Manage team, now has a view only version of the page which requires no permissions.

2026-02-05 10:53:28 -05:00 · 2016-03-21 15:25:19 +00:00
parent a41a723fa7
commit a482fac02a
5 changed files with 38 additions and 9 deletions
--- a/app/main/views/manage_users.py
+++ b/app/main/views/manage_users.py
@@ -24,7 +24,6 @@ from app.utils import user_has_permissions

@main.route("/services/<service_id>/users")
@login_required
-@user_has_permissions('manage_users', 'manage_templates', 'manage_settings')
 def manage_users(service_id):
    users = user_api_client.get_users_for_service(service_id=service_id)
    invited_users = invite_api_client.get_invites_for_service(service_id=service_id)
--- a/app/templates/main_nav.html
+++ b/app/templates/main_nav.html
@@ -18,6 +18,10 @@
    <li><a href="{{ url_for('.manage_users', service_id=service_id) }}">Manage team</a></li>
    <li><a href="{{ url_for('.service_settings', service_id=service_id) }}">Manage settings</a></li>
  </ul>
+  {% else %}
+  <ul>
+    <li><a href="{{ url_for('.manage_users', service_id=service_id) }}">Team members</a></li>
+  </ul>
  {% endif %}
  {% if current_user.has_permissions(['manage_api_keys', 'access_developer_docs']) %}
  <ul>
--- a/app/templates/views/manage-users.html
+++ b/app/templates/views/manage-users.html
@@ -19,12 +19,18 @@ Manage users – GOV.UK Notify
  <div class="grid-row">
    <div class="column-two-thirds">
      <h1 class="heading-large">
-        Manage team
+        {% if current_user.has_permissions(['manage_users']) %}
+          Manage team
+        {% else %}
+          Team members
+        {% endif %}
      </h1>
    </div>
-    <div class="column-one-third">
-      <a href="{{ url_for('.invite_user', service_id=service_id) }}" class="button align-with-heading">Invite team member</a>
-    </div>
+    {% if current_user.has_permissions(['manage_users']) %}
+      <div class="column-one-third">
+        <a href="{{ url_for('.invite_user', service_id=service_id) }}" class="button align-with-heading">Invite team member</a>
+      </div>
+    {% endif %}
  </div>

  {% call(item) list_table(
@@ -37,8 +43,10 @@ Manage users – GOV.UK Notify
    {{ boolean_field(item.has_permissions(['manage_users', 'manage_templates', 'manage_settings'], service_id=service_id)) }}
    {{ boolean_field(item.has_permissions(['manage_api_keys', 'access_developer_docs'], service_id=service_id)) }}
    {% call field(align='right') %}
-      {% if current_user.id != item.id %}
-        <a href="{{ url_for('.edit_user_permissions', service_id=service_id, user_id=item.id)}}">Edit permission</a>
+      {% if current_user.has_permissions(['manage_users']) %}
+        {% if current_user.id != item.id %}
+          <a href="{{ url_for('.edit_user_permissions', service_id=service_id, user_id=item.id)}}">Edit permission</a>
+        {% endif %}
      {% endif %}
    {% endcall %}
  {% endcall %}