From cda1ee3d8803f0155edf6b33e9fc3b442823b2d8 Mon Sep 17 00:00:00 2001
From: evazion <noizave@gmail.com>
Date: Thu, 6 Jul 2017 18:21:58 -0500
Subject: [PATCH] /users: allow banned users to edit account settings.

The member_only check prevents banned users from editing their account
settings. This isn't needed since check_privilege handles the privilege check.
---
 app/controllers/users_controller.rb      | 1 -
 test/functional/users_controller_test.rb | 9 +++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index d501df51f..b837dc652 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -1,6 +1,5 @@
 class UsersController < ApplicationController
   respond_to :html, :xml, :json
-  before_filter :member_only, :only => [:edit, :update]
   skip_before_filter :api_check
 
   def new
diff --git a/test/functional/users_controller_test.rb b/test/functional/users_controller_test.rb
index 77fe9b81f..76e56dc16 100644
--- a/test/functional/users_controller_test.rb
+++ b/test/functional/users_controller_test.rb
@@ -124,6 +124,15 @@ class UsersControllerTest < ActionController::TestCase
           assert_equal(20, @user.level)
         end
       end
+
+      context "for a banned user" do
+        should "allow the user to edit their settings" do
+          @user = FactoryGirl.create(:banned_user)
+          post :update, {:id => @user.id, :user => {:favorite_tags => "xyz"}}, {:user_id => @user.id}
+
+          assert_equal("xyz", @user.reload.favorite_tags)
+        end
+      end
     end
   end
 end