Dont allow team owners to be edited

getsentry · Nov 6, 2013 · 667c3b4 · 667c3b4
1 parent 0a0295b
commit 667c3b4
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 16 deletions.
diff --git a/src/sentry/templates/sentry/teams/members/index.html b/src/sentry/templates/sentry/teams/members/index.html
@@ -34,28 +34,33 @@ <h2>{% trans "Members" %}</h2>
         </thead>
         <tbody>
             {% for member, user in member_list %}
-                <tr>
-                    <td>
-                        <a href="{% url 'sentry-edit-team-member' team.slug member.pk %}">{% if user.first_name %}{{ user.first_name }} &mdash; {% endif %}{{ user.username }}</a><br>
-                        {{ user.email }}
-                    </td>
-                    <td style="text-align:center;">
-                        {% if user == team.owner %}
+                {% if user == team.owner %}
+                    <tr>
+                        <td>
+                            {% if user.first_name %}{{ user.first_name }} &mdash; {% endif %}{{ user.username }}</a><br>
+                            {{ user.email }}
+                        </td>
+                        <td style="text-align:center;">
                             {% trans "Owner" %}
-                        {% else %}
-                            {{ member.get_type_display }}
-                        {% endif %}
-                    </td>
-                    {% if user == team.owner %}
+                        </td>
                         <td style="text-align:center;">
                             <em>{% trans "unavailable for owner" %}</em>
                         </td>
-                    {% else %}
+                    </tr>
+                {% else %}
+                    <tr>
+                        <td>
+                            <a href="{% url 'sentry-edit-team-member' team.slug member.pk %}">{% if user.first_name %}{{ user.first_name }} &mdash; {% endif %}{{ user.username }}</a><br>
+                            {{ user.email }}
+                        </td>
+                        <td style="text-align:center;">
+                            {{ member.get_type_display }}
+                        </td>
                         <td style="text-align:center;">
                             <a href="{% url 'sentry-remove-team-member' team.slug member.pk %}" class="btn btn-danger btn-small">{% trans "Remove" %}</a>
                         </td>
-                    {% endif %}
-                </tr>
+                    </tr>
+                {% endif %}
             {% endfor %}
         </tbody>
     </table>

diff --git a/src/sentry/web/frontend/teams.py b/src/sentry/web/frontend/teams.py
@@ -305,8 +305,11 @@ def edit_team_member(request, team, member_id):
     except TeamMember.DoesNotExist:
         return HttpResponseRedirect(reverse('sentry-manage-team', args=[team.slug]))
 
+    if member.user == team.owner:
+        return HttpResponseRedirect(reverse('sentry-manage-team', args=[team.slug]))
+
     if not can_edit_team_member(request.user, member):
-        return HttpResponseRedirect(reverse('sentry'))
+        return HttpResponseRedirect(reverse('sentry-manage-team', args=[team.slug]))
 
     form = EditTeamMemberForm(team, request.POST or None, instance=member)
     if form.is_valid():