From 366ffd9bd0d1501da4db11ad4f58c125f04aac76 Mon Sep 17 00:00:00 2001 From: Anton Khorev Date: Thu, 28 Dec 2023 05:57:58 +0300 Subject: [PATCH] Add revoke all blocks action --- app/controllers/user_blocks_controller.rb | 8 ++- config/locales/en.yml | 1 + .../user_blocks_controller_test.rb | 52 ++++++++++++++++++- 3 files changed, 57 insertions(+), 4 deletions(-) diff --git a/app/controllers/user_blocks_controller.rb b/app/controllers/user_blocks_controller.rb index a671f0d16f..07d0bc43c0 100644 --- a/app/controllers/user_blocks_controller.rb +++ b/app/controllers/user_blocks_controller.rb @@ -12,7 +12,7 @@ class UserBlocksController < ApplicationController before_action :lookup_user_block, :only => [:show, :edit, :update, :revoke] before_action :require_valid_params, :only => [:create, :update] before_action :check_database_readable - before_action :check_database_writable, :only => [:create, :update, :revoke] + before_action :check_database_writable, :only => [:create, :update, :revoke, :revoke_all] def index @params = params.permit @@ -92,7 +92,11 @@ def revoke ## # revokes all active blocks def revoke_all - # TODO revoke + if request.post? && params[:confirm] + @user.blocks.active.each { |block| block.revoke!(current_user) } + flash[:notice] = t ".flash" + redirect_to user_blocks_on_path(@user) + end end ## diff --git a/config/locales/en.yml b/config/locales/en.yml index ff1ee89849..6218bfea24 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -2902,6 +2902,7 @@ en: one: "%{count} active block" other: "%{count} active blocks" revoke: "Revoke!" + flash: "All active blocks have been revoked." helper: time_future_html: "Ends in %{time}." until_login: "Active until the user logs in." diff --git a/test/controllers/user_blocks_controller_test.rb b/test/controllers/user_blocks_controller_test.rb index ea0e7d4883..0877fa39e4 100644 --- a/test/controllers/user_blocks_controller_test.rb +++ b/test/controllers/user_blocks_controller_test.rb @@ -395,8 +395,8 @@ def test_revoke end ## - # test the revoke all action - def test_revoke_all + # test the revoke all page + def test_revoke_all_page blocked_user = create(:user) create(:user_block, :user => blocked_user) @@ -424,6 +424,54 @@ def test_revoke_all assert_response :success end + ## + # test the revoke all action + def test_revoke_all_action + blocked_user = create(:user) + active_block1 = create(:user_block, :user => blocked_user) + active_block2 = create(:user_block, :user => blocked_user) + expired_block1 = create(:user_block, :expired, :user => blocked_user) + blocks = [active_block1, active_block2, expired_block1] + moderator_user = create(:moderator_user) + + assert_predicate active_block1, :active? + assert_predicate active_block2, :active? + assert_not_predicate expired_block1, :active? + + # Login as a normal user + session_for(create(:user)) + + # Check that normal users can't load the block revoke page + get revoke_all_user_blocks_path(:blocked_user) + assert_response :redirect + assert_redirected_to :controller => "errors", :action => "forbidden" + + # Login as a moderator + session_for(moderator_user) + + # Check that revoking blocks using GET should fail + get revoke_all_user_blocks_path(blocked_user, :confirm => true) + assert_response :success + assert_template "revoke_all" + + blocks.each(&:reload) + assert_predicate active_block1, :active? + assert_predicate active_block2, :active? + assert_not_predicate expired_block1, :active? + + # Check that revoking blocks works using POST + post revoke_all_user_blocks_path(blocked_user, :confirm => true) + assert_redirected_to user_blocks_on_path(blocked_user) + + blocks.each(&:reload) + assert_not_predicate active_block1, :active? + assert_not_predicate active_block2, :active? + assert_not_predicate expired_block1, :active? + assert_equal moderator_user, active_block1.revoker + assert_equal moderator_user, active_block2.revoker + assert_not_equal moderator_user, expired_block1.revoker + end + ## # test the blocks_on action def test_blocks_on