Open amplifi opened 7 years ago
dpalomino
commented
7 years ago Hey @amplifi. I cannot replicate this issue, what I've done in staging is:
Maybe something only happeining for superusers?
amplifi
commented
7 years ago @dpalomino Like I mentioned above, it's happened with both superuser and (two) non-superuser accounts. With a third non-superuser account, it seems to work as expected. More permissions weirdness that should be resolved with the permissions overhaul, but we still need to track the bugs to confirm they don't occur in later updates.
dpalomino
commented
7 years ago Ah ok thanks @amplifi, I was just trying to find a pattern for reproduce the issue. Yeah, let's keep it open and review after the permissions redesign.
seav
commented
7 years ago This may partially explain the weirdness, but there is definitely a bug with respect to superusers. If you add a superuser as a member of an organization but you do not assign them as an administrator, the fact that the superuser is an ordinary member trumps their superuser-ness. You can see the wrong logic in the OrgRoleCheckMixin.get_roles() method. In the method, you can see that initially the superuser is considered an admin, but later on this is overridden by the fact that the superuser is just an ordinary member.
Steps to reproduce the error
Add a new user to an organization as an administrator. Try to archive a project within that org, or the organization itself.
Actual behavior
The archive option doesn't appear at either the project or organization level.
For bonus points, same also occurs whether or not the new user is a superuser.
Expected behavior
Organization admin should be allowed to archive a project of that organization, as well as the organization itself. In its current state, it is possible to add a new org admin, remove the original org admin, and wind up with both projects and orgs that can't be archived at all.