user events: make all events visible to moderators.

Allow moderators to see all events on the /user_events page. Before only admins could see when a user changed their email, changed their password, or had a failed login attempt. Now moderators can see these events too. Filtering these events out made the /user_actions page slower, and it wasn't really necessary since merely knowing that a user changed their email or password isn't that much more sensitive than knowing when they logged in or out.
2022-09-16 04:20:33 -05:00
parent ee638f976f
commit bd73090b4c
2 changed files with 5 additions and 5 deletions
--- a/test/functional/user_events_controller_test.rb
+++ b/test/functional/user_events_controller_test.rb
@@ -25,11 +25,11 @@ class UserEventsControllerTest < ActionDispatch::IntegrationTest
        assert_response 403
      end

-      should "only show mods authorized events" do
+      should "show mods all events" do
        get_auth user_events_path(search: { category: "password_change" }), create(:moderator_user)

        assert_response :success
-        assert_select "tbody tr", count: 0
+        assert_select "tbody tr", count: 1
      end
    end
  end