jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

users: don't allow users to choose reserved names.

Browse Source 
Don't allow users to choose names that conflict with search syntax, like `any` or `none`, or names
that impersonate user levels, like `Admin`, `Moderator`, `Anonymous`, etc.
This commit is contained in:
evazion
2022-11-06 15:46:38 -06:00
parent 8bd60e41a1
commit c133866cb7
6 changed files with 25 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
test/functional/user_name_change_requests_controller_test.rb
View File

@@ -67,18 +67,18 @@ class UserNameChangeRequestsControllerTest < ActionDispatch::IntegrationTest
end
should "fail for a moderator trying to change the name of someone above Builder level" do
@user = create(:moderator_user, name: "mod")
@user = create(:moderator_user, name: "bob")
post_auth user_name_change_requests_path, create(:moderator_user), params: { user_name_change_request: { user_id: @user.id, desired_name: "zun" }}
assert_response 403
assert_equal("mod", @user.reload.name)
assert_equal("bob", @user.reload.name)
end
end
context "show action" do
setup do
@change_request = as(@user) { create(:user_name_change_request, user_id: @user.id) }
@user.update!(name: "user_#{@user.id}")
@user.update!(is_deleted: true)
end
should "render" do