forked from fedi/mastodon
Fix invites not being disabled upon account suspension (#11412)
* Disable invite links from disabled/suspended users * Add has_many invites relationship to users * Destroy unused invites when suspending an account
This commit is contained in:
parent
a6b4440115
commit
92569ffde8
|
@ -39,7 +39,7 @@ class InvitesController < ApplicationController
|
||||||
private
|
private
|
||||||
|
|
||||||
def invites
|
def invites
|
||||||
Invite.where(user: current_user).order(id: :desc)
|
current_user.invites.order(id: :desc)
|
||||||
end
|
end
|
||||||
|
|
||||||
def resource_params
|
def resource_params
|
||||||
|
|
|
@ -17,7 +17,7 @@
|
||||||
class Invite < ApplicationRecord
|
class Invite < ApplicationRecord
|
||||||
include Expireable
|
include Expireable
|
||||||
|
|
||||||
belongs_to :user
|
belongs_to :user, inverse_of: :invites
|
||||||
has_many :users, inverse_of: :invite
|
has_many :users, inverse_of: :invite
|
||||||
|
|
||||||
scope :available, -> { where(expires_at: nil).or(where('expires_at >= ?', Time.now.utc)) }
|
scope :available, -> { where(expires_at: nil).or(where('expires_at >= ?', Time.now.utc)) }
|
||||||
|
@ -25,7 +25,7 @@ class Invite < ApplicationRecord
|
||||||
before_validation :set_code
|
before_validation :set_code
|
||||||
|
|
||||||
def valid_for_use?
|
def valid_for_use?
|
||||||
(max_uses.nil? || uses < max_uses) && !expired?
|
(max_uses.nil? || uses < max_uses) && !expired? && !(user.nil? || user.disabled?)
|
||||||
end
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
|
@ -73,6 +73,7 @@ class User < ApplicationRecord
|
||||||
|
|
||||||
has_many :applications, class_name: 'Doorkeeper::Application', as: :owner
|
has_many :applications, class_name: 'Doorkeeper::Application', as: :owner
|
||||||
has_many :backups, inverse_of: :user
|
has_many :backups, inverse_of: :user
|
||||||
|
has_many :invites, inverse_of: :user
|
||||||
|
|
||||||
has_one :invite_request, class_name: 'UserInviteRequest', inverse_of: :user, dependent: :destroy
|
has_one :invite_request, class_name: 'UserInviteRequest', inverse_of: :user, dependent: :destroy
|
||||||
accepts_nested_attributes_for :invite_request, reject_if: ->(attributes) { attributes['text'].blank? }
|
accepts_nested_attributes_for :invite_request, reject_if: ->(attributes) { attributes['text'].blank? }
|
||||||
|
|
|
@ -64,6 +64,7 @@ class SuspendAccountService < BaseService
|
||||||
@account.user.destroy
|
@account.user.destroy
|
||||||
else
|
else
|
||||||
@account.user.disable!
|
@account.user.disable!
|
||||||
|
@account.user.invites.where(uses: 0).destroy_all
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -3,27 +3,33 @@ require 'rails_helper'
|
||||||
RSpec.describe Invite, type: :model do
|
RSpec.describe Invite, type: :model do
|
||||||
describe '#valid_for_use?' do
|
describe '#valid_for_use?' do
|
||||||
it 'returns true when there are no limitations' do
|
it 'returns true when there are no limitations' do
|
||||||
invite = Invite.new(max_uses: nil, expires_at: nil)
|
invite = Fabricate(:invite, max_uses: nil, expires_at: nil)
|
||||||
expect(invite.valid_for_use?).to be true
|
expect(invite.valid_for_use?).to be true
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'returns true when not expired' do
|
it 'returns true when not expired' do
|
||||||
invite = Invite.new(max_uses: nil, expires_at: 1.hour.from_now)
|
invite = Fabricate(:invite, max_uses: nil, expires_at: 1.hour.from_now)
|
||||||
expect(invite.valid_for_use?).to be true
|
expect(invite.valid_for_use?).to be true
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'returns false when expired' do
|
it 'returns false when expired' do
|
||||||
invite = Invite.new(max_uses: nil, expires_at: 1.hour.ago)
|
invite = Fabricate(:invite, max_uses: nil, expires_at: 1.hour.ago)
|
||||||
expect(invite.valid_for_use?).to be false
|
expect(invite.valid_for_use?).to be false
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'returns true when uses still available' do
|
it 'returns true when uses still available' do
|
||||||
invite = Invite.new(max_uses: 250, uses: 249, expires_at: nil)
|
invite = Fabricate(:invite, max_uses: 250, uses: 249, expires_at: nil)
|
||||||
expect(invite.valid_for_use?).to be true
|
expect(invite.valid_for_use?).to be true
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'returns false when maximum uses reached' do
|
it 'returns false when maximum uses reached' do
|
||||||
invite = Invite.new(max_uses: 250, uses: 250, expires_at: nil)
|
invite = Fabricate(:invite, max_uses: 250, uses: 250, expires_at: nil)
|
||||||
|
expect(invite.valid_for_use?).to be false
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'returns false when invite creator has been disabled' do
|
||||||
|
invite = Fabricate(:invite, max_uses: nil, expires_at: nil)
|
||||||
|
SuspendAccountService.new.call(invite.user.account)
|
||||||
expect(invite.valid_for_use?).to be false
|
expect(invite.valid_for_use?).to be false
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in a new issue