Log all changes of user trust level by an admin

This commit is contained in:
Navin 2013-07-08 11:53:22 +02:00
parent f6a8f6cfe5
commit d77ce23de2
7 changed files with 64 additions and 11 deletions

View File

@ -72,7 +72,8 @@ class Admin::UsersController < Admin::AdminController
def trust_level
guardian.ensure_can_change_trust_level!(@user)
BoostTrustLevel.new(@user, params[:level]).save!
logger = AdminLogger.new(current_user)
BoostTrustLevel.new(user: @user, level: params[:level], logger: logger).save!
render_serialized(@user, AdminUserSerializer)
end

View File

@ -9,7 +9,7 @@ class AdminLog < ActiveRecord::Base
validates_presence_of :action
def self.actions
@actions ||= Enum.new(:delete_user)
@actions ||= Enum.new(:delete_user, :change_trust_level)
end
end

View File

@ -13,4 +13,14 @@ class AdminLogger
details: [:id, :username, :name, :created_at, :trust_level, :last_seen_at, :last_emailed_at].map { |x| "#{x}: #{deleted_user.send(x)}" }.join(', ')
)
end
end
def log_trust_level_change(user, new_trust_level)
raise Discourse::InvalidParameters.new('user is nil') unless user and user.is_a?(User)
raise Discourse::InvalidParameters.new('new trust level is invalid') unless TrustLevel.levels.values.include? new_trust_level
AdminLog.create!(
action: AdminLog.actions[:change_trust_level],
admin_id: @admin.id,
details: [:id, :username, :name, :created_at, :trust_level, :last_seen_at, :last_emailed_at].map { |x| "#{x}: #{user.send(x)}" }.join(', ') + "new trust level: #{new_trust_level}"
)
end
end

View File

@ -2,14 +2,16 @@ require_dependency 'promotion'
class BoostTrustLevel
def initialize(user, level)
@user = user
@level = level.to_i
def initialize(args)
@user = args[:user]
@level = args[:level].to_i
@promotion = Promotion.new(@user)
@trust_levels = TrustLevel.levels
@logger = args[:logger]
end
def save!
@logger.log_trust_level_change(@user, @level)
if @level < @user.trust_level
demote!
else

View File

@ -32,4 +32,30 @@ describe AdminLogger do
end
end
describe 'log_trust_level_change' do
let(:admin) { Fabricate(:admin) }
let(:user) { Fabricate(:user) }
let(:new_trust_level) { TrustLevel.levels[:basic] }
subject(:log_trust_level_change) { AdminLogger.new(admin).log_trust_level_change(user, new_trust_level) }
it 'raises an error when user or trust level is nil' do
expect { AdminLogger.new(admin).log_trust_level_change(nil, new_trust_level) }.to raise_error(Discourse::InvalidParameters)
expect { AdminLogger.new(admin).log_trust_level_change(user, nil) }.to raise_error(Discourse::InvalidParameters)
end
it 'raises an error when user is not a User' do
expect { AdminLogger.new(admin).log_trust_level_change(1, new_trust_level) }.to raise_error(Discourse::InvalidParameters)
end
it 'raises an error when new trust level is not a Trust Level' do
max_level = TrustLevel.levels.values.max
expect { AdminLogger.new(admin).log_trust_level_change(user, max_level + 1) }.to raise_error(Discourse::InvalidParameters)
end
it 'creates a new AdminLog record' do
expect { log_trust_level_change }.to change { AdminLog.count }.by(1)
AdminLog.last.details.should include "new trust level: #{new_trust_level}"
end
end
end

View File

@ -1,16 +1,25 @@
require 'spec_helper'
require 'boost_trust_level'
require 'admin_logger'
describe BoostTrustLevel do
let(:user) { Fabricate(:user) }
let(:logger) { AdminLogger.new(Fabricate(:admin)) }
it "should upgrade the trust level of a user" do
boostr = BoostTrustLevel.new(user, TrustLevel.levels[:basic])
boostr = BoostTrustLevel.new(user: user, level: TrustLevel.levels[:basic], logger: logger)
boostr.save!.should be_true
user.trust_level.should == TrustLevel.levels[:basic]
end
it "should log the action" do
AdminLogger.any_instance.expects(:log_trust_level_change).with(user, TrustLevel.levels[:basic]).once
boostr = BoostTrustLevel.new(user: user, level: TrustLevel.levels[:basic], logger: logger)
boostr.save!
end
describe "demotions" do
before { user.update_attributes(trust_level: TrustLevel.levels[:newuser]) }
@ -21,8 +30,9 @@ describe BoostTrustLevel do
user.update_attributes(trust_level: TrustLevel.levels[:basic])
end
it "should demote the user" do
boostr = BoostTrustLevel.new(user, TrustLevel.levels[:newuser])
it "should demote the user and log the action" do
AdminLogger.any_instance.expects(:log_trust_level_change).with(user, TrustLevel.levels[:newuser]).once
boostr = BoostTrustLevel.new(user: user, level: TrustLevel.levels[:newuser], logger: logger)
boostr.save!.should be_true
user.trust_level.should == TrustLevel.levels[:newuser]
end
@ -38,11 +48,13 @@ describe BoostTrustLevel do
user.update_attributes(trust_level: TrustLevel.levels[:basic])
end
it "should not demote the user" do
boostr = BoostTrustLevel.new(user, TrustLevel.levels[:newuser])
it "should not demote the user but log the action anyway" do
AdminLogger.any_instance.expects(:log_trust_level_change).with(user, TrustLevel.levels[:newuser]).once
boostr = BoostTrustLevel.new(user: user, level: TrustLevel.levels[:newuser], logger: logger)
expect { boostr.save! }.to raise_error(Discourse::InvalidAccess, "You attempted to demote #{user.name} to 'newuser'. However their trust level is already 'basic'. #{user.name} will remain at 'basic'")
user.trust_level.should == TrustLevel.levels[:basic]
end
end
end
end

View File

@ -137,12 +137,14 @@ describe Admin::UsersController do
end
it "upgrades the user's trust level" do
AdminLogger.any_instance.expects(:log_trust_level_change).with(@another_user, 2).once
xhr :put, :trust_level, user_id: @another_user.id, level: 2
@another_user.reload
@another_user.trust_level.should == 2
end
it "raises an error when demoting a user below their current trust level" do
AdminLogger.any_instance.expects(:log_trust_level_change).with(@another_user, TrustLevel.levels[:newuser]).once
@another_user.topics_entered = SiteSetting.basic_requires_topics_entered + 1
@another_user.posts_read_count = SiteSetting.basic_requires_read_posts + 1
@another_user.time_read = SiteSetting.basic_requires_time_spent_mins * 60