1
0
Fork 0
forked from fedi/mastodon

Fix account action type validation (#19476)

* Fix account action type validation

Fix #19143

* Fix #19145

* Fix code style issues
This commit is contained in:
Eugen Rochko 2022-10-30 02:44:32 +02:00 committed by GitHub
parent 276b85bc91
commit 40c7f3e830
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 37 additions and 22 deletions

View file

@ -25,6 +25,8 @@ class Admin::AccountAction
alias send_email_notification? send_email_notification
alias include_statuses? include_statuses
validates :type, :target_account, :current_account, presence: true
def initialize(attributes = {})
@send_email_notification = true
@include_statuses = true
@ -41,13 +43,15 @@ class Admin::AccountAction
end
def save!
raise ActiveRecord::RecordInvalid, self unless valid?
ApplicationRecord.transaction do
process_action!
process_strike!
process_reports!
end
process_email!
process_reports!
process_queue!
end
@ -106,9 +110,8 @@ class Admin::AccountAction
# Otherwise, we will mark all unresolved reports about
# the account as resolved.
reports.each { |report| authorize(report, :update?) }
reports.each do |report|
authorize(report, :update?)
log_action(:resolve, report)
report.resolve!(current_account)
end

View file

@ -30,6 +30,7 @@ RSpec.describe Api::V1::Admin::AccountActionsController, type: :controller do
end
describe 'POST #create' do
context do
before do
post :create, params: { account_id: account.id, type: 'disable' }
end
@ -54,4 +55,15 @@ RSpec.describe Api::V1::Admin::AccountActionsController, type: :controller do
expect(log_item.target_id).to eq account.user.id
end
end
context 'with no type' do
before do
post :create, params: { account_id: account.id }
end
it 'returns http unprocessable entity' do
expect(response).to have_http_status(422)
end
end
end
end