FIX: Better handling for toggling `must_approve_users`
If you turn it on now, default all users to approved since they were previously. Also support approving a user that doesn't have a reviewable record (it will be created first.) This also includes a refactor to move class method calls to `DiscourseEvent` into an initializer. Otherwise the load order of classes makes a difference in the test environment and some settings might be triggered and others not, randomly.
This commit is contained in:
parent
cec0b580e6
commit
ba6d4b2a8d
|
@ -288,7 +288,12 @@ class Admin::UsersController < Admin::AdminController
|
||||||
end
|
end
|
||||||
|
|
||||||
def approve
|
def approve
|
||||||
Reviewable.bulk_perform_targets(current_user, :approve, 'ReviewableUser', [@user.id])
|
guardian.ensure_can_approve!(@user)
|
||||||
|
|
||||||
|
reviewable = ReviewableUser.find_by(target: @user) ||
|
||||||
|
Jobs::CreateUserReviewable.new.execute(user_id: @user.id).reviewable
|
||||||
|
|
||||||
|
reviewable.perform(current_user, :approve)
|
||||||
render body: nil
|
render body: nil
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,6 @@
|
||||||
class Jobs::CreateUserReviewable < Jobs::Base
|
class Jobs::CreateUserReviewable < Jobs::Base
|
||||||
|
attr_reader :reviewable
|
||||||
|
|
||||||
def execute(args)
|
def execute(args)
|
||||||
raise Discourse::InvalidParameters unless args[:user_id].present?
|
raise Discourse::InvalidParameters unless args[:user_id].present?
|
||||||
|
|
||||||
|
@ -11,7 +13,7 @@ class Jobs::CreateUserReviewable < Jobs::Base
|
||||||
if user = User.find_by(id: args[:user_id])
|
if user = User.find_by(id: args[:user_id])
|
||||||
return if user.approved?
|
return if user.approved?
|
||||||
|
|
||||||
reviewable = ReviewableUser.needs_review!(
|
@reviewable = ReviewableUser.needs_review!(
|
||||||
target: user,
|
target: user,
|
||||||
created_by: Discourse.system_user,
|
created_by: Discourse.system_user,
|
||||||
reviewable_by_moderator: true,
|
reviewable_by_moderator: true,
|
||||||
|
@ -21,7 +23,7 @@ class Jobs::CreateUserReviewable < Jobs::Base
|
||||||
email: user.email
|
email: user.email
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
reviewable.add_score(
|
@reviewable.add_score(
|
||||||
Discourse.system_user,
|
Discourse.system_user,
|
||||||
ReviewableScore.types[:needs_approval],
|
ReviewableScore.types[:needs_approval],
|
||||||
reason: reason,
|
reason: reason,
|
||||||
|
|
|
@ -2,25 +2,6 @@ require 'enum_site_setting'
|
||||||
|
|
||||||
class EmojiSetSiteSetting < EnumSiteSetting
|
class EmojiSetSiteSetting < EnumSiteSetting
|
||||||
|
|
||||||
# fix the URLs when changing the site setting
|
|
||||||
DiscourseEvent.on(:site_setting_saved) do |site_setting|
|
|
||||||
if site_setting.name.to_s == "emoji_set" && site_setting.value_changed?
|
|
||||||
Emoji.clear_cache
|
|
||||||
|
|
||||||
previous_value = site_setting.attribute_in_database(:value) || SiteSetting.defaults[:emoji_set]
|
|
||||||
before = "/images/emoji/#{previous_value}/"
|
|
||||||
after = "/images/emoji/#{site_setting.value}/"
|
|
||||||
|
|
||||||
Scheduler::Defer.later("Fix Emoji Links") do
|
|
||||||
DB.exec("UPDATE posts SET cooked = REPLACE(cooked, :before, :after) WHERE cooked LIKE :like",
|
|
||||||
before: before,
|
|
||||||
after: after,
|
|
||||||
like: "%#{before}%"
|
|
||||||
)
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
def self.valid_value?(val)
|
def self.valid_value?(val)
|
||||||
values.any? { |v| v[:value] == val.to_s }
|
values.any? { |v| v[:value] == val.to_s }
|
||||||
end
|
end
|
||||||
|
|
|
@ -305,12 +305,6 @@ class Report
|
||||||
add_counts report, subject, 'topics.created_at'
|
add_counts report, subject, 'topics.created_at'
|
||||||
end
|
end
|
||||||
|
|
||||||
DiscourseEvent.on(:site_setting_saved) do |site_setting|
|
|
||||||
if ["backup_location", "s3_backup_bucket"].include?(site_setting.name.to_s)
|
|
||||||
clear_cache(:storage_stats)
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
def rgba_color(hex, opacity = 1)
|
def rgba_color(hex, opacity = 1)
|
||||||
if hex.size == 3
|
if hex.size == 3
|
||||||
chars = hex.scan(/\w/)
|
chars = hex.scan(/\w/)
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
require_dependency 'reviewable'
|
require_dependency 'reviewable'
|
||||||
|
|
||||||
class ReviewableUser < Reviewable
|
class ReviewableUser < Reviewable
|
||||||
|
|
||||||
def self.create_for(user)
|
def self.create_for(user)
|
||||||
create(
|
create(
|
||||||
created_by_id: Discourse.system_user.id,
|
created_by_id: Discourse.system_user.id,
|
||||||
|
|
|
@ -33,14 +33,6 @@ class Topic < ActiveRecord::Base
|
||||||
|
|
||||||
attr_accessor :allowed_user_ids, :tags_changed, :includes_destination_category
|
attr_accessor :allowed_user_ids, :tags_changed, :includes_destination_category
|
||||||
|
|
||||||
DiscourseEvent.on(:site_setting_saved) do |site_setting|
|
|
||||||
if site_setting.name.to_s == "slug_generation_method" && site_setting.saved_change_to_value?
|
|
||||||
Scheduler::Defer.later("Null topic slug") do
|
|
||||||
Topic.update_all(slug: nil)
|
|
||||||
end
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
def self.max_fancy_title_length
|
def self.max_fancy_title_length
|
||||||
400
|
400
|
||||||
end
|
end
|
||||||
|
|
|
@ -14,8 +14,7 @@ class AdminUserSerializer < AdminUserListSerializer
|
||||||
has_one :single_sign_on_record, serializer: SingleSignOnRecordSerializer, embed: :objects
|
has_one :single_sign_on_record, serializer: SingleSignOnRecordSerializer, embed: :objects
|
||||||
|
|
||||||
def can_approve
|
def can_approve
|
||||||
reviewable = ReviewableUser.find_by(target: object)
|
scope.can_approve?(object)
|
||||||
reviewable.present? && reviewable.actions_for(scope).has?(:approve)
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def include_can_approve?
|
def include_can_approve?
|
||||||
|
|
|
@ -0,0 +1,38 @@
|
||||||
|
# Enabling `must_approve_users` on an existing site is odd, so we assume that the
|
||||||
|
# existing users are approved.
|
||||||
|
DiscourseEvent.on(:site_setting_saved) do |site_setting|
|
||||||
|
name = site_setting.name.to_sym
|
||||||
|
next unless site_setting.value_changed?
|
||||||
|
|
||||||
|
if name == :must_approve_users && site_setting.value == 't'
|
||||||
|
User.where(approved: false).update_all(approved: true)
|
||||||
|
end
|
||||||
|
|
||||||
|
if name == :emoji_set
|
||||||
|
Emoji.clear_cache
|
||||||
|
|
||||||
|
previous_value = site_setting.attribute_in_database(:value) || SiteSetting.defaults[:emoji_set]
|
||||||
|
before = "/images/emoji/#{previous_value}/"
|
||||||
|
after = "/images/emoji/#{site_setting.value}/"
|
||||||
|
|
||||||
|
Scheduler::Defer.later("Fix Emoji Links") do
|
||||||
|
DB.exec("UPDATE posts SET cooked = REPLACE(cooked, :before, :after) WHERE cooked LIKE :like",
|
||||||
|
before: before,
|
||||||
|
after: after,
|
||||||
|
like: "%#{before}%"
|
||||||
|
)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
Report.clear_cache(:storage_stats) if [:backup_location, :s3_backup_bucket].include?(name)
|
||||||
|
|
||||||
|
if name == :slug_generation_method
|
||||||
|
Scheduler::Defer.later("Null topic slug") do
|
||||||
|
Topic.update_all(slug: nil)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
Jobs.enqueue(:update_s3_inventory) if [:s3_inventory, :s3_upload_bucket].include?(name)
|
||||||
|
|
||||||
|
SvgSprite.expire_cache if name.to_s.include?("_icon")
|
||||||
|
end
|
|
@ -468,11 +468,6 @@ module Discourse
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
DiscourseEvent.on(:site_setting_saved) do |site_setting|
|
|
||||||
name = site_setting.name.to_s
|
|
||||||
Jobs.enqueue(:update_s3_inventory) if name.include?("s3_inventory") || name == "s3_upload_bucket"
|
|
||||||
end
|
|
||||||
|
|
||||||
def self.current_user_provider
|
def self.current_user_provider
|
||||||
@current_user_provider || Auth::DefaultCurrentUserProvider
|
@current_user_provider || Auth::DefaultCurrentUserProvider
|
||||||
end
|
end
|
||||||
|
|
|
@ -220,7 +220,7 @@ class Guardian
|
||||||
|
|
||||||
# Can we approve it?
|
# Can we approve it?
|
||||||
def can_approve?(target)
|
def can_approve?(target)
|
||||||
is_staff? && target && target.active? && not(target.approved?)
|
is_staff? && target && target.active? && !target.approved?
|
||||||
end
|
end
|
||||||
|
|
||||||
def can_activate?(target)
|
def can_activate?(target)
|
||||||
|
|
|
@ -4,7 +4,22 @@ class SiteSettings::LocalProcessProvider
|
||||||
|
|
||||||
attr_accessor :current_site
|
attr_accessor :current_site
|
||||||
|
|
||||||
Setting = Struct.new(:name, :value, :data_type) unless defined? SiteSettings::LocalProcessProvider::Setting
|
class Setting
|
||||||
|
attr_accessor :name, :data_type, :value
|
||||||
|
|
||||||
|
def value_changed?
|
||||||
|
true
|
||||||
|
end
|
||||||
|
|
||||||
|
def saved_change_to_value?
|
||||||
|
true
|
||||||
|
end
|
||||||
|
|
||||||
|
def initialize(name, data_type)
|
||||||
|
self.name = name
|
||||||
|
self.data_type = data_type
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
def settings
|
def settings
|
||||||
@settings[current_site] ||= {}
|
@settings[current_site] ||= {}
|
||||||
|
@ -26,8 +41,14 @@ class SiteSettings::LocalProcessProvider
|
||||||
def save(name, value, data_type)
|
def save(name, value, data_type)
|
||||||
# NOTE: convert to string to simulate the conversion that is happening
|
# NOTE: convert to string to simulate the conversion that is happening
|
||||||
# when using DbProvider
|
# when using DbProvider
|
||||||
value = value.to_s
|
setting = settings[name]
|
||||||
settings[name] = Setting.new(name, value, data_type)
|
if setting.blank?
|
||||||
|
setting = Setting.new(name, data_type)
|
||||||
|
settings[name] = setting
|
||||||
|
end
|
||||||
|
setting.value = value.to_s
|
||||||
|
DiscourseEvent.trigger(:site_setting_saved, setting)
|
||||||
|
setting
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy(name)
|
def destroy(name)
|
||||||
|
|
|
@ -329,7 +329,6 @@ License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL
|
||||||
end
|
end
|
||||||
|
|
||||||
DiscourseEvent.on(:site_setting_saved) do |site_setting|
|
DiscourseEvent.on(:site_setting_saved) do |site_setting|
|
||||||
expire_cache if site_setting.name.to_s.include?("_icon")
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.plugin_icons
|
def self.plugin_icons
|
||||||
|
|
|
@ -14,7 +14,7 @@ describe SiteSettings::DbProvider do
|
||||||
end
|
end
|
||||||
|
|
||||||
# integration test, requires db access
|
# integration test, requires db access
|
||||||
it "act correctly" do
|
it "acts correctly" do
|
||||||
setting = Struct.new(:name, :value, :data_type)
|
setting = Struct.new(:name, :value, :data_type)
|
||||||
|
|
||||||
SiteSetting.destroy_all
|
SiteSetting.destroy_all
|
||||||
|
|
|
@ -9,16 +9,10 @@ describe SiteSettings::LocalProcessProvider do
|
||||||
expect(actual.data_type).to eq(expected.data_type)
|
expect(actual.data_type).to eq(expected.data_type)
|
||||||
end
|
end
|
||||||
|
|
||||||
let :provider do
|
let(:provider) { described_class.new }
|
||||||
SiteSettings::LocalProcessProvider.new
|
|
||||||
end
|
|
||||||
|
|
||||||
def setting(name, value, data_type)
|
def setting(name, value, data_type)
|
||||||
OpenStruct.new.tap do |setting|
|
described_class::Setting.new(name, data_type).tap { |s| s.value = value }
|
||||||
setting.name = name
|
|
||||||
setting.value = value
|
|
||||||
setting.data_type = data_type
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
||||||
describe "all" do
|
describe "all" do
|
||||||
|
|
|
@ -15,12 +15,13 @@ describe Jobs::EnqueueDigestEmails do
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'unapproved users' do
|
context 'unapproved users' do
|
||||||
let!(:unapproved_user) { Fabricate(:active_user, approved: false, last_emailed_at: 8.days.ago, last_seen_at: 10.days.ago) }
|
|
||||||
|
|
||||||
before do
|
before do
|
||||||
SiteSetting.must_approve_users = true
|
SiteSetting.must_approve_users = true
|
||||||
end
|
end
|
||||||
|
|
||||||
|
let!(:unapproved_user) { Fabricate(:active_user, approved: false, last_emailed_at: 8.days.ago, last_seen_at: 10.days.ago) }
|
||||||
|
|
||||||
it 'should enqueue the right digest emails' do
|
it 'should enqueue the right digest emails' do
|
||||||
expect(Jobs::EnqueueDigestEmails.new.target_user_ids.include?(unapproved_user.id)).to eq(false)
|
expect(Jobs::EnqueueDigestEmails.new.target_user_ids.include?(unapproved_user.id)).to eq(false)
|
||||||
|
|
||||||
|
|
|
@ -42,6 +42,8 @@ describe Jobs::NotifyMailingListSubscribers do
|
||||||
before do
|
before do
|
||||||
SiteSetting.login_required = true
|
SiteSetting.login_required = true
|
||||||
SiteSetting.must_approve_users = true
|
SiteSetting.must_approve_users = true
|
||||||
|
|
||||||
|
User.update_all(approved: false)
|
||||||
end
|
end
|
||||||
include_examples "no emails"
|
include_examples "no emails"
|
||||||
end
|
end
|
||||||
|
|
|
@ -434,7 +434,7 @@ describe Category do
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'triggers a extensibility event' do
|
it 'triggers a extensibility event' do
|
||||||
event = DiscourseEvent.track_events { @category.destroy }.first
|
event = DiscourseEvent.track(:category_destroyed) { @category.destroy }
|
||||||
|
|
||||||
expect(event[:event_name]).to eq(:category_destroyed)
|
expect(event[:event_name]).to eq(:category_destroyed)
|
||||||
expect(event[:params].first).to eq(@category)
|
expect(event[:params].first).to eq(@category)
|
||||||
|
|
|
@ -100,6 +100,15 @@ RSpec.describe ReviewableUser, type: :model do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe "changing must_approve_users" do
|
||||||
|
it "will approve any existing users" do
|
||||||
|
user = Fabricate(:user)
|
||||||
|
expect(user).not_to be_approved
|
||||||
|
SiteSetting.must_approve_users = true
|
||||||
|
expect(user.reload).to be_approved
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
describe 'when must_approve_users is true' do
|
describe 'when must_approve_users is true' do
|
||||||
before do
|
before do
|
||||||
SiteSetting.must_approve_users = true
|
SiteSetting.must_approve_users = true
|
||||||
|
|
|
@ -56,12 +56,11 @@ RSpec.describe Admin::UsersController do
|
||||||
end
|
end
|
||||||
|
|
||||||
describe '#approve' do
|
describe '#approve' do
|
||||||
|
let(:evil_trout) { Fabricate(:evil_trout) }
|
||||||
before do
|
before do
|
||||||
SiteSetting.must_approve_users = true
|
SiteSetting.must_approve_users = true
|
||||||
end
|
end
|
||||||
|
|
||||||
let(:evil_trout) { Fabricate(:evil_trout) }
|
|
||||||
|
|
||||||
it "raises an error when the user doesn't have permission" do
|
it "raises an error when the user doesn't have permission" do
|
||||||
sign_in(user)
|
sign_in(user)
|
||||||
put "/admin/users/#{evil_trout.id}/approve.json"
|
put "/admin/users/#{evil_trout.id}/approve.json"
|
||||||
|
@ -70,6 +69,15 @@ RSpec.describe Admin::UsersController do
|
||||||
expect(evil_trout.approved).to eq(false)
|
expect(evil_trout.approved).to eq(false)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it "will create a reviewable if one does not exist" do
|
||||||
|
evil_trout.update!(active: true)
|
||||||
|
expect(ReviewableUser.find_by(target: evil_trout)).to be_blank
|
||||||
|
put "/admin/users/#{evil_trout.id}/approve.json"
|
||||||
|
expect(response.code).to eq("200")
|
||||||
|
expect(ReviewableUser.find_by(target: evil_trout)).to be_present
|
||||||
|
expect(evil_trout.reload).to be_approved
|
||||||
|
end
|
||||||
|
|
||||||
it 'calls approve' do
|
it 'calls approve' do
|
||||||
Jobs.run_immediately!
|
Jobs.run_immediately!
|
||||||
evil_trout.activate
|
evil_trout.activate
|
||||||
|
|
|
@ -1111,6 +1111,7 @@ RSpec.describe SessionController do
|
||||||
|
|
||||||
context 'with an unapproved user' do
|
context 'with an unapproved user' do
|
||||||
before do
|
before do
|
||||||
|
user.update_columns(approved: false)
|
||||||
post "/session.json", params: {
|
post "/session.json", params: {
|
||||||
login: user.email, password: 'myawesomepassword'
|
login: user.email, password: 'myawesomepassword'
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue