Merge pull request #9324 from demarches-simplifiees/block_user

un opérateur peut bloquer un compte
2023-07-18 12:28:08 +00:00 · 2023-07-18 12:28:08 +00:00 · 361f6e67c5
commit 361f6e67c5
parent 10d653359e ad7fa39b62
4 changed files with 28 additions and 1 deletions
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -3,6 +3,8 @@
 # Table name: users
 #
 #  id                           :integer          not null, primary key
+#  blocked_at                   :datetime
+#  blocked_reason               :text
 #  confirmation_sent_at         :datetime
 #  confirmation_token           :string
 #  confirmed_at                 :datetime
@ -265,6 +267,10 @@ class User < ApplicationRecord
    devise_mailer.send(notification, self, *args).deliver_later
  end

+  def active_for_authentication?
+    super && blocked_at.nil?
+  end
+
  private

  def does_not_merge_on_self
--- a/db/migrate/20230718113720_add_blocked_at_block_reasonto_user.rb
+++ b/db/migrate/20230718113720_add_blocked_at_block_reasonto_user.rb
@ -0,0 +1,6 @@
+class AddBlockedAtBlockReasontoUser < ActiveRecord::Migration[7.0]
+  def change
+    add_column :users, :blocked_at, :datetime
+    add_column :users, :blocked_reason, :text
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@ -10,7 +10,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.

-ActiveRecord::Schema[7.0].define(version: 2023_06_29_102031) do
+ActiveRecord::Schema[7.0].define(version: 2023_07_18_113720) do
  # These are extensions that must be enabled in order to support this database
  enable_extension "pgcrypto"
  enable_extension "plpgsql"
@ -935,6 +935,8 @@ ActiveRecord::Schema[7.0].define(version: 2023_06_29_102031) do

  create_table "users", id: :serial, force: :cascade do |t|
    t.datetime "confirmation_sent_at", precision: 6
+    t.datetime "blocked_at", precision: 6
+    t.text "blocked_reason"
    t.string "confirmation_token"
    t.datetime "confirmed_at", precision: 6
    t.datetime "created_at", precision: 6
--- a/spec/system/users/sign_up_spec.rb
+++ b/spec/system/users/sign_up_spec.rb
@ -142,4 +142,17 @@ describe 'Signing up:' do
      expect(page).to have_current_path new_user_session_path
    end
  end
+
+  context 'when the user already has a confirmed account but is blocked' do
+    before do
+      create(:user, email: user_email, password: user_password, blocked_at: Time.current)
+    end
+
+    scenario 'they cannot signed in' do
+      visit new_user_session_path
+      sign_in_with user_email, user_password
+
+      expect(page).to have_current_path new_user_session_path
+    end
+  end
 end