Actions for locking/unlocking accounts

This commit is contained in:
swagg boi 2023-04-21 22:25:05 -04:00
parent 27fda1f00a
commit 10cd3cffb1
8 changed files with 125 additions and 3 deletions

View file

@ -32,7 +32,6 @@ Run the tests locally (against development environment):
## TODOs
1. Action for locking/unlocking accounts
1. CSS
1. "All new posts flagged" mode (require approval for new posts)

View file

@ -206,6 +206,15 @@ sub startup($self) {
$mod_admin->any([qw{GET POST}], '/reset')
->to('moderator#admin_reset')
->name('admin_reset');
# lock() is a builtin so use _acct suffix
$mod_admin->any([qw{GET POST}], '/lock')
->to('moderator#lock_acct')
->name('lock_acct');
$mod_admin->any([qw{GET POST}], '/unlock')
->to('moderator#unlock_acct')
->name('unlock_acct');
}
1;

View file

@ -233,4 +233,48 @@ sub mod_reset($self) {
return $self->render;
}
sub lock_acct($self) {
my $v;
$v = $self->validation if $self->req->method eq 'POST';
if ($v && $v->has_data) {
$v->required('email');
if ($v->has_error) {
$self->stash(status => 400)
}
else {
my $email = $self->param('email');
$self->moderator->lock_acct($email);
$self->stash(info => "Account $email has been locked 🔒");
}
}
return $self->render;
}
sub unlock_acct($self) {
my $v;
$v = $self->validation if $self->req->method eq 'POST';
if ($v && $v->has_data) {
$v->required('email');
if ($v->has_error) {
$self->stash(status => 400)
}
else {
my $email = $self->param('email');
$self->moderator->unlock_acct($email);
$self->stash(info => "Account $email has been unlocked 🔓");
}
}
return $self->render;
}
1;

View file

@ -192,4 +192,20 @@ sub mod_reset($self, $mod_id, $password) {
END_SQL
}
sub lock_acct($self, $email) {
$self->pg->db->query(<<~'END_SQL', $email)
UPDATE moderators
SET lock_status = TRUE
WHERE email_addr = ?;
END_SQL
}
sub unlock_acct($self, $email) {
$self->pg->db->query(<<~'END_SQL', $email)
UPDATE moderators
SET lock_status = FALSE
WHERE email_addr = ?;
END_SQL
}
1;

View file

@ -41,6 +41,24 @@ subtest Login => sub {
->status_is(200)
->text_like(h2 => qr/Reset Password/)
->element_exists('a[href*="/moderator/admin/reset"]')
->element_exists('form input[name="email"]' )
->element_exists('form input[name="password"]' )
};
subtest Lock => sub {
$t->get_ok('/moderator/admin/lock')
->status_is(200)
->text_like(h2 => qr/Lock Account/)
->element_exists('a[href*="/moderator/admin/lock"]')
->element_exists('form input[name="email"]' )
};
subtest Unlock => sub {
$t->get_ok('/moderator/admin/unlock')
->status_is(200)
->text_like(h2 => qr/Unlock Account/)
->element_exists('a[href*="/moderator/admin/unlock"]')
->element_exists('form input[name="email"]' )
};
# Admin session ends
@ -51,15 +69,33 @@ subtest Login => sub {
subtest 'No admin, no buttons', sub {
$t->get_ok('/thread/single/1')
->status_is(200)
->element_exists_not('a[href*="/moderator/admin/create"]');
->element_exists_not('a[href*="/moderator/admin/create"]')
->element_exists_not('a[href*="/moderator/admin/reset"]' )
->element_exists_not('a[href*="/moderator/admin/lock"]' )
->element_exists_not('a[href*="/moderator/admin/unlock"]');
$t->get_ok('/remark/single/1')
->status_is(200)
->element_exists_not('a[href*="/moderator/admin/create"]');
->element_exists_not('a[href*="/moderator/admin/create"]')
->element_exists_not('a[href*="/moderator/admin/reset"]' )
->element_exists_not('a[href*="/moderator/admin/lock"]' )
->element_exists_not('a[href*="/moderator/admin/unlock"]');
$t->get_ok('/moderator/admin/create')
->status_is(302)
->header_like(Location => qr/login/);
$t->get_ok('/moderator/admin/reset')
->status_is(302)
->header_like(Location => qr/login/);
$t->get_ok('/moderator/admin/lock')
->status_is(302)
->header_like(Location => qr/login/);
$t->get_ok('/moderator/admin/unlock')
->status_is(302)
->header_like(Location => qr/login/);
};
};

View file

@ -28,6 +28,8 @@
<span>Admin:</span>
<%= link_to Create => 'create_mod' %>
<%= link_to Reset => 'admin_reset' %>
<%= link_to Lock => 'lock_acct' %>
<%= link_to Unlock => 'unlock_acct' %>
<% } =%>
</div>
</nav>

View file

@ -0,0 +1,8 @@
% layout 'default';
% title 'Lock Account';
<h2><%= title %></h2>
<form method="post">
<%= label_for email => 'Email' %>
<%= email_field 'email' %>
<%= submit_button 'Lock' %>
</form>

View file

@ -0,0 +1,8 @@
% layout 'default';
% title 'Unlock Account';
<h2><%= title %></h2>
<form method="post">
<%= label_for email => 'Email' %>
<%= email_field 'email' %>
<%= submit_button 'Unlock' %>
</form>