can [:index, :show, :resolve, :ignore, :reopen], Issue
can :create, IssueComment
can [:new, :create, :edit, :update, :destroy], Redaction
- can [:new, :create, :revoke, :revoke_all], UserBlock
+ can [:new, :create, :revoke_all], UserBlock
can :update, UserBlock, :creator => user
can :update, UserBlock, :revoker => user
can :update, UserBlock, :active? => true
authorize_resource
before_action :lookup_user, :only => [:new, :create, :revoke_all, :blocks_on, :blocks_by]
- before_action :lookup_user_block, :only => [:show, :edit, :update, :revoke]
+ before_action :lookup_user_block, :only => [:show, :edit, :update]
before_action :require_valid_params, :only => [:create, :update]
before_action :check_database_readable
- before_action :check_database_writable, :only => [:create, :update, :revoke, :revoke_all]
+ before_action :check_database_writable, :only => [:create, :update, :revoke_all]
def index
@params = params.permit
end
end
- ##
- # revokes the block, setting the end_time to now
- def revoke
- if request.post? && params[:confirm] && @user_block.revoke!(current_user)
- flash[:notice] = t ".flash"
- redirect_to(@user_block)
- end
- end
-
##
# revokes all active blocks
def revoke_all
</td>
<td><%= link_to t(".show"), block %></td>
<td><% if can?(:edit, block) %><%= link_to t(".edit"), edit_user_block_path(block) %><% end %></td>
- <% if can?(:revoke, UserBlock) %>
- <td><% if block.active? %><%= link_to t(".revoke"), revoke_user_block_path(block) %><% end %></td>
- <% end %>
</tr>
<th><%= t ".revoker_name" %></th>
<th></th>
<th></th>
- <% if can?(:revoke, UserBlock) %>
- <th></th>
- <% end %>
</tr>
</thead>
<%= render :partial => "block", :collection => @user_blocks %>
+++ /dev/null
-<% @title = t(".title",
- :block_on => @user_block.user.display_name,
- :block_by => @user_block.creator.display_name) %>
-
-<% content_for :heading do %>
- <h1><%= t(".heading_html",
- :block_on => link_to(@user_block.user.display_name, @user_block.user),
- :block_by => link_to(@user_block.creator.display_name, @user_block.creator)) %></h1>
-<% end %>
-
-<% if @user_block.ends_at > Time.now %>
- <p>
- <%= t(".time_future_html", :time => friendly_date(@user_block.ends_at)) %>
- </p>
-
- <%= bootstrap_form_for :revoke, :url => { :action => "revoke" } do |f| %>
- <div class="mb-3">
- <div class="form-check">
- <%= check_box_tag "confirm", "yes", false, { :class => "form-check-input" } %>
- <%= label_tag "confirm", t(".confirm"), { :class => "form-check-label" } %>
- </div>
- </div>
-
- <%= f.submit t(".revoke"), :class => "btn btn-danger" %>
- <% end %>
-
-<% else %>
- <p>
- <%= t(".past_html", :time => friendly_date_ago(@user_block.ends_at)) %>
- </p>
-<% end %>
<dd class="col-sm-9"><div class="richtext text-break"><%= @user_block.reason.to_html %></div></dd>
</dl>
-<% if current_user && (current_user.id == @user_block.creator_id ||
- current_user.id == @user_block.revoker_id) ||
- can?(:revoke, UserBlock) && @user_block.active? %>
+<% if can?(:edit, @user_block) %>
<div>
- <% if can?(:edit, @user_block) %>
- <%= link_to t(".edit"), edit_user_block_path(@user_block), :class => "btn btn-outline-primary" %>
- <% end %>
- <% if can?(:revoke, UserBlock) && @user_block.active? %>
- <%= link_to t(".revoke"), revoke_user_block_path(@user_block), :class => "btn btn-outline-danger" %>
- <% end %>
+ <%= link_to t(".edit"), edit_user_block_path(@user_block), :class => "btn btn-outline-primary" %>
</div>
<% end %>
title: "User blocks"
heading: "List of user blocks"
empty: "No blocks have been made yet."
- revoke:
- title: "Revoking block on %{block_on}"
- heading_html: "Revoking block on %{block_on} by %{block_by}"
- time_future_html: "This block will end in %{time}."
- past_html: "This block ended %{time} and cannot be revoked now."
- confirm: "Are you sure you wish to revoke this block?"
- revoke: "Revoke!"
- flash: "This block has been revoked."
revoke_all:
title: "Revoking all blocks on %{block_on}"
heading_html: "Revoking all blocks on %{block_on}"
status: "Status:"
show: "Show"
edit: "Edit"
- revoke: "Revoke!"
confirm: "Are you sure?"
reason: "Reason for block:"
revoker: "Revoker:"
not_revoked: "(not revoked)"
show: "Show"
edit: "Edit"
- revoke: "Revoke!"
blocks:
display_name: "Blocked User"
creator_name: "Creator"
get "/user/:display_name/blocks_by" => "user_blocks#blocks_by", :as => "user_blocks_by"
get "/blocks/new/:display_name" => "user_blocks#new", :as => "new_user_block"
resources :user_blocks, :except => :new
- match "/blocks/:id/revoke" => "user_blocks#revoke", :via => [:get, :post], :as => "revoke_user_block"
match "/user/:display_name/blocks/revoke_all" => "user_blocks#revoke_all", :via => [:get, :post], :as => "revoke_all_user_blocks"
# issues and reports
{ :path => "/user_blocks/1", :method => :delete },
{ :controller => "user_blocks", :action => "destroy", :id => "1" }
)
- assert_routing(
- { :path => "/blocks/1/revoke", :method => :get },
- { :controller => "user_blocks", :action => "revoke", :id => "1" }
- )
- assert_routing(
- { :path => "/blocks/1/revoke", :method => :post },
- { :controller => "user_blocks", :action => "revoke", :id => "1" }
- )
assert_routing(
{ :path => "/user/username/blocks", :method => :get },
block = create(:user_block, :creator => creator_user)
session_for(other_moderator_user)
- check_block_buttons block, :edit => 1, :revoke => 1
+ check_block_buttons block, :edit => 1
session_for(creator_user)
- check_block_buttons block, :edit => 1, :revoke => 1
+ check_block_buttons block, :edit => 1
end
##
assert_equal other_moderator_user, block.revoker
end
- ##
- # test the revoke action
- def test_revoke
- active_block = create(:user_block)
-
- # Check that the block revoke page requires us to login
- get revoke_user_block_path(:id => active_block)
- assert_redirected_to login_path(:referer => revoke_user_block_path(:id => active_block))
-
- # Login as a normal user
- session_for(create(:user))
-
- # Check that normal users can't load the block revoke page
- get revoke_user_block_path(:id => active_block)
- assert_redirected_to :controller => "errors", :action => "forbidden"
-
- # Login as a moderator
- session_for(create(:moderator_user))
-
- # Check that the block revoke page loads for moderators
- get revoke_user_block_path(:id => active_block)
- assert_response :success
- assert_template "revoke"
- assert_select "h1 a[href='#{user_path active_block.user}']", :text => active_block.user.display_name
- assert_select "form", :count => 1 do
- assert_select "input#confirm[type='checkbox']", :count => 1
- assert_select "input[type='submit'][value='Revoke!']", :count => 1
- end
-
- # Check that revoking a block using GET should fail
- get revoke_user_block_path(:id => active_block, :confirm => true)
- assert_response :success
- assert_template "revoke"
- b = UserBlock.find(active_block.id)
- assert_operator b.ends_at - Time.now.utc, :>, 100
-
- # Check that revoking a block works using POST
- post revoke_user_block_path(:id => active_block, :confirm => true)
- assert_redirected_to user_block_path(active_block)
- b = UserBlock.find(active_block.id)
- assert_in_delta Time.now.utc, b.ends_at, 1
-
- # We should get an error if the block doesn't exist
- get revoke_user_block_path(:id => 99999)
- assert_response :not_found
- assert_template "not_found"
- assert_select "p", "Sorry, the user block with ID 99999 could not be found."
- end
-
##
# test the revoke all page
def test_revoke_all_page
private
- def check_block_buttons(block, edit: 0, revoke: 0)
+ def check_block_buttons(block, edit: 0)
[user_blocks_path, user_block_path(block)].each do |path|
get path
assert_response :success
assert_select "a[href='#{edit_user_block_path block}']", :count => edit
- assert_select "a[href='#{revoke_user_block_path block}']", :count => revoke
end
end
# revoke the ban
get "/login"
assert_response :success
- post "/login", :params => { "username" => moderator.email, "password" => "test", :referer => "/blocks/#{block.id}/revoke" }
+ post "/login", :params => { "username" => moderator.email, "password" => "test", :referer => "/user_blocks/#{block.id}/edit" }
assert_response :redirect
follow_redirect!
assert_response :success
- assert_template "user_blocks/revoke"
- post "/blocks/#{block.id}/revoke", :params => { "confirm" => "yes" }
+ assert_template "user_blocks/edit"
+ put "/user_blocks/#{block.id}", :params => { :user_block_period => "0",
+ :user_block => { :needs_view => false, :reason => "Unblocked" } }
assert_response :redirect
follow_redirect!
assert_response :success
projects / rails.git / commitdiff