FIX: Users should able check the emails for self
This commit is contained in:
parent
ba724d7f25
commit
e7821a63e7
|
@ -148,9 +148,11 @@ class UsersController < ApplicationController
|
|||
|
||||
def check_emails
|
||||
user = fetch_user_from_params(include_inactive: true)
|
||||
guardian.ensure_can_check_emails!(user)
|
||||
|
||||
StaffActionLogger.new(current_user).log_check_email(user, context: params[:context])
|
||||
unless user == current_user
|
||||
guardian.ensure_can_check_emails!(user)
|
||||
StaffActionLogger.new(current_user).log_check_email(user, context: params[:context])
|
||||
end
|
||||
|
||||
email, *secondary_emails = user.emails
|
||||
|
||||
|
|
|
@ -2072,6 +2072,19 @@ describe UsersController do
|
|||
expect(response).to be_forbidden
|
||||
end
|
||||
|
||||
it "returns emails and associated_accounts for self" do
|
||||
user = Fabricate(:user)
|
||||
sign_in(user)
|
||||
|
||||
get "/u/#{user.username}/emails.json"
|
||||
|
||||
expect(response.status).to eq(200)
|
||||
json = JSON.parse(response.body)
|
||||
expect(json["email"]).to eq(user.email)
|
||||
expect(json["secondary_emails"]).to eq(user.secondary_emails)
|
||||
expect(json["associated_accounts"]).to eq([])
|
||||
end
|
||||
|
||||
it "returns emails and associated_accounts when you're allowed to see them" do
|
||||
user = Fabricate(:user)
|
||||
sign_in_admin
|
||||
|
|
Loading…
Reference in New Issue