diff --git a/app/controllers/admin/users_controller.rb b/app/controllers/admin/users_controller.rb index 6c1e1de5ca7..b097ed82573 100644 --- a/app/controllers/admin/users_controller.rb +++ b/app/controllers/admin/users_controller.rb @@ -72,7 +72,8 @@ class Admin::UsersController < Admin::AdminController def trust_level guardian.ensure_can_change_trust_level!(@user) - BoostTrustLevel.new(@user, params[:level]).save! + logger = AdminLogger.new(current_user) + BoostTrustLevel.new(user: @user, level: params[:level], logger: logger).save! render_serialized(@user, AdminUserSerializer) end diff --git a/app/models/admin_log.rb b/app/models/admin_log.rb index 71dd383a12a..405bac7f79e 100644 --- a/app/models/admin_log.rb +++ b/app/models/admin_log.rb @@ -9,7 +9,7 @@ class AdminLog < ActiveRecord::Base validates_presence_of :action def self.actions - @actions ||= Enum.new(:delete_user) + @actions ||= Enum.new(:delete_user, :change_trust_level) end end diff --git a/lib/admin_logger.rb b/lib/admin_logger.rb index 53684172846..4adbf90d56d 100644 --- a/lib/admin_logger.rb +++ b/lib/admin_logger.rb @@ -13,4 +13,14 @@ class AdminLogger details: [:id, :username, :name, :created_at, :trust_level, :last_seen_at, :last_emailed_at].map { |x| "#{x}: #{deleted_user.send(x)}" }.join(', ') ) end -end \ No newline at end of file + + def log_trust_level_change(user, new_trust_level) + raise Discourse::InvalidParameters.new('user is nil') unless user and user.is_a?(User) + raise Discourse::InvalidParameters.new('new trust level is invalid') unless TrustLevel.levels.values.include? new_trust_level + AdminLog.create!( + action: AdminLog.actions[:change_trust_level], + admin_id: @admin.id, + details: [:id, :username, :name, :created_at, :trust_level, :last_seen_at, :last_emailed_at].map { |x| "#{x}: #{user.send(x)}" }.join(', ') + "new trust level: #{new_trust_level}" + ) + end +end diff --git a/lib/boost_trust_level.rb b/lib/boost_trust_level.rb index 597f380866e..50785270ea0 100644 --- a/lib/boost_trust_level.rb +++ b/lib/boost_trust_level.rb @@ -2,19 +2,22 @@ require_dependency 'promotion' class BoostTrustLevel - def initialize(user, level) - @user = user - @level = level.to_i + def initialize(args) + @user = args[:user] + @level = args[:level].to_i @promotion = Promotion.new(@user) @trust_levels = TrustLevel.levels + @logger = args[:logger] end def save! - if @level < @user.trust_level - demote! - else - @user.update_attributes!(trust_level: @level) - end + success = if @level < @user.trust_level + demote! + else + @user.update_attributes!(trust_level: @level) + end + @logger.log_trust_level_change(@user, @level) + success end protected diff --git a/spec/components/admin_logger_spec.rb b/spec/components/admin_logger_spec.rb index 5162cf9bc23..f98517e6b5e 100644 --- a/spec/components/admin_logger_spec.rb +++ b/spec/components/admin_logger_spec.rb @@ -32,4 +32,30 @@ describe AdminLogger do end end + describe 'log_trust_level_change' do + let(:admin) { Fabricate(:admin) } + let(:user) { Fabricate(:user) } + let(:new_trust_level) { TrustLevel.levels[:basic] } + + subject(:log_trust_level_change) { AdminLogger.new(admin).log_trust_level_change(user, new_trust_level) } + + it 'raises an error when user or trust level is nil' do + expect { AdminLogger.new(admin).log_trust_level_change(nil, new_trust_level) }.to raise_error(Discourse::InvalidParameters) + expect { AdminLogger.new(admin).log_trust_level_change(user, nil) }.to raise_error(Discourse::InvalidParameters) + end + + it 'raises an error when user is not a User' do + expect { AdminLogger.new(admin).log_trust_level_change(1, new_trust_level) }.to raise_error(Discourse::InvalidParameters) + end + + it 'raises an error when new trust level is not a Trust Level' do + max_level = TrustLevel.levels.values.max + expect { AdminLogger.new(admin).log_trust_level_change(user, max_level + 1) }.to raise_error(Discourse::InvalidParameters) + end + + it 'creates a new AdminLog record' do + expect { log_trust_level_change }.to change { AdminLog.count }.by(1) + AdminLog.last.details.should include "new trust level: #{new_trust_level}" + end + end end diff --git a/spec/components/boost_trust_level_spec.rb b/spec/components/boost_trust_level_spec.rb index 26412079337..3974aecbb62 100644 --- a/spec/components/boost_trust_level_spec.rb +++ b/spec/components/boost_trust_level_spec.rb @@ -1,16 +1,25 @@ require 'spec_helper' require 'boost_trust_level' +require 'admin_logger' describe BoostTrustLevel do let(:user) { Fabricate(:user) } + let(:logger) { AdminLogger.new(Fabricate(:admin)) } + it "should upgrade the trust level of a user" do - boostr = BoostTrustLevel.new(user, TrustLevel.levels[:basic]) + boostr = BoostTrustLevel.new(user: user, level: TrustLevel.levels[:basic], logger: logger) boostr.save!.should be_true user.trust_level.should == TrustLevel.levels[:basic] end + it "should log the action" do + AdminLogger.any_instance.expects(:log_trust_level_change).with(user, TrustLevel.levels[:basic]).once + boostr = BoostTrustLevel.new(user: user, level: TrustLevel.levels[:basic], logger: logger) + boostr.save! + end + describe "demotions" do before { user.update_attributes(trust_level: TrustLevel.levels[:newuser]) } @@ -21,8 +30,9 @@ describe BoostTrustLevel do user.update_attributes(trust_level: TrustLevel.levels[:basic]) end - it "should demote the user" do - boostr = BoostTrustLevel.new(user, TrustLevel.levels[:newuser]) + it "should demote the user and log the action" do + AdminLogger.any_instance.expects(:log_trust_level_change).with(user, TrustLevel.levels[:newuser]).once + boostr = BoostTrustLevel.new(user: user, level: TrustLevel.levels[:newuser], logger: logger) boostr.save!.should be_true user.trust_level.should == TrustLevel.levels[:newuser] end @@ -38,11 +48,13 @@ describe BoostTrustLevel do user.update_attributes(trust_level: TrustLevel.levels[:basic]) end - it "should not demote the user" do - boostr = BoostTrustLevel.new(user, TrustLevel.levels[:newuser]) + it "should not demote the user and not log the action" do + AdminLogger.any_instance.expects(:log_trust_level_change).with(user, TrustLevel.levels[:newuser]).never + boostr = BoostTrustLevel.new(user: user, level: TrustLevel.levels[:newuser], logger: logger) expect { boostr.save! }.to raise_error(Discourse::InvalidAccess, "You attempted to demote #{user.name} to 'newuser'. However their trust level is already 'basic'. #{user.name} will remain at 'basic'") user.trust_level.should == TrustLevel.levels[:basic] end + end end end diff --git a/spec/controllers/admin/users_controller_spec.rb b/spec/controllers/admin/users_controller_spec.rb index 35fbaab5887..036e557bb0a 100644 --- a/spec/controllers/admin/users_controller_spec.rb +++ b/spec/controllers/admin/users_controller_spec.rb @@ -137,12 +137,14 @@ describe Admin::UsersController do end it "upgrades the user's trust level" do + AdminLogger.any_instance.expects(:log_trust_level_change).with(@another_user, 2).once xhr :put, :trust_level, user_id: @another_user.id, level: 2 @another_user.reload @another_user.trust_level.should == 2 end it "raises an error when demoting a user below their current trust level" do + AdminLogger.any_instance.expects(:log_trust_level_change).with(@another_user, TrustLevel.levels[:newuser]).never @another_user.topics_entered = SiteSetting.basic_requires_topics_entered + 1 @another_user.posts_read_count = SiteSetting.basic_requires_read_posts + 1 @another_user.time_read = SiteSetting.basic_requires_time_spent_mins * 60