Commit 49957cf5 authored by Horacio Bertorello's avatar Horacio Bertorello

Fix errors caused by attempts to report already blocked or deleted users

parent d3c3200c
class AbuseReportsController < ApplicationController
before_action :set_user, only: [:new]
def new
@abuse_report = AbuseReport.new
@abuse_report.user_id = params[:user_id]
@abuse_report.user_id = @user.id
@ref_url = params.fetch(:ref_url, '')
end
......@@ -27,4 +29,14 @@ class AbuseReportsController < ApplicationController
user_id
))
end
def set_user
@user = User.find_by(id: params[:user_id])
if @user.nil?
redirect_to root_path, alert: "Cannot create the abuse report. The user has been deleted."
elsif @user.blocked?
redirect_to @user, alert: "Cannot create the abuse report. This user has been blocked."
end
end
end
---
title: Fix errors caused by attempts to report already blocked or deleted users
merge_request: 12502
author: Horacio Bertorello
......@@ -13,6 +13,31 @@ describe AbuseReportsController do
sign_in(reporter)
end
describe 'GET new' do
context 'when the user has already been deleted' do
it 'redirects the reporter to root_path' do
user_id = user.id
user.destroy
get :new, { user_id: user_id }
expect(response).to redirect_to root_path
expect(flash[:alert]).to eq('Cannot create the abuse report. The user has been deleted.')
end
end
context 'when the user has already been blocked' do
it 'redirects the reporter to the user\'s profile' do
user.block
get :new, { user_id: user.id }
expect(response).to redirect_to user
expect(flash[:alert]).to eq('Cannot create the abuse report. This user has been blocked.')
end
end
end
describe 'POST create' do
context 'with valid attributes' do
it 'saves the abuse report' do
......
......@@ -12,7 +12,7 @@ feature 'Abuse reports', feature: true do
click_link 'Report abuse'
fill_in 'abuse_report_message', with: 'This user send spam'
fill_in 'abuse_report_message', with: 'This user sends spam'
click_button 'Send report'
expect(page).to have_content 'Thank you for your report'
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment