jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

users: lock out users with invalid names until they change their name.

Browse Source 
Forcibly redirect users to the name change page if their name is
invalid. This means user with invalid names can't do anything or view
any pages until they change their name. API requests are still allowed.
This commit is contained in:
evazion
2022-03-07 04:21:17 -06:00
parent 1028bb1c71
commit 525acd17a5
3 changed files with 12 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/controllers/application_controller.rb
View File

@@ -15,6 +15,7 @@ class ApplicationController < ActionController::Base
before_action :set_variant before_action :set_variant
before_action :add_headers before_action :add_headers
before_action :cause_error before_action :cause_error
before_action :redirect_if_name_invalid?
after_action :skip_session_if_publicly_cached after_action :skip_session_if_publicly_cached
after_action :reset_current_user after_action :reset_current_user
layout "default" layout "default"
@@ -198,6 +199,13 @@ class ApplicationController < ActionController::Base
render_error_page(status, error) render_error_page(status, error)
end end
def redirect_if_name_invalid?
if request.format.html? && CurrentUser.user.name_invalid?
flash[:notice] = "You must change your username to continue using #{Danbooru.config.app_name}"
redirect_to new_user_name_change_request_path
end
end
def ip_ban_check def ip_ban_check
raise User::PrivilegeError if !request.get? && IpBan.hit!(:full, CurrentUser.ip_addr) raise User::PrivilegeError if !request.get? && IpBan.hit!(:full, CurrentUser.ip_addr)
end end

2
app/controllers/user_name_change_requests_controller.rb
View File

@@ -3,6 +3,8 @@
class UserNameChangeRequestsController < ApplicationController class UserNameChangeRequestsController < ApplicationController
respond_to :html, :json, :xml respond_to :html, :json, :xml
skip_before_action :redirect_if_name_invalid?
def new def new
@change_request = authorize UserNameChangeRequest.new(permitted_attributes(UserNameChangeRequest)) @change_request = authorize UserNameChangeRequest.new(permitted_attributes(UserNameChangeRequest))
respond_with(@change_request) respond_with(@change_request)

5
test/functional/application_controller_test.rb
View File

@@ -76,13 +76,12 @@ class ApplicationControllerTest < ActionDispatch::IntegrationTest
end end
context "when a user has an invalid username" do context "when a user has an invalid username" do
should "show a warning banner" do should "redirect to the name change page" do
@user = create(:user) @user = create(:user)
@user.update_columns(name: "foo__bar") @user.update_columns(name: "foo__bar")
get_auth posts_path, @user get_auth posts_path, @user
assert_response :success assert_redirected_to new_user_name_change_request_path
assert_select "#invalid-name-notice"
end end
end end