Log admin approve and reject account (#22088)
* Log admin approve and reject account * Add unit tests for approve and reject loggingshrike
parent
c8849d6cee
commit
f6492a7c4d
|
@ -55,12 +55,14 @@ module Admin
|
||||||
def approve
|
def approve
|
||||||
authorize @account.user, :approve?
|
authorize @account.user, :approve?
|
||||||
@account.user.approve!
|
@account.user.approve!
|
||||||
|
log_action :approve, @account.user
|
||||||
redirect_to admin_accounts_path(status: 'pending'), notice: I18n.t('admin.accounts.approved_msg', username: @account.acct)
|
redirect_to admin_accounts_path(status: 'pending'), notice: I18n.t('admin.accounts.approved_msg', username: @account.acct)
|
||||||
end
|
end
|
||||||
|
|
||||||
def reject
|
def reject
|
||||||
authorize @account.user, :reject?
|
authorize @account.user, :reject?
|
||||||
DeleteAccountService.new.call(@account, reserve_email: false, reserve_username: false)
|
DeleteAccountService.new.call(@account, reserve_email: false, reserve_username: false)
|
||||||
|
log_action :reject, @account.user
|
||||||
redirect_to admin_accounts_path(status: 'pending'), notice: I18n.t('admin.accounts.rejected_msg', username: @account.acct)
|
redirect_to admin_accounts_path(status: 'pending'), notice: I18n.t('admin.accounts.rejected_msg', username: @account.acct)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -54,12 +54,14 @@ class Api::V1::Admin::AccountsController < Api::BaseController
|
||||||
def approve
|
def approve
|
||||||
authorize @account.user, :approve?
|
authorize @account.user, :approve?
|
||||||
@account.user.approve!
|
@account.user.approve!
|
||||||
|
log_action :approve, @account.user
|
||||||
render json: @account, serializer: REST::Admin::AccountSerializer
|
render json: @account, serializer: REST::Admin::AccountSerializer
|
||||||
end
|
end
|
||||||
|
|
||||||
def reject
|
def reject
|
||||||
authorize @account.user, :reject?
|
authorize @account.user, :reject?
|
||||||
DeleteAccountService.new.call(@account, reserve_email: false, reserve_username: false)
|
DeleteAccountService.new.call(@account, reserve_email: false, reserve_username: false)
|
||||||
|
log_action :reject, @account.user
|
||||||
render_empty
|
render_empty
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -147,6 +147,87 @@ RSpec.describe Admin::AccountsController, type: :controller do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe 'POST #approve' do
|
||||||
|
subject { post :approve, params: { id: account.id } }
|
||||||
|
|
||||||
|
let(:current_user) { Fabricate(:user, role: role) }
|
||||||
|
let(:account) { user.account }
|
||||||
|
let(:user) { Fabricate(:user) }
|
||||||
|
|
||||||
|
before do
|
||||||
|
account.user.update(approved: false)
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when user is admin' do
|
||||||
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
||||||
|
|
||||||
|
it 'succeeds in approving account' do
|
||||||
|
is_expected.to redirect_to admin_accounts_path(status: 'pending')
|
||||||
|
expect(user.reload).to be_approved
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'logs action' do
|
||||||
|
is_expected.to have_http_status :found
|
||||||
|
|
||||||
|
log_item = Admin::ActionLog.last
|
||||||
|
|
||||||
|
expect(log_item).to_not be_nil
|
||||||
|
expect(log_item.action).to eq :approve
|
||||||
|
expect(log_item.account_id).to eq current_user.account_id
|
||||||
|
expect(log_item.target_id).to eq account.user.id
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when user is not admin' do
|
||||||
|
let(:role) { UserRole.everyone }
|
||||||
|
|
||||||
|
it 'fails to approve account' do
|
||||||
|
is_expected.to have_http_status :forbidden
|
||||||
|
expect(user.reload).not_to be_approved
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe 'POST #reject' do
|
||||||
|
subject { post :reject, params: { id: account.id } }
|
||||||
|
|
||||||
|
let(:current_user) { Fabricate(:user, role: role) }
|
||||||
|
let(:account) { user.account }
|
||||||
|
let(:user) { Fabricate(:user) }
|
||||||
|
|
||||||
|
before do
|
||||||
|
account.user.update(approved: false)
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when user is admin' do
|
||||||
|
let(:role) { UserRole.find_by(name: 'Admin') }
|
||||||
|
|
||||||
|
it 'succeeds in rejecting account' do
|
||||||
|
is_expected.to redirect_to admin_accounts_path(status: 'pending')
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'logs action' do
|
||||||
|
is_expected.to have_http_status :found
|
||||||
|
|
||||||
|
log_item = Admin::ActionLog.last
|
||||||
|
|
||||||
|
expect(log_item).to_not be_nil
|
||||||
|
expect(log_item.action).to eq :reject
|
||||||
|
expect(log_item.account_id).to eq current_user.account_id
|
||||||
|
expect(log_item.target_id).to eq account.user.id
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
context 'when user is not admin' do
|
||||||
|
let(:role) { UserRole.everyone }
|
||||||
|
|
||||||
|
it 'fails to reject account' do
|
||||||
|
is_expected.to have_http_status :forbidden
|
||||||
|
expect(user.reload).not_to be_approved
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
describe 'POST #redownload' do
|
describe 'POST #redownload' do
|
||||||
subject { post :redownload, params: { id: account.id } }
|
subject { post :redownload, params: { id: account.id } }
|
||||||
|
|
||||||
|
|
|
@ -100,6 +100,15 @@ RSpec.describe Api::V1::Admin::AccountsController, type: :controller do
|
||||||
it 'approves user' do
|
it 'approves user' do
|
||||||
expect(account.reload.user_approved?).to be true
|
expect(account.reload.user_approved?).to be true
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it 'logs action' do
|
||||||
|
log_item = Admin::ActionLog.last
|
||||||
|
|
||||||
|
expect(log_item).to_not be_nil
|
||||||
|
expect(log_item.action).to eq :approve
|
||||||
|
expect(log_item.account_id).to eq user.account_id
|
||||||
|
expect(log_item.target_id).to eq account.user.id
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'POST #reject' do
|
describe 'POST #reject' do
|
||||||
|
@ -118,6 +127,15 @@ RSpec.describe Api::V1::Admin::AccountsController, type: :controller do
|
||||||
it 'removes user' do
|
it 'removes user' do
|
||||||
expect(User.where(id: account.user.id).count).to eq 0
|
expect(User.where(id: account.user.id).count).to eq 0
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it 'logs action' do
|
||||||
|
log_item = Admin::ActionLog.last
|
||||||
|
|
||||||
|
expect(log_item).to_not be_nil
|
||||||
|
expect(log_item.action).to eq :reject
|
||||||
|
expect(log_item.account_id).to eq user.account_id
|
||||||
|
expect(log_item.target_id).to eq account.user.id
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'POST #enable' do
|
describe 'POST #enable' do
|
||||||
|
|
Loading…
Reference in New Issue