-
Notifications
You must be signed in to change notification settings - Fork 927
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Use resourceful route for user status
- Loading branch information
1 parent
99af52b
commit 0764432
Showing
7 changed files
with
124 additions
and
100 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
module Users | ||
class StatusesController < ApplicationController | ||
layout "site" | ||
|
||
before_action :authorize_web | ||
before_action :set_locale | ||
before_action :check_database_readable | ||
|
||
authorize_resource :class => :user_status | ||
|
||
before_action :lookup_user_by_name | ||
|
||
## | ||
# sets a user's status | ||
def update | ||
@user.activate! if params[:event] == "activate" | ||
@user.confirm! if params[:event] == "confirm" | ||
@user.unconfirm! if params[:event] == "unconfirm" | ||
@user.hide! if params[:event] == "hide" | ||
@user.unhide! if params[:event] == "unhide" | ||
@user.unsuspend! if params[:event] == "unsuspend" | ||
redirect_to user_path(params[:user_display_name]) | ||
end | ||
|
||
## | ||
# destroy a user, marking them as deleted and removing personal data | ||
def destroy | ||
@user.soft_destroy! | ||
redirect_to user_path(params[:user_display_name]) | ||
end | ||
|
||
private | ||
|
||
## | ||
# ensure that there is a "user" instance variable | ||
def lookup_user_by_name | ||
@user = User.find_by!(:display_name => params[:user_display_name]) | ||
rescue ActiveRecord::RecordNotFound | ||
redirect_to user_path(params[:user_display_name]) unless @user | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,68 @@ | ||
require "test_helper" | ||
|
||
module Users | ||
class StatusesControllerTest < ActionDispatch::IntegrationTest | ||
## | ||
# test all routes which lead to this controller | ||
def test_routes | ||
assert_routing( | ||
{ :path => "/user/username/status", :method => :put }, | ||
{ :controller => "users/statuses", :action => "update", :user_display_name => "username" } | ||
) | ||
assert_routing( | ||
{ :path => "/user/username/status", :method => :delete }, | ||
{ :controller => "users/statuses", :action => "destroy", :user_display_name => "username" } | ||
) | ||
end | ||
|
||
def test_update | ||
user = create(:user) | ||
|
||
# Try without logging in | ||
put user_status_path(user, :event => "confirm") | ||
assert_response :forbidden | ||
|
||
# Now try as a normal user | ||
session_for(user) | ||
put user_status_path(user, :event => "confirm") | ||
assert_redirected_to :controller => "/errors", :action => :forbidden | ||
|
||
# Finally try as an administrator | ||
session_for(create(:administrator_user)) | ||
put user_status_path(user, :event => "confirm") | ||
assert_redirected_to user_path(user) | ||
assert_equal "confirmed", User.find(user.id).status | ||
end | ||
|
||
def test_destroy | ||
user = create(:user, :home_lat => 12.1, :home_lon => 12.1, :description => "test") | ||
|
||
# Try without logging in | ||
delete user_status_path(user) | ||
assert_response :forbidden | ||
|
||
# Now try as a normal user | ||
session_for(user) | ||
delete user_status_path(user) | ||
assert_redirected_to :controller => "/errors", :action => :forbidden | ||
|
||
# Finally try as an administrator | ||
session_for(create(:administrator_user)) | ||
delete user_status_path(user) | ||
assert_redirected_to user_path(user) | ||
|
||
# Check that the user was deleted properly | ||
user.reload | ||
assert_equal "user_#{user.id}", user.display_name | ||
assert_equal "", user.description | ||
assert_nil user.home_lat | ||
assert_nil user.home_lon | ||
assert_not user.avatar.attached? | ||
assert_not user.email_valid | ||
assert_nil user.new_email | ||
assert_nil user.auth_provider | ||
assert_nil user.auth_uid | ||
assert_equal "deleted", user.status | ||
end | ||
end | ||
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters