From: Anton Khorev Date: Thu, 28 Dec 2023 02:57:58 +0000 (+0300) Subject: Add revoke all blocks action X-Git-Tag: live~843^2 X-Git-Url: https://git.openstreetmap.org./rails.git/commitdiff_plain/366ffd9bd0d1501da4db11ad4f58c125f04aac76 Add revoke all blocks action --- diff --git a/app/controllers/user_blocks_controller.rb b/app/controllers/user_blocks_controller.rb index a671f0d16..07d0bc43c 100644 --- a/app/controllers/user_blocks_controller.rb +++ b/app/controllers/user_blocks_controller.rb @@ -12,7 +12,7 @@ class UserBlocksController < ApplicationController before_action :lookup_user_block, :only => [:show, :edit, :update, :revoke] before_action :require_valid_params, :only => [:create, :update] before_action :check_database_readable - before_action :check_database_writable, :only => [:create, :update, :revoke] + before_action :check_database_writable, :only => [:create, :update, :revoke, :revoke_all] def index @params = params.permit @@ -92,7 +92,11 @@ class UserBlocksController < ApplicationController ## # revokes all active blocks def revoke_all - # TODO revoke + if request.post? && params[:confirm] + @user.blocks.active.each { |block| block.revoke!(current_user) } + flash[:notice] = t ".flash" + redirect_to user_blocks_on_path(@user) + end end ## diff --git a/config/locales/en.yml b/config/locales/en.yml index ff1ee8984..6218bfea2 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -2902,6 +2902,7 @@ en: one: "%{count} active block" other: "%{count} active blocks" revoke: "Revoke!" + flash: "All active blocks have been revoked." helper: time_future_html: "Ends in %{time}." until_login: "Active until the user logs in." diff --git a/test/controllers/user_blocks_controller_test.rb b/test/controllers/user_blocks_controller_test.rb index ea0e7d488..0877fa39e 100644 --- a/test/controllers/user_blocks_controller_test.rb +++ b/test/controllers/user_blocks_controller_test.rb @@ -395,8 +395,8 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest end ## - # test the revoke all action - def test_revoke_all + # test the revoke all page + def test_revoke_all_page blocked_user = create(:user) create(:user_block, :user => blocked_user) @@ -424,6 +424,54 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest assert_response :success end + ## + # test the revoke all action + def test_revoke_all_action + blocked_user = create(:user) + active_block1 = create(:user_block, :user => blocked_user) + active_block2 = create(:user_block, :user => blocked_user) + expired_block1 = create(:user_block, :expired, :user => blocked_user) + blocks = [active_block1, active_block2, expired_block1] + moderator_user = create(:moderator_user) + + assert_predicate active_block1, :active? + assert_predicate active_block2, :active? + assert_not_predicate expired_block1, :active? + + # Login as a normal user + session_for(create(:user)) + + # Check that normal users can't load the block revoke page + get revoke_all_user_blocks_path(:blocked_user) + assert_response :redirect + assert_redirected_to :controller => "errors", :action => "forbidden" + + # Login as a moderator + session_for(moderator_user) + + # Check that revoking blocks using GET should fail + get revoke_all_user_blocks_path(blocked_user, :confirm => true) + assert_response :success + assert_template "revoke_all" + + blocks.each(&:reload) + assert_predicate active_block1, :active? + assert_predicate active_block2, :active? + assert_not_predicate expired_block1, :active? + + # Check that revoking blocks works using POST + post revoke_all_user_blocks_path(blocked_user, :confirm => true) + assert_redirected_to user_blocks_on_path(blocked_user) + + blocks.each(&:reload) + assert_not_predicate active_block1, :active? + assert_not_predicate active_block2, :active? + assert_not_predicate expired_block1, :active? + assert_equal moderator_user, active_block1.revoker + assert_equal moderator_user, active_block2.revoker + assert_not_equal moderator_user, expired_block1.revoker + end + ## # test the blocks_on action def test_blocks_on