FIX: Do not update `last seen` time for suspended users
This commit is contained in:
parent
f55ac892e4
commit
2dc3a50dac
|
@ -75,14 +75,6 @@ class Auth::DefaultCurrentUserProvider
|
||||||
@env[BAD_TOKEN] = true
|
@env[BAD_TOKEN] = true
|
||||||
end
|
end
|
||||||
|
|
||||||
if current_user && should_update_last_seen?
|
|
||||||
u = current_user
|
|
||||||
Scheduler::Defer.later "Updating Last Seen" do
|
|
||||||
u.update_last_seen!
|
|
||||||
u.update_ip_address!(request.ip)
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
# possible we have an api call, impersonate
|
# possible we have an api call, impersonate
|
||||||
if api_key
|
if api_key
|
||||||
current_user = lookup_api_user(api_key, request)
|
current_user = lookup_api_user(api_key, request)
|
||||||
|
@ -127,6 +119,14 @@ class Auth::DefaultCurrentUserProvider
|
||||||
current_user = nil
|
current_user = nil
|
||||||
end
|
end
|
||||||
|
|
||||||
|
if current_user && should_update_last_seen?
|
||||||
|
u = current_user
|
||||||
|
Scheduler::Defer.later "Updating Last Seen" do
|
||||||
|
u.update_last_seen!
|
||||||
|
u.update_ip_address!(request.ip)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
@env[CURRENT_USER_KEY] = current_user
|
@env[CURRENT_USER_KEY] = current_user
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -156,6 +156,39 @@ describe Auth::DefaultCurrentUserProvider do
|
||||||
).should_update_last_seen?).to eq(false)
|
).should_update_last_seen?).to eq(false)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it "should not update last seen for suspended users" do
|
||||||
|
user = Fabricate(:user)
|
||||||
|
provider = provider('/')
|
||||||
|
cookies = {}
|
||||||
|
provider.log_on_user(user, {}, cookies)
|
||||||
|
unhashed_token = cookies["_t"][:value]
|
||||||
|
|
||||||
|
freeze_time
|
||||||
|
Sidekiq::Testing.inline! do
|
||||||
|
# Need to clear this key from redis, otherwise
|
||||||
|
# this test could fail if run twice in 1 minute
|
||||||
|
$redis.del("user:#{user.id}:#{Time.now.to_date}")
|
||||||
|
provider2 = provider("/", "HTTP_COOKIE" => "_t=#{unhashed_token}")
|
||||||
|
u = provider2.current_user
|
||||||
|
u.reload
|
||||||
|
expect(u.last_seen_at).to eq(Time.now)
|
||||||
|
|
||||||
|
freeze_time 20.minutes.from_now
|
||||||
|
|
||||||
|
u.last_seen_at = nil
|
||||||
|
u.suspended_till = 1.year.from_now
|
||||||
|
u.save!
|
||||||
|
|
||||||
|
$redis.del("user:#{user.id}:#{Time.now.to_date}")
|
||||||
|
provider2 = provider("/", "HTTP_COOKIE" => "_t=#{unhashed_token}")
|
||||||
|
expect(provider2.current_user).to eq(nil)
|
||||||
|
|
||||||
|
u.reload
|
||||||
|
expect(u.last_seen_at).to eq(nil)
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
it "should update ajax reqs with discourse visible" do
|
it "should update ajax reqs with discourse visible" do
|
||||||
expect(provider("/topic/anything/goes",
|
expect(provider("/topic/anything/goes",
|
||||||
:method => "POST",
|
:method => "POST",
|
||||||
|
|
Loading…
Reference in New Issue