Log admin approve and reject account (#22088)
* Log admin approve and reject account * Add unit tests for approve and reject logging
This commit is contained in:
parent
aec7de494f
commit
5ad9fea52a
4 changed files with 103 additions and 0 deletions
|
@ -55,12 +55,14 @@ module Admin
|
|||
def approve
|
||||
authorize @account.user, :approve?
|
||||
@account.user.approve!
|
||||
log_action :approve, @account.user
|
||||
redirect_to admin_accounts_path(status: 'pending'), notice: I18n.t('admin.accounts.approved_msg', username: @account.acct)
|
||||
end
|
||||
|
||||
def reject
|
||||
authorize @account.user, :reject?
|
||||
DeleteAccountService.new.call(@account, reserve_email: false, reserve_username: false)
|
||||
log_action :reject, @account.user
|
||||
redirect_to admin_accounts_path(status: 'pending'), notice: I18n.t('admin.accounts.rejected_msg', username: @account.acct)
|
||||
end
|
||||
|
||||
|
|
|
@ -54,12 +54,14 @@ class Api::V1::Admin::AccountsController < Api::BaseController
|
|||
def approve
|
||||
authorize @account.user, :approve?
|
||||
@account.user.approve!
|
||||
log_action :approve, @account.user
|
||||
render json: @account, serializer: REST::Admin::AccountSerializer
|
||||
end
|
||||
|
||||
def reject
|
||||
authorize @account.user, :reject?
|
||||
DeleteAccountService.new.call(@account, reserve_email: false, reserve_username: false)
|
||||
log_action :reject, @account.user
|
||||
render_empty
|
||||
end
|
||||
|
||||
|
|
|
@ -147,6 +147,87 @@ RSpec.describe Admin::AccountsController, type: :controller do
|
|||
end
|
||||
end
|
||||
|
||||
describe 'POST #approve' do
|
||||
subject { post :approve, params: { id: account.id } }
|
||||
|
||||
let(:current_user) { Fabricate(:user, role: role) }
|
||||
let(:account) { user.account }
|
||||
let(:user) { Fabricate(:user) }
|
||||
|
||||
before do
|
||||
account.user.update(approved: false)
|
||||
end
|
||||
|
||||
context 'when user is admin' do
|
||||
let(:role) { UserRole.find_by(name: 'Admin') }
|
||||
|
||||
it 'succeeds in approving account' do
|
||||
is_expected.to redirect_to admin_accounts_path(status: 'pending')
|
||||
expect(user.reload).to be_approved
|
||||
end
|
||||
|
||||
it 'logs action' do
|
||||
is_expected.to have_http_status :found
|
||||
|
||||
log_item = Admin::ActionLog.last
|
||||
|
||||
expect(log_item).to_not be_nil
|
||||
expect(log_item.action).to eq :approve
|
||||
expect(log_item.account_id).to eq current_user.account_id
|
||||
expect(log_item.target_id).to eq account.user.id
|
||||
end
|
||||
end
|
||||
|
||||
context 'when user is not admin' do
|
||||
let(:role) { UserRole.everyone }
|
||||
|
||||
it 'fails to approve account' do
|
||||
is_expected.to have_http_status :forbidden
|
||||
expect(user.reload).not_to be_approved
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'POST #reject' do
|
||||
subject { post :reject, params: { id: account.id } }
|
||||
|
||||
let(:current_user) { Fabricate(:user, role: role) }
|
||||
let(:account) { user.account }
|
||||
let(:user) { Fabricate(:user) }
|
||||
|
||||
before do
|
||||
account.user.update(approved: false)
|
||||
end
|
||||
|
||||
context 'when user is admin' do
|
||||
let(:role) { UserRole.find_by(name: 'Admin') }
|
||||
|
||||
it 'succeeds in rejecting account' do
|
||||
is_expected.to redirect_to admin_accounts_path(status: 'pending')
|
||||
end
|
||||
|
||||
it 'logs action' do
|
||||
is_expected.to have_http_status :found
|
||||
|
||||
log_item = Admin::ActionLog.last
|
||||
|
||||
expect(log_item).to_not be_nil
|
||||
expect(log_item.action).to eq :reject
|
||||
expect(log_item.account_id).to eq current_user.account_id
|
||||
expect(log_item.target_id).to eq account.user.id
|
||||
end
|
||||
end
|
||||
|
||||
context 'when user is not admin' do
|
||||
let(:role) { UserRole.everyone }
|
||||
|
||||
it 'fails to reject account' do
|
||||
is_expected.to have_http_status :forbidden
|
||||
expect(user.reload).not_to be_approved
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
describe 'POST #redownload' do
|
||||
subject { post :redownload, params: { id: account.id } }
|
||||
|
||||
|
|
|
@ -100,6 +100,15 @@ RSpec.describe Api::V1::Admin::AccountsController, type: :controller do
|
|||
it 'approves user' do
|
||||
expect(account.reload.user_approved?).to be true
|
||||
end
|
||||
|
||||
it 'logs action' do
|
||||
log_item = Admin::ActionLog.last
|
||||
|
||||
expect(log_item).to_not be_nil
|
||||
expect(log_item.action).to eq :approve
|
||||
expect(log_item.account_id).to eq user.account_id
|
||||
expect(log_item.target_id).to eq account.user.id
|
||||
end
|
||||
end
|
||||
|
||||
describe 'POST #reject' do
|
||||
|
@ -118,6 +127,15 @@ RSpec.describe Api::V1::Admin::AccountsController, type: :controller do
|
|||
it 'removes user' do
|
||||
expect(User.where(id: account.user.id).count).to eq 0
|
||||
end
|
||||
|
||||
it 'logs action' do
|
||||
log_item = Admin::ActionLog.last
|
||||
|
||||
expect(log_item).to_not be_nil
|
||||
expect(log_item.action).to eq :reject
|
||||
expect(log_item.account_id).to eq user.account_id
|
||||
expect(log_item.target_id).to eq account.user.id
|
||||
end
|
||||
end
|
||||
|
||||
describe 'POST #enable' do
|
||||
|
|
Loading…
Reference in a new issue