Updating permissions

app/models/concerns/team_private.rb

@@ -19,6 +19,7 @@ def add_user_to_team
       tu.user = user
       tu.team = self
       tu.role = 'admin'
+      tu.skip_check_ability = true
       tu.save!
 
       user.current_team_id = self.id

lib/check_basic_abilities.rb

@@ -20,10 +20,6 @@ def global_admin_perms
 
   def authenticated_perms
     can :create, Team
-    can :create, TeamUser, :user_id => @user.id, status: ['member', 'requested']
-    can :update, TeamUser do |obj|
-      obj.user_id == @user.id && obj.user_id_was == obj.user_id && obj.role_was == obj.role && obj.status_was == 'member' && obj.status == 'banned'
-    end
 
     # Permissions for registration and login
     can :read, Source, team_id: @context_team.id

test/models/ability_test.rb

@@ -373,7 +373,7 @@ def teardown
     tu = create_team_user user: u
     User.current = u
     ability = Ability.new
-    assert ability.can?(:create, TeamUser)
+    assert ability.cannot?(:create, TeamUser)
     assert ability.cannot?(:update, tu)
     assert ability.can?(:destroy, tu)
   end
@@ -385,7 +385,7 @@ def teardown
     tu2 = create_team_user
     with_current_user_and_team(u, t) do
       ability = Ability.new
-      assert ability.can?(:create, TeamUser)
+      assert ability.cannot?(:create, TeamUser)
       assert ability.cannot?(:update, tu)
       assert ability.can?(:destroy, tu)
       assert ability.cannot?(:update, tu2)
@@ -1208,11 +1208,6 @@ def teardown
             tu.save!
           end
         end
-        assert_nothing_raised do
-          tu = TeamUser.find(tu.id)
-          tu.status = 'banned'
-          tu.save!
-        end
       end
       with_current_user_and_team(u, t2) do
         if role != 'admin' && role != 'editor'

test/models/project_media_5_test.rb

@@ -313,8 +313,8 @@ def setup
     t.save!
     u = create_user
     Sidekiq::Testing.fake! do
+      create_team_user team: t, user: u, role: 'admin'
       with_current_user_and_team(u, t) do
-        create_team_user team: t, user: u, role: 'admin'
         SlackNotificationWorker.drain
         assert_equal 0, SlackNotificationWorker.jobs.size
         pm = create_project_media team: t

test/models/team_user_test.rb

@@ -81,8 +81,8 @@ def setup
     u = create_user
     t = create_team
     t2 = create_team
+    tu = create_team_user user: u, status: 'requested', team: t
     with_current_user_and_team(u, t) do
-      tu = create_team_user user: u, status: 'requested', team: t
       assert_raise RuntimeError do
         tu = create_team_user status: 'requested', team: t, user: create_user
       end

test/models/user_test.rb

@@ -1283,31 +1283,27 @@ def setup
     u = create_user
     create_team_user team: t, user: u, role: 'admin'
     u2 = create_user
-    # request to join team with invitation period
+    # Request to join team with invitation period
     with_current_user_and_team(u, t) do
       members = [{role: 'admin', email: u2.email}]
       User.send_user_invitation(members)
     end
-    with_current_user_and_team(u2, t) do
-      create_team_user team: t, user: u2, status: 'requested'
-    end
+    create_team_user team: t, user: u2, status: 'requested'
     tu = u2.team_users.where(team_id: t.id).last
     assert_equal 'admin', tu.role
     assert_equal 'member', tu.status
-    # request to join team with expired invitaion
+    # Request to join team with expired invitaion
     t2 = create_team
     create_team_user team: t2, user: u, role: 'admin'
     with_current_user_and_team(u, t2) do
       members = [{role: 'admin', email: u2.email}]
       User.send_user_invitation(members)
     end
     tu = u2.team_users.where(team_id: t2.id).last
-    # expire invitation
+    # Expire invitation
     old_date = tu.created_at - User.invite_for - 1.day
     tu.update_column(:created_at, old_date)
-    with_current_user_and_team(u2, t2) do
-      create_team_user team: t2, user: u2, status: 'requested'
-    end
+    create_team_user team: t2, user: u2, status: 'requested'
     tu = u2.team_users.where(team_id: t2.id).last
     assert_equal 'admin', tu.role
     assert_equal 'requested', tu.status

test/workers/slack_notification_worker_test.rb

@@ -19,7 +19,7 @@ def setup
     }]
     t.slack_notifications = slack_notifications.to_json
     t.save!
-    u = create_user
+    u = create_user is_admin: true
     with_current_user_and_team(u, t) do
       create_team_user team: t, user: u, role: 'admin'
       assert_equal 1, SlackNotificationWorker.jobs.size