Add revoke all blocks action

2023-12-28 05:57:58 +03:00 · 2023-12-28 05:57:58 +03:00 · 366ffd9bd0
commit 366ffd9bd0
parent 1ff7b6217a
3 changed files with 57 additions and 4 deletions
--- a/app/controllers/user_blocks_controller.rb
+++ b/app/controllers/user_blocks_controller.rb
@ -12,7 +12,7 @@ class UserBlocksController < ApplicationController
  before_action :lookup_user_block, :only => [:show, :edit, :update, :revoke]
  before_action :require_valid_params, :only => [:create, :update]
  before_action :check_database_readable
-  before_action :check_database_writable, :only => [:create, :update, :revoke]
+  before_action :check_database_writable, :only => [:create, :update, :revoke, :revoke_all]
  def index
    @params = params.permit
@ -92,7 +92,11 @@ class UserBlocksController < ApplicationController
  ##
  # revokes all active blocks
  def revoke_all
-    # TODO revoke
+    if request.post? && params[:confirm]
      @user.blocks.active.each { |block| block.revoke!(current_user) }
      flash[:notice] = t ".flash"
      redirect_to user_blocks_on_path(@user)
    end
  end
  ##
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@ -2902,6 +2902,7 @@ en:
        one: "%{count} active block"
        other: "%{count} active blocks"
      revoke: "Revoke!"
      flash: "All active blocks have been revoked."
    helper:
      time_future_html: "Ends in %{time}."
      until_login: "Active until the user logs in."
--- a/test/controllers/user_blocks_controller_test.rb
+++ b/test/controllers/user_blocks_controller_test.rb
@ -395,8 +395,8 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest
  end
  ##
-  # test the revoke all action
+  # test the revoke all page
-  def test_revoke_all
+  def test_revoke_all_page
    blocked_user = create(:user)
    create(:user_block, :user => blocked_user)
@ -424,6 +424,54 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest
    assert_response :success
  end
  ##
  # test the revoke all action
  def test_revoke_all_action
    blocked_user = create(:user)
    active_block1 = create(:user_block, :user => blocked_user)
    active_block2 = create(:user_block, :user => blocked_user)
    expired_block1 = create(:user_block, :expired, :user => blocked_user)
    blocks = [active_block1, active_block2, expired_block1]
    moderator_user = create(:moderator_user)
    assert_predicate active_block1, :active?
    assert_predicate active_block2, :active?
    assert_not_predicate expired_block1, :active?
    # Login as a normal user
    session_for(create(:user))
    # Check that normal users can't load the block revoke page
    get revoke_all_user_blocks_path(:blocked_user)
    assert_response :redirect
    assert_redirected_to :controller => "errors", :action => "forbidden"
    # Login as a moderator
    session_for(moderator_user)
    # Check that revoking blocks using GET should fail
    get revoke_all_user_blocks_path(blocked_user, :confirm => true)
    assert_response :success
    assert_template "revoke_all"
    blocks.each(&:reload)
    assert_predicate active_block1, :active?
    assert_predicate active_block2, :active?
    assert_not_predicate expired_block1, :active?
    # Check that revoking blocks works using POST
    post revoke_all_user_blocks_path(blocked_user, :confirm => true)
    assert_redirected_to user_blocks_on_path(blocked_user)
    blocks.each(&:reload)
    assert_not_predicate active_block1, :active?
    assert_not_predicate active_block2, :active?
    assert_not_predicate expired_block1, :active?
    assert_equal moderator_user, active_block1.revoker
    assert_equal moderator_user, active_block2.revoker
    assert_not_equal moderator_user, expired_block1.revoker
  end
  ##
  # test the blocks_on action
  def test_blocks_on