cst1/openstreetmap-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge remote-tracking branch 'upstream/pull/5110'

Browse source
This commit is contained in:
Tom Hughes 2024-08-23 18:09:21 +01:00
commit ec5754a9bd
10 changed files with 12 additions and 133 deletions
Download patch file Download diff file Expand all files Collapse all files

2
app/abilities/ability.rb
View file

@ -60,7 +60,7 @@ class Ability
can [:index, :show, :resolve, :ignore, :reopen], Issue
can :create, IssueComment
can [:new, :create, :edit, :update, :destroy], Redaction
can [:new, :create, :revoke, :revoke_all], UserBlock
can [:new, :create, :revoke_all], UserBlock
can :update, UserBlock, :creator => user
can :update, UserBlock, :revoker => user
can :update, UserBlock, :active? => true

13
app/controllers/user_blocks_controller.rb
View file

@ -10,10 +10,10 @@ class UserBlocksController < ApplicationController
authorize_resource
before_action :lookup_user, :only => [:new, :create, :revoke_all, :blocks_on, :blocks_by]
before_action :lookup_user_block, :only => [:show, :edit, :update, :revoke]
before_action :lookup_user_block, :only => [:show, :edit, :update]
before_action :require_valid_params, :only => [:create, :update]
before_action :check_database_readable
before_action :check_database_writable, :only => [:create, :update, :revoke, :revoke_all]
before_action :check_database_writable, :only => [:create, :update, :revoke_all]
def index
@params = params.permit
@ -105,15 +105,6 @@ class UserBlocksController < ApplicationController
end
end
##
# revokes the block, setting the end_time to now
def revoke
if request.post? && params[:confirm] && @user_block.revoke!(current_user)
flash[:notice] = t ".flash"
redirect_to(@user_block)
end
end
##
# revokes all active blocks
def revoke_all

3
app/views/user_blocks/_block.html.erb
View file

@ -16,7 +16,4 @@
</td>
<td><%= link_to t(".show"), block %></td>
<td><% if can?(:edit, block) %><%= link_to t(".edit"), edit_user_block_path(block) %><% end %></td>
<% if can?(:revoke, UserBlock) %>
<td><% if block.active? %><%= link_to t(".revoke"), revoke_user_block_path(block) %><% end %></td>
<% end %>
</tr>

3
app/views/user_blocks/_blocks.html.erb
View file

@ -13,9 +13,6 @@
<th><%= t ".revoker_name" %></th>
<th></th>
<th></th>
<% if can?(:revoke, UserBlock) %>
<th></th>
<% end %>
</tr>
</thead>
<%= render :partial => "block", :collection => @user_blocks %>

31
app/views/user_blocks/revoke.html.erb
View file

@ -1,31 +0,0 @@
<% @title = t(".title",
:block_on => @user_block.user.display_name,
:block_by => @user_block.creator.display_name) %>
<% content_for :heading do %>
<h1><%= t(".heading_html",
:block_on => link_to(@user_block.user.display_name, @user_block.user),
:block_by => link_to(@user_block.creator.display_name, @user_block.creator)) %></h1>
<% end %>
<% if @user_block.ends_at > Time.now %>
<p>
<%= t(".time_future_html", :time => friendly_date(@user_block.ends_at)) %>
</p>
<%= bootstrap_form_for :revoke, :url => { :action => "revoke" } do |f| %>
<div class="mb-3">
<div class="form-check">
<%= check_box_tag "confirm", "yes", false, { :class => "form-check-input" } %>
<%= label_tag "confirm", t(".confirm"), { :class => "form-check-label" } %>
</div>
</div>
<%= f.submit t(".revoke"), :class => "btn btn-danger" %>
<% end %>
<% else %>
<p>
<%= t(".past_html", :time => friendly_date_ago(@user_block.ends_at)) %>
</p>
<% end %>

11
app/views/user_blocks/show.html.erb
View file

@ -26,15 +26,8 @@
<dd class="col-sm-9"><div class="richtext text-break"><%= @user_block.reason.to_html %></div></dd>
</dl>
<% if current_user && (current_user.id == @user_block.creator_id ||
current_user.id == @user_block.revoker_id) ||
can?(:revoke, UserBlock) && @user_block.active? %>
<% if can?(:edit, @user_block) %>
<div>
<% if can?(:edit, @user_block) %>
<%= link_to t(".edit"), edit_user_block_path(@user_block), :class => "btn btn-outline-primary" %>
<% end %>
<% if can?(:revoke, UserBlock) && @user_block.active? %>
<%= link_to t(".revoke"), revoke_user_block_path(@user_block), :class => "btn btn-outline-danger" %>
<% end %>
<%= link_to t(".edit"), edit_user_block_path(@user_block), :class => "btn btn-outline-primary" %>
</div>
<% end %>

10
config/locales/en.yml
View file

@ -2958,14 +2958,6 @@ en:
title: "User blocks"
heading: "List of user blocks"
empty: "No blocks have been made yet."
revoke:
title: "Revoking block on %{block_on}"
heading_html: "Revoking block on %{block_on} by %{block_by}"
time_future_html: "This block will end in %{time}."
past_html: "This block ended %{time} and cannot be revoked now."
confirm: "Are you sure you wish to revoke this block?"
revoke: "Revoke!"
flash: "This block has been revoked."
revoke_all:
title: "Revoking all blocks on %{block_on}"
heading_html: "Revoking all blocks on %{block_on}"
@ -3013,7 +3005,6 @@ en:
status: "Status:"
show: "Show"
edit: "Edit"
revoke: "Revoke!"
confirm: "Are you sure?"
reason: "Reason for block:"
revoker: "Revoker:"
@ -3022,7 +3013,6 @@ en:
not_revoked: "(not revoked)"
show: "Show"
edit: "Edit"
revoke: "Revoke!"
blocks:
display_name: "Blocked User"
creator_name: "Creator"

1
config/routes.rb
View file

@ -334,7 +334,6 @@ OpenStreetMap::Application.routes.draw do
get "/user/:display_name/blocks_by" => "user_blocks#blocks_by", :as => "user_blocks_by"
get "/blocks/new/:display_name" => "user_blocks#new", :as => "new_user_block"
resources :user_blocks, :except => :new
match "/blocks/:id/revoke" => "user_blocks#revoke", :via => [:get, :post], :as => "revoke_user_block"
match "/user/:display_name/blocks/revoke_all" => "user_blocks#revoke_all", :via => [:get, :post], :as => "revoke_all_user_blocks"
# issues and reports

64
test/controllers/user_blocks_controller_test.rb
View file

@ -33,14 +33,6 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest
{ :path => "/user_blocks/1", :method => :delete },
{ :controller => "user_blocks", :action => "destroy", :id => "1" }
)
assert_routing(
{ :path => "/blocks/1/revoke", :method => :get },
{ :controller => "user_blocks", :action => "revoke", :id => "1" }
)
assert_routing(
{ :path => "/blocks/1/revoke", :method => :post },
{ :controller => "user_blocks", :action => "revoke", :id => "1" }
)
assert_routing(
{ :path => "/user/username/blocks", :method => :get },
@ -173,10 +165,10 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest
block = create(:user_block, :creator => creator_user)
session_for(other_moderator_user)
check_block_buttons block, :edit => 1, :revoke => 1
check_block_buttons block, :edit => 1
session_for(creator_user)
check_block_buttons block, :edit => 1, :revoke => 1
check_block_buttons block, :edit => 1
end
##
@ -553,55 +545,6 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest
assert_equal other_moderator_user, block.revoker
end
##
# test the revoke action
def test_revoke
active_block = create(:user_block)
# Check that the block revoke page requires us to login
get revoke_user_block_path(:id => active_block)
assert_redirected_to login_path(:referer => revoke_user_block_path(:id => active_block))
# Login as a normal user
session_for(create(:user))
# Check that normal users can't load the block revoke page
get revoke_user_block_path(:id => active_block)
assert_redirected_to :controller => "errors", :action => "forbidden"
# Login as a moderator
session_for(create(:moderator_user))
# Check that the block revoke page loads for moderators
get revoke_user_block_path(:id => active_block)
assert_response :success
assert_template "revoke"
assert_select "h1 a[href='#{user_path active_block.user}']", :text => active_block.user.display_name
assert_select "form", :count => 1 do
assert_select "input#confirm[type='checkbox']", :count => 1
assert_select "input[type='submit'][value='Revoke!']", :count => 1
end
# Check that revoking a block using GET should fail
get revoke_user_block_path(:id => active_block, :confirm => true)
assert_response :success
assert_template "revoke"
b = UserBlock.find(active_block.id)
assert_operator b.ends_at - Time.now.utc, :>, 100
# Check that revoking a block works using POST
post revoke_user_block_path(:id => active_block, :confirm => true)
assert_redirected_to user_block_path(active_block)
b = UserBlock.find(active_block.id)
assert_in_delta Time.now.utc, b.ends_at, 1
# We should get an error if the block doesn't exist
get revoke_user_block_path(:id => 99999)
assert_response :not_found
assert_template "not_found"
assert_select "p", "Sorry, the user block with ID 99999 could not be found."
end
##
# test the revoke all page
def test_revoke_all_page
@ -973,12 +916,11 @@ class UserBlocksControllerTest < ActionDispatch::IntegrationTest
private
def check_block_buttons(block, edit: 0, revoke: 0)
def check_block_buttons(block, edit: 0)
[user_blocks_path, user_block_path(block)].each do |path|
get path
assert_response :success
assert_select "a[href='#{edit_user_block_path block}']", :count => edit
assert_select "a[href='#{revoke_user_block_path block}']", :count => revoke
end
end

7
test/integration/user_blocks_test.rb
View file

@ -39,12 +39,13 @@ class UserBlocksTest < ActionDispatch::IntegrationTest
# revoke the ban
get "/login"
assert_response :success
post "/login", :params => { "username" => moderator.email, "password" => "test", :referer => "/blocks/#{block.id}/revoke" }
post "/login", :params => { "username" => moderator.email, "password" => "test", :referer => "/user_blocks/#{block.id}/edit" }
assert_response :redirect
follow_redirect!
assert_response :success
assert_template "user_blocks/revoke"
post "/blocks/#{block.id}/revoke", :params => { "confirm" => "yes" }
assert_template "user_blocks/edit"
put "/user_blocks/#{block.id}", :params => { :user_block_period => "0",
:user_block => { :needs_view => false, :reason => "Unblocked" } }
assert_response :redirect
follow_redirect!
assert_response :success