Only allow superusers (a.k.a. "Admins") to edit from the show screen (#…

…1116)
pulibrary · Dec 11, 2024 · a37a477 · a37a477
1 parent 842896e
commit a37a477
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 3 deletions.
diff --git a/app/views/projects/show.html.erb b/app/views/projects/show.html.erb
@@ -9,7 +9,8 @@
 
 <div class="details">
   <h2>Roles
-    <% if @project_eligible_to_edit && current_user.eligible_sponsor? %>
+    <%# Per ticket #1114 only superusers have edit access %>
+    <% if @project_eligible_to_edit && current_user.superuser %>
       <%= link_to "Edit", edit_project_path(@project.id), id:"revisible-heading", class: "btn btn-primary btn-sm" %>
     <% end %>
   </h2>
@@ -42,7 +43,8 @@
 
 <div class="details">
   <h2>Project Description
-    <% if @project_eligible_to_edit && current_user.eligible_sponsor? %>
+    <%# Per ticket #1114 only superusers have edit access %>
+    <% if @project_eligible_to_edit && current_user.superuser %>
       <%= link_to "Edit", edit_project_path(@project.id), id:"revisible-heading", class: "btn btn-primary btn-sm" %>
     <% end %>
   </h2>

diff --git a/spec/system/project_show_spec.rb b/spec/system/project_show_spec.rb
@@ -52,7 +52,8 @@
 
             expect(page).not_to have_content(pending_text)
             expect(page).to have_css ".approved"
-            expect(page).to have_selector(:link_or_button, "Edit") # button next to role and description heading
+            # Per ticket #1114 sponsor users no longer have edit access
+            expect(page).not_to have_selector(:link_or_button, "Edit") # button next to role and description heading
             expect(page).to have_selector(:link_or_button, "Review Contents")
             expect(page).to have_selector(:link_or_button, "Withdraw Project Request")
             expect(page).to have_selector(:link_or_button, "Return to Dashboard")