jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fixes #2470: Neutral records to keep track of permissions

Browse Source
This commit is contained in:
r888888888
2015-10-26 14:27:03 -07:00
parent 34aa777aad
commit 3a81f1ee8e
3 changed files with 49 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
app/controllers/users_controller.rb
View File

@@ -50,6 +50,7 @@ class UsersController < ApplicationController
@user = User.find(params[:id]) @user = User.find(params[:id])
check_privilege(@user) check_privilege(@user)
sanitize_params! sanitize_params!
handle_promotion!
@user.update_attributes(params[:user].except(:name), :as => CurrentUser.role) @user.update_attributes(params[:user].except(:name), :as => CurrentUser.role)
cookies.delete(:favorite_tags) cookies.delete(:favorite_tags)
cookies.delete(:favorite_tags_with_categories) cookies.delete(:favorite_tags_with_categories)
@@ -76,6 +77,12 @@ private
end end
end end
def handle_promotion!
if params[:user] && params[:user][:level]
UserPromotion.new(@user, CurrentUser.user, params[:user].delete(:level)).promote!
end
end
def check_privilege(user) def check_privilege(user)
raise User::PrivilegeError unless (user.id == CurrentUser.id || CurrentUser.is_admin?) raise User::PrivilegeError unless (user.id == CurrentUser.id || CurrentUser.is_admin?)
end end

32
app/logical/user_promotion.rb
View File

@@ -23,6 +23,22 @@ class UserPromotion
user.save user.save
end end
def create_user_feedback
if user.level > user.level_was
body_prefix = "Promoted"
elsif user.level < user.level_was
body_prefix = "Demoted"
else
body_prefix = "Updated"
end
user.feedback.create(
:category => "neutral",
:body => "#{body_prefix} from #{user.level_string_was} to #{user.level_string}",
:disable_dmail_notification => true
)
end
private private
def validate def validate
@@ -40,22 +56,6 @@ private
TransactionLogItem.record_account_upgrade(user) TransactionLogItem.record_account_upgrade(user)
end end
def create_user_feedback
if user.level > user.level_was
body_prefix = "Promoted"
elsif user.level < user.level_was
body_prefix = "Demoted"
else
body_prefix = "Updated"
end
user.feedback.create(
:category => "neutral",
:body => "#{body_prefix} from #{user.level_string_was} to #{user.level_string}",
:disable_dmail_notification => true
)
end
def create_dmail def create_dmail
if user.level >= user.level_was || user.bit_prefs_changed? if user.level >= user.level_was || user.bit_prefs_changed?
create_promotion_dmail create_promotion_dmail

26
test/functional/users_controller_test.rb
View File

@@ -70,6 +70,32 @@ class UsersControllerTest < ActionController::TestCase
@user.reload @user.reload
assert_equal("xyz", @user.favorite_tags) assert_equal("xyz", @user.favorite_tags)
end end
context "changing the level" do
setup do
@cuser = FactoryGirl.create(:user)
end
should "not work if the current user is not an admin" do
post :update, {:id => @user.id, :user => {:level => 40}}, {:user_id => @cuser.id}
@user.reload
assert_equal(20, @user.level)
end
context "where the current user is an admin" do
setup do
@admin = FactoryGirl.create(:admin_user)
end
should "create a user feedback" do
assert_difference("UserFeedback.count") do
post :update, {:id => @user.id, :user => {:level => 40}}, {:user_id => @admin.id}
end
@user.reload
assert_equal(40, @user.level)
end
end
end
end end
end end
end end