To avoid some bad things to happen…
</form>
<p>
{{ form_start(delete_form) }}
- <button onclick="return confirm('{{ 'user.form.delete_confirm'|trans|escape('js') }}')" type="submit" class="btn waves-effect waves-light red">{{ 'user.form.delete'|trans }}</button>
+ <button {% if app.user.id == user.id %}disabled="disabled"{% endif %} onclick="return confirm('{{ 'user.form.delete_confirm'|trans|escape('js') }}')" type="submit" class="btn waves-effect waves-light red">{{ 'user.form.delete'|trans }}</button>
{{ form_end(delete_form) }}
</p>
<p><a class="waves-effect waves-light btn blue-grey" href="{{ path('user_index') }}">{{ 'user.form.back_to_list'|trans }}</a></p>
// Check the user has been delete on the list
$this->assertNotRegExp('/Foo User/', $client->getResponse()->getContent());
}
+
+ public function testDeleteDisabledForLoggedUser()
+ {
+ $this->logInAs('admin');
+ $client = $this->getClient();
+
+ $crawler = $client->request('GET', '/users/'.$this->getLoggedInUserId().'/edit');
+ $disabled = $crawler->selectButton('user.form.delete')->extract('disabled');
+
+ $this->assertEquals('disabled', $disabled[0]);
+ }
}
projects / github / wallabag / wallabag.git / commitdiff
