Project owners can not be no admin

2016-03-17 20:42:10 +01:00 · 2016-03-17 20:42:10 +01:00 · af588be527
parent 5ccb7a2702
commit af588be527
2 changed files with 21 additions and 3 deletions
--- a/taiga/projects/serializers.py
+++ b/taiga/projects/serializers.py
@ -190,9 +190,13 @@ class MembershipSerializer(serializers.ModelSerializer):
        if project is None:
            project = self.object.project

-        if (self.object and
-                not services.project_has_valid_admins(project, exclude_user=self.object.user)):
-            raise serializers.ValidationError(_("In this project at least one of the users must be an active admin."))
+        if (self.object):
+            if self.object.user.id == project.owner_id and attrs[source] != True:
+                raise serializers.ValidationError(_("Project owner must be admin."))
+
+            if not services.project_has_valid_admins(project, exclude_user=self.object.user):
+                raise serializers.ValidationError(_("In this project at least one of the users "
+                                                    "must be an active admin."))

        return attrs

--- a/tests/integration/test_memberships.py
+++ b/tests/integration/test_memberships.py
@ -347,6 +347,20 @@ def test_api_edit_membership(client):

    assert response.status_code == 200

+def test_api_change_owner_membership_to_no_admin_return_error(client):
+    project = f.ProjectFactory()
+    membership_owner = f.MembershipFactory(project=project, user=project.owner, is_admin=True)
+    membership = f.MembershipFactory(project=project, is_admin=True)
+
+    url = reverse("memberships-detail", args=[membership_owner.id])
+    data = {"is_admin": False}
+
+    client.login(membership.user)
+    response = client.json.patch(url, json.dumps(data))
+
+    assert response.status_code == 400
+    assert 'is_admin' in response.data
+

 def test_api_delete_membership(client):
    membership = f.MembershipFactory(is_admin=True)