Log all changes of user trust level by an admin
This commit is contained in:
parent
f6a8f6cfe5
commit
d77ce23de2
|
@ -72,7 +72,8 @@ class Admin::UsersController < Admin::AdminController
|
|||
|
||||
def trust_level
|
||||
guardian.ensure_can_change_trust_level!(@user)
|
||||
BoostTrustLevel.new(@user, params[:level]).save!
|
||||
logger = AdminLogger.new(current_user)
|
||||
BoostTrustLevel.new(user: @user, level: params[:level], logger: logger).save!
|
||||
render_serialized(@user, AdminUserSerializer)
|
||||
end
|
||||
|
||||
|
|
|
@ -9,7 +9,7 @@ class AdminLog < ActiveRecord::Base
|
|||
validates_presence_of :action
|
||||
|
||||
def self.actions
|
||||
@actions ||= Enum.new(:delete_user)
|
||||
@actions ||= Enum.new(:delete_user, :change_trust_level)
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
@ -13,4 +13,14 @@ class AdminLogger
|
|||
details: [:id, :username, :name, :created_at, :trust_level, :last_seen_at, :last_emailed_at].map { |x| "#{x}: #{deleted_user.send(x)}" }.join(', ')
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
def log_trust_level_change(user, new_trust_level)
|
||||
raise Discourse::InvalidParameters.new('user is nil') unless user and user.is_a?(User)
|
||||
raise Discourse::InvalidParameters.new('new trust level is invalid') unless TrustLevel.levels.values.include? new_trust_level
|
||||
AdminLog.create!(
|
||||
action: AdminLog.actions[:change_trust_level],
|
||||
admin_id: @admin.id,
|
||||
details: [:id, :username, :name, :created_at, :trust_level, :last_seen_at, :last_emailed_at].map { |x| "#{x}: #{user.send(x)}" }.join(', ') + "new trust level: #{new_trust_level}"
|
||||
)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -2,14 +2,16 @@ require_dependency 'promotion'
|
|||
|
||||
class BoostTrustLevel
|
||||
|
||||
def initialize(user, level)
|
||||
@user = user
|
||||
@level = level.to_i
|
||||
def initialize(args)
|
||||
@user = args[:user]
|
||||
@level = args[:level].to_i
|
||||
@promotion = Promotion.new(@user)
|
||||
@trust_levels = TrustLevel.levels
|
||||
@logger = args[:logger]
|
||||
end
|
||||
|
||||
def save!
|
||||
@logger.log_trust_level_change(@user, @level)
|
||||
if @level < @user.trust_level
|
||||
demote!
|
||||
else
|
||||
|
|
|
@ -32,4 +32,30 @@ describe AdminLogger do
|
|||
end
|
||||
end
|
||||
|
||||
describe 'log_trust_level_change' do
|
||||
let(:admin) { Fabricate(:admin) }
|
||||
let(:user) { Fabricate(:user) }
|
||||
let(:new_trust_level) { TrustLevel.levels[:basic] }
|
||||
|
||||
subject(:log_trust_level_change) { AdminLogger.new(admin).log_trust_level_change(user, new_trust_level) }
|
||||
|
||||
it 'raises an error when user or trust level is nil' do
|
||||
expect { AdminLogger.new(admin).log_trust_level_change(nil, new_trust_level) }.to raise_error(Discourse::InvalidParameters)
|
||||
expect { AdminLogger.new(admin).log_trust_level_change(user, nil) }.to raise_error(Discourse::InvalidParameters)
|
||||
end
|
||||
|
||||
it 'raises an error when user is not a User' do
|
||||
expect { AdminLogger.new(admin).log_trust_level_change(1, new_trust_level) }.to raise_error(Discourse::InvalidParameters)
|
||||
end
|
||||
|
||||
it 'raises an error when new trust level is not a Trust Level' do
|
||||
max_level = TrustLevel.levels.values.max
|
||||
expect { AdminLogger.new(admin).log_trust_level_change(user, max_level + 1) }.to raise_error(Discourse::InvalidParameters)
|
||||
end
|
||||
|
||||
it 'creates a new AdminLog record' do
|
||||
expect { log_trust_level_change }.to change { AdminLog.count }.by(1)
|
||||
AdminLog.last.details.should include "new trust level: #{new_trust_level}"
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -1,16 +1,25 @@
|
|||
require 'spec_helper'
|
||||
require 'boost_trust_level'
|
||||
require 'admin_logger'
|
||||
|
||||
describe BoostTrustLevel do
|
||||
|
||||
let(:user) { Fabricate(:user) }
|
||||
let(:logger) { AdminLogger.new(Fabricate(:admin)) }
|
||||
|
||||
|
||||
it "should upgrade the trust level of a user" do
|
||||
boostr = BoostTrustLevel.new(user, TrustLevel.levels[:basic])
|
||||
boostr = BoostTrustLevel.new(user: user, level: TrustLevel.levels[:basic], logger: logger)
|
||||
boostr.save!.should be_true
|
||||
user.trust_level.should == TrustLevel.levels[:basic]
|
||||
end
|
||||
|
||||
it "should log the action" do
|
||||
AdminLogger.any_instance.expects(:log_trust_level_change).with(user, TrustLevel.levels[:basic]).once
|
||||
boostr = BoostTrustLevel.new(user: user, level: TrustLevel.levels[:basic], logger: logger)
|
||||
boostr.save!
|
||||
end
|
||||
|
||||
describe "demotions" do
|
||||
before { user.update_attributes(trust_level: TrustLevel.levels[:newuser]) }
|
||||
|
||||
|
@ -21,8 +30,9 @@ describe BoostTrustLevel do
|
|||
user.update_attributes(trust_level: TrustLevel.levels[:basic])
|
||||
end
|
||||
|
||||
it "should demote the user" do
|
||||
boostr = BoostTrustLevel.new(user, TrustLevel.levels[:newuser])
|
||||
it "should demote the user and log the action" do
|
||||
AdminLogger.any_instance.expects(:log_trust_level_change).with(user, TrustLevel.levels[:newuser]).once
|
||||
boostr = BoostTrustLevel.new(user: user, level: TrustLevel.levels[:newuser], logger: logger)
|
||||
boostr.save!.should be_true
|
||||
user.trust_level.should == TrustLevel.levels[:newuser]
|
||||
end
|
||||
|
@ -38,11 +48,13 @@ describe BoostTrustLevel do
|
|||
user.update_attributes(trust_level: TrustLevel.levels[:basic])
|
||||
end
|
||||
|
||||
it "should not demote the user" do
|
||||
boostr = BoostTrustLevel.new(user, TrustLevel.levels[:newuser])
|
||||
it "should not demote the user but log the action anyway" do
|
||||
AdminLogger.any_instance.expects(:log_trust_level_change).with(user, TrustLevel.levels[:newuser]).once
|
||||
boostr = BoostTrustLevel.new(user: user, level: TrustLevel.levels[:newuser], logger: logger)
|
||||
expect { boostr.save! }.to raise_error(Discourse::InvalidAccess, "You attempted to demote #{user.name} to 'newuser'. However their trust level is already 'basic'. #{user.name} will remain at 'basic'")
|
||||
user.trust_level.should == TrustLevel.levels[:basic]
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -137,12 +137,14 @@ describe Admin::UsersController do
|
|||
end
|
||||
|
||||
it "upgrades the user's trust level" do
|
||||
AdminLogger.any_instance.expects(:log_trust_level_change).with(@another_user, 2).once
|
||||
xhr :put, :trust_level, user_id: @another_user.id, level: 2
|
||||
@another_user.reload
|
||||
@another_user.trust_level.should == 2
|
||||
end
|
||||
|
||||
it "raises an error when demoting a user below their current trust level" do
|
||||
AdminLogger.any_instance.expects(:log_trust_level_change).with(@another_user, TrustLevel.levels[:newuser]).once
|
||||
@another_user.topics_entered = SiteSetting.basic_requires_topics_entered + 1
|
||||
@another_user.posts_read_count = SiteSetting.basic_requires_read_posts + 1
|
||||
@another_user.time_read = SiteSetting.basic_requires_time_spent_mins * 60
|
||||
|
|
Loading…
Reference in New Issue