resource.ts @@ -145,14 +145,16 @@ export class HalResource { } /** - * Return whether the work package is editable with the user's permission - * on the given work package attribute. + * Return whether the resource is editable with the user's permission + * on the given resource package attribute. + * In order to be editable, there needs to be an update link on the resource and the schema for + * the attribute needs to indicate the writability. * * @param property */ public isAttributeEditable(property:string):boolean { const fieldSchema = this.schema[property]; - return fieldSchema && fieldSchema.writable; + return this.$links.update && fieldSchema && fieldSchema.writable; } /** diff --git a/modules/dashboards/spec/features/project_description_spec.rb b/modules/dashboards/spec/features/project_description_spec.rb index 65bd4ab4c9..7b3a87cde9 100644 --- a/modules/dashboards/spec/features/project_description_spec.rb +++ b/modules/dashboards/spec/features/project_description_spec.rb @@ -36,7 +36,7 @@ describe 'Project description widget on dashboard', type: :feature, js: true do FactoryBot.create :project, description: project_description end - let(:permissions) do + let(:read_only_permissions) do %i[view_dashboards manage_dashboards] end @@ -47,11 +47,11 @@ describe 'Project description widget on dashboard', type: :feature, js: true do edit_project] end - let(:user) do - FactoryBot.create(:user, member_in_project: project, member_with_permissions: permissions) + let(:read_only_user) do + FactoryBot.create(:user, member_in_project: project, member_with_permissions: read_only_permissions) end - let(:second_user) do + let(:editing_user) do FactoryBot.create(:user, member_in_project: project, member_with_permissions: editing_permissions) end @@ -63,14 +63,16 @@ describe 'Project description widget on dashboard', type: :feature, js: true do dashboard_page.visit! dashboard_page.add_widget(1, 1, :within, "Project description") - sleep(0.1) + dashboard_page.expect_and_dismiss_notification message: I18n.t('js.notice_successful_update') + end + + before do + login_as current_user + add_project_description_widget end context 'without editing permissions' do - before do - login_as user - add_project_description_widget - end + let(:current_user) { read_only_user } it 'can add the widget, but not edit the description' do # As the user lacks the manage_public_queries and save_queries permission, no other widget is present @@ -83,16 +85,14 @@ describe 'Project description widget on dashboard', type: :feature, js: true do # The description is not editable field = TextEditorField.new dashboard_page, 'description' + field.expect_read_only field.activate! expect_open: false end end end context 'with editing permissions' do - before do - login_as second_user - add_project_description_widget - end + let(:current_user) { editing_user } it 'can edit the description' do # As the user lacks the manage_public_queries and save_queries permission, no other widget is present @@ -114,8 +114,6 @@ describe 'Project description widget on dashboard', type: :feature, js: true do expect(page).to have_selector(field.selector) expect(page).not_to have_selector(field.input_selector) end - end end - end diff --git a/modules/dashboards/spec/features/project_details_spec.rb b/modules/dashboards/spec/features/project_details_spec.rb index 2e3e4fc815..bddeb1c5ca 100644 --- a/modules/dashboards/spec/features/project_details_spec.rb +++ b/modules/dashboards/spec/features/project_details_spec.rb @@ -74,10 +74,10 @@ describe 'Project details widget on dashboard', type: :feature, js: true do FactoryBot.create(:role, permissions: permissions) end - let(:user) do + let(:read_only_user) do FactoryBot.create(:user, member_in_project: project, member_through_role: role) end - let(:second_user) do + let(:editing_user) do FactoryBot.create(:user, member_in_project: project, member_with_permissions: editing_permissions, @@ -85,7 +85,9 @@ describe 'Project details widget on dashboard', type: :feature, js: true do lastname: 'Guy') end let(:other_user) do - FactoryBot.create(:user) + FactoryBot.create(:user, + firstname: 'Other', + lastname: 'User') end let(:dashboard_page) do Pages::Dashboard.new(project) @@ -95,7 +97,7 @@ describe 'Project details widget on dashboard', type: :feature, js: true do dashboard_page.visit! dashboard_page.add_widget(1, 1, :within, "Project details") - sleep(0.1) + dashboard_page.expect_and_dismiss_notification message: I18n.t('js.notice_successful_update') end def change_cf_value(cf, old_value, new_value) @@ -114,11 +116,13 @@ describe 'Project details widget on dashboard', type: :feature, js: true do expect(page).not_to have_selector(cf.input_selector) end + before do + login_as current_user + add_project_details_widget + end + context 'without editing permissions' do - before do - login_as user - add_project_details_widget - end + let(:current_user) { read_only_user } it 'can add the widget, but not edit the custom fields' do # As the user lacks the manage_public_queries and save_queries permission, no other widget is present @@ -141,21 +145,18 @@ describe 'Project details widget on dashboard', type: :feature, js: true do expect(page) .to have_content("#{date_cf.name}\n#{Date.today.strftime('%m/%d/%Y')}") expect(page) - .to have_content("#{user_cf.name}\n#{user.name.split.map(&:first).join}#{user.name}") + .to have_content("#{user_cf.name}\n#{other_user.name.split.map(&:first).join}#{other_user.name}") # The fields are not editable field = EditField.new dashboard_page, "customField#{bool_cf.id}" + field.expect_read_only field.activate! expect_open: false end end end context 'with editing permissions' do - before do - user - login_as second_user - add_project_details_widget - end + let(:current_user) { editing_user } it 'can edit the custom fields' do int_field = EditField.new dashboard_page, "customField#{int_cf.id}" @@ -168,7 +169,7 @@ describe 'Project details widget on dashboard', type: :feature, js: true do change_cf_value text_field, 'Some long text', 'Some very long text' user_field = SelectField.new dashboard_page, "customField#{user_cf.id}" - change_cf_value user_field, user.name, second_user.name + change_cf_value user_field, other_user.name, editing_user.name end end end diff --git a/modules/dashboards/spec/features/project_status_spec.rb b/modules/dashboards/spec/features/project_status_spec.rb index 6b293d89b2..2899f60db9 100644 --- a/modules/dashboards/spec/features/project_status_spec.rb +++ b/modules/dashboards/spec/features/project_status_spec.rb @@ -36,7 +36,7 @@ describe 'Project status widget on dashboard', type: :feature, js: true do FactoryBot.create :project_status end - let(:permissions) do + let(:read_only_permissions) do %i[view_dashboards manage_dashboards] end @@ -46,10 +46,10 @@ describe 'Project status widget on dashboard', type: :feature, js: true do edit_project] end - let(:user) do + let(:read_only_user) do FactoryBot.create(:user, member_in_project: project, - member_with_permissions: permissions) + member_with_permissions: read_only_permissions) end let(:editing_user) do @@ -66,14 +66,16 @@ describe 'Project status widget on dashboard', type: :feature, js: true do dashboard_page.visit! dashboard_page.add_widget(1, 1, :within, "Project status") - sleep(0.1) + dashboard_page.expect_and_dismiss_notification message: I18n.t('js.notice_successful_update') + end + + before do + login_as current_user + add_project_status_widget end context 'without editing permissions' do - before do - login_as user - add_project_status_widget - end + let(:current_user) { read_only_user } it 'can add the widget, but not edit the status' do # As the user lacks the manage_public_queries and save_queries permission, no other widget is present @@ -89,20 +91,19 @@ describe 'Project status widget on dashboard', type: :feature, js: true do # The status selector does not open field = EditField.new(dashboard_page, 'status') + field.expect_read_only field.activate! expect_open: false # The explanation is not editable field = TextEditorField.new(dashboard_page, 'statusExplanation') + field.expect_read_only field.activate! expect_open: false end end end context 'with editing permissions' do - before do - login_as editing_user - add_project_status_widget - end + let(:current_user) { editing_user } it 'can edit the status and its explanation' do # As the user lacks the manage_public_queries and save_queries permission, no other widget is present