edshot99/eBooru
1
0
Fork 0
forked from e621ng/e621ng
Code Issues 11 Releases 1 Activity

[Users] Allow moderators to handle tickets

Browse Source
This commit is contained in:
Earlopain 2022-11-28 16:21:40 +01:00
parent 731fc5a42f
commit 665f432e17
No known key found for this signature in database
GPG Key ID: 6CFB948E15246897
87 changed files with 179 additions and 168 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/admin/users_controller.rb
View File

@ -1,7 +1,7 @@
require_relative '../../logical/danbooru/paginator/elasticsearch_extensions'
module Admin
class UsersController < ApplicationController
before_action :moderator_only
before_action :admin_only
respond_to :html, :json
def alt_list

2
app/controllers/artist_versions_controller.rb
View File

@ -11,7 +11,7 @@ class ArtistVersionsController < ApplicationController
def search_params
permitted_params = %i[name updater_name updater_id artist_id is_active order]
permitted_params += %i[ip_addr] if CurrentUser.is_moderator?
permitted_params += %i[ip_addr] if CurrentUser.is_admin?
permit_search_params permitted_params
end
end

5
app/controllers/blips_controller.rb
View File

@ -2,7 +2,8 @@ class BlipsController < ApplicationController
class BlipTooOld < Exception ; end
respond_to :html, :json
before_action :member_only, only: [:create, :new, :update, :edit, :hide]
before_action :moderator_only, only: [:unhide, :destroy, :warning]
before_action :moderator_only, only: [:unhide, :warning]
before_action :admin_only, only: [:destroy]
rescue_from BlipTooOld, with: :blip_too_old
@ -99,7 +100,7 @@ class BlipsController < ApplicationController
def search_params
permitted_params = %i[body_matches response_to creator_name creator_id order]
permitted_params += %i[ip_addr] if CurrentUser.is_moderator?
permitted_params += %i[ip_addr] if CurrentUser.is_admin?
permit_search_params permitted_params
end

3
app/controllers/bulk_update_requests_controller.rb
View File

@ -67,8 +67,7 @@ class BulkUpdateRequestsController < ApplicationController
def bur_params(context)
permitted_params = %i[script]
permitted_params += %i[title reason forum_topic_id] if context == :create
permitted_params += %i[skip_forum] if CurrentUser.is_moderator?
permitted_params += %i[forum_topic_id forum_post_id] if context == :update && CurrentUser.is_admin?
permitted_params += %i[forum_topic_id forum_post_id skip_forum] if context == :update && CurrentUser.is_admin?
params.require(:bulk_update_request).permit(permitted_params)
end

3
app/controllers/comment_votes_controller.rb
View File

@ -2,7 +2,8 @@ class CommentVotesController < ApplicationController
respond_to :json
respond_to :html, only: [:index]
before_action :voter_only
before_action :admin_only, only: [:index, :lock, :delete]
before_action :moderator_only, only: [:index, :lock]
before_action :admin_only, only: [:delete]
skip_before_action :api_check
def create

6
app/controllers/comments_controller.rb
View File

@ -1,7 +1,8 @@
class CommentsController < ApplicationController
respond_to :html, :json
before_action :member_only, :except => [:index, :search, :show]
before_action :moderator_only, only: [:unhide, :destroy, :warning]
before_action :moderator_only, only: [:unhide, :warning]
before_action :admin_only, only: [:destroy]
skip_before_action :api_check
def index
@ -126,7 +127,8 @@ private
def search_params
permitted_params = %i[body_matches post_id post_tags_match creator_name creator_id poster_id is_sticky do_not_bump_post order]
permitted_params += %i[is_hidden ip_addr] if CurrentUser.is_moderator?
permitted_params += %i[is_hidden] if CurrentUser.is_moderator?
permitted_params += %i[ip_addr] if CurrentUser.is_admin?
permit_search_params permitted_params
end

3
app/controllers/forum_posts_controller.rb
View File

@ -1,7 +1,8 @@
class ForumPostsController < ApplicationController
respond_to :html, :json
before_action :member_only, :except => [:index, :show, :search]
before_action :moderator_only, only: [:destroy, :unhide, :warning]
before_action :moderator_only, only: [:unhide, :warning]
before_action :admin_only, only: [:destroy]
before_action :load_post, :only => [:edit, :show, :update, :destroy, :hide, :unhide, :warning]
before_action :check_min_level, :only => [:edit, :show, :update, :destroy, :hide, :unhide]
skip_before_action :api_check

3
app/controllers/forum_topics_controller.rb
View File

@ -1,7 +1,8 @@
class ForumTopicsController < ApplicationController
respond_to :html, :json
before_action :member_only, :except => [:index, :show]
before_action :moderator_only, :only => [:new_merge, :create_merge, :unhide, :destroy]
before_action :moderator_only, :only => [:unhide]
before_action :admin_only, only: [:destroy, :new_merge, :create_merge]
before_action :normalize_search, :only => :index
before_action :load_topic, :only => [:edit, :show, :update, :destroy, :hide, :unhide, :new_merge, :create_merge, :subscribe, :unsubscribe]
before_action :check_min_level, :only => [:show, :edit, :update, :new_merge, :create_merge, :destroy, :hide, :unhide, :subscribe, :unsubscribe]

2
app/controllers/ip_bans_controller.rb
View File

@ -1,6 +1,6 @@
class IpBansController < ApplicationController
respond_to :html, :json
before_action :moderator_only
before_action :admin_only
def new
@ip_ban = IpBan.new

2
app/controllers/moderator/ip_addrs_controller.rb
View File

@ -1,6 +1,6 @@
module Moderator
class IpAddrsController < ApplicationController
before_action :moderator_only
before_action :admin_only
respond_to :html, :json
def index

2
app/controllers/moderator/tags_controller.rb
View File

@ -1,6 +1,6 @@
module Moderator
class TagsController < ApplicationController
before_action :moderator_only
before_action :admin_only
def edit
end

2
app/controllers/note_versions_controller.rb
View File

@ -12,7 +12,7 @@ class NoteVersionsController < ApplicationController
def search_params
permitted_params = %i[updater_id post_id note_id is_active body_matches]
permitted_params += %i[ip_addr] if CurrentUser.is_moderator?
permitted_params += %i[ip_addr] if CurrentUser.is_admin?
permit_search_params permitted_params
end
end

2
app/controllers/pool_versions_controller.rb
View File

@ -25,7 +25,7 @@ class PoolVersionsController < ApplicationController
def search_params
permitted_params = %i[updater_id updater_name pool_id]
permitted_params += %i[ip_addr] if CurrentUser.is_moderator?
permitted_params += %i[ip_addr] if CurrentUser.is_admin?
permit_search_params permitted_params
end
end

2
app/controllers/post_favorites_controller.rb
View File

@ -5,7 +5,7 @@ class PostFavoritesController < ApplicationController
def index
@post = Post.find(params[:post_id])
query = User.includes(:user_status).joins(:favorites)
unless CurrentUser.is_admin?
unless CurrentUser.is_moderator?
query = query.where("bit_prefs & :value != :value", {value: 2**User::BOOLEAN_ATTRIBUTES.find_index("enable_privacy_mode")}).or(query.where(favorites: {user_id: CurrentUser.id}))
end
query = query.where(favorites: {post_id: @post.id})

2
app/controllers/post_flags_controller.rb
View File

@ -51,7 +51,7 @@ class PostFlagsController < ApplicationController
def search_params
# creator_id and creator_name are special cased in the model search function
permitted_params = %i[reason_matches creator_id creator_name post_id post_tags_match is_resolved category]
permitted_params += %i[ip_addr] if CurrentUser.is_moderator?
permitted_params += %i[ip_addr] if CurrentUser.is_admin?
permit_search_params permitted_params
end

2
app/controllers/post_replacements_controller.rb
View File

@ -2,7 +2,7 @@ class PostReplacementsController < ApplicationController
respond_to :html, :json
before_action :member_only, only: [:create, :new]
before_action :janitor_only, only: [:approve, :reject, :promote, :toggle_penalize]
before_action :moderator_only, only: [:destroy]
before_action :admin_only, only: [:destroy]
content_security_policy only: [:new] do |p|
p.img_src :self, :data, :blob, "*"

8
app/controllers/post_sets_controller.rb
View File

@ -4,13 +4,13 @@ class PostSetsController < ApplicationController
def index
if !params[:post_id].blank?
if CurrentUser.is_admin?
if CurrentUser.is_moderator?
@post_sets = PostSet.where_has_post(params[:post_id].to_i).paginate(params[:page], limit: 50)
else
@post_sets = PostSet.visible(CurrentUser.user).where_has_post(params[:post_id].to_i).paginate(params[:page], limit: 50)
end
elsif !params[:maintainer_id].blank?
if CurrentUser.is_admin?
if CurrentUser.is_moderator?
@post_sets = PostSet.where_has_maintainer(params[:maintainer_id].to_i).paginate(params[:page], limit: 50)
else
@post_sets = PostSet.visible(CurrentUser.user).where_has_maintainer(CurrentUser.id).paginate(params[:page], limit: 50)
@ -86,7 +86,7 @@ class PostSetsController < ApplicationController
def destroy
@post_set = PostSet.find(params[:id])
check_settings_edit_access(@post_set)
if CurrentUser.is_admin?
if @post_set.creator != CurrentUser.user
ModAction.log(:set_delete, {set_id: @post_set.id, user_id: @post_set.creator_id})
end
@post_set.destroy
@ -151,7 +151,7 @@ class PostSetsController < ApplicationController
def search_params
permitted_params = %i[name shortname creator_id creator_name order]
permitted_params += %i[is_public] if CurrentUser.is_admin?
permitted_params += %i[is_public] if CurrentUser.is_moderator?
permit_search_params permitted_params
end
end

3
app/controllers/post_votes_controller.rb
View File

@ -1,6 +1,7 @@
class PostVotesController < ApplicationController
before_action :voter_only
before_action :admin_only, only: [:index, :lock, :delete]
before_action :moderator_only, only: [:index, :lock]
before_action :admin_only, only: [:delete]
skip_before_action :api_check
def create

3
app/controllers/posts_controller.rb
View File

@ -173,7 +173,8 @@ class PostsController < ApplicationController
]
permitted_params += %i[is_rating_locked] if CurrentUser.is_privileged?
permitted_params += %i[is_note_locked bg_color] if CurrentUser.is_janitor?
permitted_params += %i[is_status_locked is_comment_disabled locked_tags hide_from_anonymous hide_from_search_engines] if CurrentUser.is_admin?
permitted_params += %i[is_status_locked is_comment_disabled locked_tags] if CurrentUser.is_moderator?
permitted_params += %i[hide_from_anonymous hide_from_search_engines] if CurrentUser.is_admin?
params.require(:post).permit(permitted_params)
end

2
app/controllers/tag_alias_requests_controller.rb
View File

@ -21,7 +21,7 @@ private
def tar_params
permitted = %i{antecedent_name consequent_name reason}
permitted += [:skip_forum] if CurrentUser.is_moderator?
permitted += [:skip_forum] if CurrentUser.is_admin?
params.require(:tag_alias_request).permit(permitted)
end
end

2
app/controllers/tag_aliases_controller.rb
View File

@ -1,5 +1,5 @@
class TagAliasesController < ApplicationController
before_action :moderator_only, except: [:index, :show, :destroy]
before_action :admin_only, except: [:index, :show, :destroy]
respond_to :html, :json, :js
def show

2
app/controllers/tag_implication_requests_controller.rb
View File

@ -21,7 +21,7 @@ private
def tir_params
permitted = %i{antecedent_name consequent_name reason}
permitted += [:skip_forum] if CurrentUser.is_moderator?
permitted += [:skip_forum] if CurrentUser.is_admin?
params.require(:tag_implication_request).permit(permitted)
end
end

2
app/controllers/tag_implications_controller.rb
View File

@ -1,5 +1,5 @@
class TagImplicationsController < ApplicationController
before_action :moderator_only, except: [:index, :show, :destroy]
before_action :admin_only, except: [:index, :show, :destroy]
respond_to :html, :json, :js
def show

6
app/controllers/tickets_controller.rb
View File

@ -1,7 +1,7 @@
class TicketsController < ApplicationController
respond_to :html
before_action :member_only, except: [:index]
before_action :admin_only, only: [:update, :edit, :destroy, :claim, :unclaim]
before_action :moderator_only, only: [:update, :edit, :destroy, :claim, :unclaim]
def index
@tickets = Ticket.search(search_params).paginate(params[:page], limit: params[:limit])
@ -95,8 +95,8 @@ class TicketsController < ApplicationController
def search_params
current_search_params = params.fetch(:search, {})
permitted_params = %i[qtype status order]
permitted_params += %i[creator_id] if CurrentUser.is_admin? || (current_search_params[:creator_id].present? && current_search_params[:creator_id].to_i == CurrentUser.id)
permitted_params += %i[creator_name accused_name accused_id claimant_id reason] if CurrentUser.is_admin?
permitted_params += %i[creator_id] if CurrentUser.is_moderator? || (current_search_params[:creator_id].present? && current_search_params[:creator_id].to_i == CurrentUser.id)
permitted_params += %i[creator_name accused_name accused_id claimant_id reason] if CurrentUser.is_moderator?
permit_search_params permitted_params
end

3
app/controllers/users_controller.rb
View File

@ -137,8 +137,7 @@ class UsersController < ApplicationController
def search_params
permitted_params = %i[name_matches level min_level max_level can_upload_free can_approve_posts order]
permitted_params += [:ip_addr] if CurrentUser.is_moderator?
permitted_params += [:email_matches] if CurrentUser.is_admin?
permitted_params += %i[ip_addr email_matches] if CurrentUser.is_admin?
permit_search_params permitted_params
end

2
app/controllers/wiki_page_versions_controller.rb
View File

@ -25,7 +25,7 @@ class WikiPageVersionsController < ApplicationController
def search_params
permitted_params = %i[updater_id wiki_page_id title body is_locked is_deleted]
permitted_params += %i[ip_addr] if CurrentUser.is_moderator?
permitted_params += %i[ip_addr] if CurrentUser.is_admin?
permit_search_params permitted_params
end
end

2
app/controllers/wiki_pages_controller.rb
View File

@ -1,7 +1,7 @@
class WikiPagesController < ApplicationController
respond_to :html, :json, :js
before_action :member_only, :except => [:index, :search, :show, :show_or_new]
before_action :moderator_only, :only => [:destroy]
before_action :admin_only, :only => [:destroy]
before_action :normalize_search_params, :only => [:index]
def new

6
app/helpers/bulk_update_requests_helper.rb
View File

@ -1,6 +1,6 @@
module BulkUpdateRequestsHelper
def approved?(command, antecedent, consequent)
return false unless CurrentUser.is_moderator?
return false unless CurrentUser.is_admin?
case command
when :create_alias
@ -25,7 +25,7 @@ module BulkUpdateRequestsHelper
end
def failed?(command, antecedent, consequent)
return false unless CurrentUser.is_moderator?
return false unless CurrentUser.is_admin?
case command
when :create_alias
@ -73,7 +73,7 @@ module BulkUpdateRequestsHelper
end
def script_with_line_breaks(bur, with_decorations:)
hash = Cache.hash "#{CurrentUser.is_moderator? ? "mod" : ""}#{with_decorations ? "color" : ""}#{bur.status}#{bur.script}"
hash = Cache.hash "#{CurrentUser.is_admin? ? "mod" : ""}#{with_decorations ? "color" : ""}#{bur.status}#{bur.script}"
Cache.get(hash, 3600) do
script_tokenized = AliasAndImplicationImporter.tokenize(bur.script)
script_tags = collect_script_tags(script_tokenized)

2
app/helpers/post_flags_helper.rb
View File

@ -10,7 +10,7 @@ module PostFlagsHelper
if CurrentUser.can_view_flagger_on_post?(flag)
html << " - #{link_to_user(flag.creator)}"
if CurrentUser.is_moderator?
if CurrentUser.is_admin?
html << " (#{link_to_ip(flag.creator_ip_addr)})"
end
end

7
app/models/dmail.rb
View File

@ -167,7 +167,7 @@ class Dmail < ApplicationRecord
# System user must be able to send dmails at a very high rate, do not rate limit the system user.
return true if bypass_limits == true
return true if from_id == User.system.id
return true if from.is_admin?
return true if from.is_moderator?
allowed = CurrentUser.can_dmail_with_reason
minute_allowed = CurrentUser.can_dmail_minute_with_reason
if allowed != true || minute_allowed != true
@ -247,7 +247,8 @@ class Dmail < ApplicationRecord
end
def visible_to?(user)
return true if user.is_admin? && from_id == ::User.system.id
owner_id == user.id || (user.is_admin? && (to.is_admin? || from.is_admin? || Ticket.exists?(qtype: 'dmail', disp_id: id)))
return true if user.is_moderator? && (from_id == User.system.id || Ticket.exists?(qtype: "dmail", disp_id: id))
return true if user.is_admin? && (to.is_admin? || from.is_admin?)
owner_id == user.id
end
end

2
app/models/forum_post.rb
View File

@ -164,7 +164,7 @@ class ForumPost < ApplicationRecord
end
def can_delete?(user)
user.is_moderator?
user.is_admin?
end
def update_topic_updated_at_on_create

2
app/models/forum_topic.rb
View File

@ -151,7 +151,7 @@ class ForumTopic < ApplicationRecord
end
def can_delete?(user)
user.is_moderator?
user.is_admin?
end
def create_mod_action_for_delete

2
app/models/post.rb
View File

@ -814,7 +814,7 @@ class Post < ApplicationRecord
self.is_rating_locked = ($1 != "-") if CurrentUser.is_janitor?
when /^(-?)locked:status$/i
self.is_status_locked = ($1 != "-") if CurrentUser.is_admin?
self.is_status_locked = ($1 != "-") if CurrentUser.is_moderator?
end
end

2
app/models/post_flag.rb
View File

@ -172,7 +172,7 @@ class PostFlag < ApplicationRecord
end
def validate_post
errors.add(:post, "is locked and cannot be flagged") if post.is_status_locked? && !(creator.is_admin? || force_flag)
errors.add(:post, "is locked and cannot be flagged") if post.is_status_locked? && !(creator.is_moderator? || force_flag)
errors.add(:post, "is deleted") if post.is_deleted?
end

4
app/models/post_set.rb
View File

@ -48,7 +48,7 @@ class PostSet < ApplicationRecord
def self.visible(user = CurrentUser.user)
return where('is_public = true') if user.nil?
return all() if user.is_admin?
return all if user.is_moderator?
where('is_public = true OR creator_id = ?', user.id)
end
@ -145,7 +145,7 @@ class PostSet < ApplicationRecord
module AccessMethods
def can_view?(user)
is_public || is_owner?(user) || user.is_admin?
is_public || is_owner?(user) || user.is_moderator?
end
def can_edit_settings?(user)

7
app/models/tag.rb
View File

@ -1139,11 +1139,10 @@ class Tag < ApplicationRecord
end
def category_editable_by?(user)
return false if user.nil? or !user.is_member?
return false if is_locked? && !user.is_moderator?
return false if TagCategory.mod_only_mapping[TagCategory.reverse_mapping[category]] && !user.is_moderator?
return true if post_count < Danbooru.config.tag_type_change_cutoff
return true if user.is_moderator?
return false if is_locked?
return false if TagCategory.mod_only_mapping[TagCategory.reverse_mapping[category]]
return true if post_count < Danbooru.config.tag_type_change_cutoff
false
end

6
app/models/tag_relationship.rb
View File

@ -73,15 +73,15 @@ class TagRelationship < ApplicationRecord
end
def approvable_by?(user)
is_pending? && user.is_moderator?
is_pending? && user.is_admin?
end
def deletable_by?(user)
user.is_moderator? || (is_pending? && creator.id == user.id)
user.is_admin? || (is_pending? && creator.id == user.id)
end
def editable_by?(user)
is_pending? && user.is_moderator?
is_pending? && user.is_admin?
end
module SearchMethods

8
app/models/ticket.rb
View File

@ -81,7 +81,7 @@ class Ticket < ApplicationRecord
end
def can_see_details?(user)
user.is_admin? || (user.id == creator_id)
user.is_moderator? || (user.id == creator_id)
end
end
@ -139,7 +139,7 @@ class Ticket < ApplicationRecord
end
def can_see_details?(user)
user.is_admin? || user.id == creator_id
user.is_moderator? || user.id == creator_id
end
end
end
@ -147,7 +147,7 @@ class Ticket < ApplicationRecord
module APIMethods
def hidden_attributes
hidden = []
hidden += %i[claimant_id] unless CurrentUser.is_admin?
hidden += %i[claimant_id] unless CurrentUser.is_moderator?
hidden += %i[creator_id] unless can_see_reporter?(CurrentUser)
hidden += %i[disp_id reason] unless can_see_details?(CurrentUser)
super + hidden
@ -243,7 +243,7 @@ class Ticket < ApplicationRecord
end
def can_see_reporter?(user)
user.is_admin? || (user.id == creator_id)
user.is_moderator? || (user.id == creator_id)
end
def can_create_for?(user)

2
app/models/user.rb
View File

@ -896,7 +896,7 @@ class User < ApplicationRecord
end
def hide_favorites?
return false if CurrentUser.is_admin?
return false if CurrentUser.is_moderator?
return true if is_blocked?
enable_privacy_mode? && CurrentUser.user.id != id
end

2
app/views/artist_versions/_standard_listing.html.erb
View File

@ -48,7 +48,7 @@
<%= link_to "»", artist_versions_path(search: { updater_name: artist_version.updater_name }) %>
<p>
<%= compact_time(artist_version.updated_at) %>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
(<%= link_to_ip artist_version.updater_ip_addr %>)
<% end %>
</p>

2
app/views/blips/_search.html.erb
View File

@ -2,7 +2,7 @@
<%= f.input :creator_name, label: "Blipper", autocomplete: "user" %>
<%= f.input :body_matches, label: "Body" %>
<%= f.input :response_to, label: "Parent Blip #" %>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<%= f.input :ip_addr, label: "Ip Address" %>
<% end %>
<%= f.input :order, include_blank: false, collection: [%w(Created id_desc), %w(Updated updated_at_desc)] %>

8
app/views/blips/partials/show/_blip.html.erb
View File

@ -45,7 +45,7 @@
<li><%= link_to "Unhide", unhide_blip_path(blip), data: {confirm: "Are you sure you want to unhide this blip?"}, method: :post %></li>
<% end %>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<li><%= link_to "Delete", blip_path(blip), data: {confirm: "Are you sure you want to delete this blip?"}, method: :delete %></li>
<% end %>
@ -60,12 +60,14 @@
<% if CurrentUser.is_moderator? %>
<li>|</li>
<li><%= link_to "Show Edits", edit_history_path(id: blip.id, type: 'Blip') %></li>
<%= render "user_warnable/buttons", model: blip %>
<% end %>
<% if CurrentUser.is_admin? %>
<li>|</li>
<li>
<strong>IP</strong>
<span><%= link_to_ip blip.creator_ip_addr %></span>
</li>
<li>|</li>
<%= render "user_warnable/buttons", model: blip %>
<% end %>
</menu>
</div>

2
app/views/bulk_update_requests/_form.html.erb
View File

@ -26,7 +26,7 @@
<%= f.input :reason, as: :dtext, limit: Danbooru.config.forum_post_max_size %>
<% end %>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<div class="input">
<label class="checkbox optional" for="bulk_update_request_skip_forum">
<%= check_box "bulk_update_request", "skip_forum" %>

4
app/views/comments/_search.html.erb
View File

@ -3,8 +3,10 @@
<%= f.input :creator_name, label: "Commenter", autocomplete: "user" %>
<%= f.input :body_matches, label: "Body" %>
<%= f.input :post_tags_match, label: "Tags", autocomplete: "tag-query" %>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<%= f.input :ip_addr, label: "Ip Address" %>
<% end %>
<% if CurrentUser.is_moderator? %>
<%= f.input :is_hidden, label: "Hidden?", collection: [["Yes", true], ["No", false]] %>
<% end %>
<%= f.input :is_sticky, label: "Sticky?", collection: [["Yes", true], ["No", false]] %>

7
app/views/comments/partials/index/_header.html.erb
View File

@ -4,12 +4,6 @@
<strong>Date</strong>
<%= compact_time(post.created_at) %>
</span>
<% if CurrentUser.is_moderator? %>
<span class="info">
<strong>User</strong>
<%= link_to_user(post.uploader) %>
</span>
<% end %>
<span class="info">
<strong>Rating</strong>
<%= post.rating %>
@ -29,4 +23,3 @@
</div>
</div>
</div>

2
app/views/comments/partials/index/_list.html.erb
View File

@ -2,7 +2,7 @@
<% if post.is_comment_disabled %>
Comment section has been disabled.
<% end %>
<% if !post.is_comment_disabled || CurrentUser.is_admin? %>
<% if !post.is_comment_disabled || CurrentUser.is_moderator? %>
<div class="row notices">
<% if post.comments.hidden(CurrentUser.user).count > 0 || (params[:controller] == "comments" && post.comments.count > 6) %>
<span class="info" id="threshold-comments-notice-for-<%= post.id %>">

10
app/views/comments/partials/show/_comment.html.erb
View File

@ -43,12 +43,12 @@
<li><%= tag.a "Unhide", href: '#', class: 'comment-unhide-link' %></li>
<% end %>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<li><%= tag.a "Delete", href: '#', class: 'comment-delete-link' %></li>
<% end %>
<li>|</li>
<%= comment_vote_block(comment, @comment_votes[comment.id]) %>
<% if CurrentUser.is_admin? %>
<% if CurrentUser.is_moderator? %>
<li><%= link_to "(List)", controller: 'comment_votes', search: { comment_id: comment.id } %></li>
<% end %>
<% if CurrentUser.is_member? && !comment.is_sticky %>
@ -58,12 +58,14 @@
<% if CurrentUser.is_moderator? %>
<li>|</li>
<li><%= link_to "Show Edits", edit_history_path(id: comment.id, type: 'Comment') %></li>
<%= render "user_warnable/buttons", model: comment %>
<% end %>
<% if CurrentUser.is_admin? %>
<li>|</li>
<li>
<strong>IP</strong>
<span><%= link_to_ip comment.creator_ip_addr %></span>
</li>
<li>|</li>
<%= render "user_warnable/buttons", model: comment %>
<% end %>
</menu>
<% if comment.editable_by?(CurrentUser.user) %>

2
app/views/dmails/show.html.erb
View File

@ -8,7 +8,7 @@
<li><strong>Sender</strong>: <%= link_to_user @dmail.from %></li>
<li><strong>Recipient</strong>: <%= link_to_user @dmail.to %></li>
<li><strong>Date</strong>: <%= compact_time(@dmail.created_at) %></li>
<% if CurrentUser.user.is_moderator? %>
<% if CurrentUser.is_admin? %>
<li><strong>Sender IP</strong>: <%= link_to_ip @dmail.creator_ip_addr %></li>
<% end %>
</ul>

8
app/views/edit_histories/index.html.erb
View File

@ -8,7 +8,9 @@
<th></th>
<th>Type</th>
<th>Date</th>
<th>IP Address</th>
<% if CurrentUser.is_admin? %>
<th>IP Address</th>
<% end %>
<th>Editor</th>
<th>Body</th>
<th>Subject</th>
@ -21,7 +23,9 @@
<td><%= link_to "Show", action: "show", id: edit.versionable_id, type: edit.versionable_type %></td>
<td><%= edit.versionable_type %></td>
<td><%= edit.updated_at.strftime("%b %d, %Y %I:%M %p") %></td>
<td><%= link_to_ip edit.ip_addr %></td>
<% if CurrentUser.is_admin? %>
<td><%= link_to_ip edit.ip_addr %></td>
<% end %>
<td><%= link_to_user edit.user %></td>
<td><%= edit.body[0..30] %></td>
<td><%= edit.subject&[0..30] %></td>

4
app/views/edit_histories/show.html.erb
View File

@ -8,7 +8,9 @@
<div class="author">
<h6><%= link_to_user edit.user %></h6>
<span class="date" title="<%= time_ago_in_words(edit.created_at) + " ago" %>"><%= edit.created_at.strftime("%b %d, %Y %I:%M %p") %></span>
<div><%= link_to_ip edit.ip_addr %></div>
<% if CurrentUser.is_admin? %>
<div><%= link_to_ip edit.ip_addr %></div>
<% end %>
</div>
<div class="content">
<div class="body">

14
app/views/forum_posts/_forum_post.html.erb
View File

@ -60,23 +60,23 @@
<li><%= link_to "Edit", edit_forum_post_path(forum_post.id), :id => "edit_forum_post_link_#{forum_post.id}", :class => "edit_forum_post_link" %></li>
<% end %>
<% end %>
<% if params[:controller] == "forum_posts" %>
<li><%= link_to "Parent", forum_topic_path(forum_post.topic, :page => forum_post.forum_topic_page, :anchor => "forum_post_#{forum_post.id}") %></li>
<% end %>
<% if CurrentUser.is_member? %>
<li><%= link_to "Report", new_ticket_path(disp_id: forum_post.id, qtype: 'forum') %></li>
<% end %>
<% if CurrentUser.is_moderator? %>
<li>|</li>
<li><%= link_to "Show Edits", edit_history_path(id: forum_post.id, type: 'ForumPost') %></li>
<%= render "user_warnable/buttons", model: forum_post %>
<% end %>
<% if CurrentUser.is_admin? %>
<li>|</li>
<li>
<strong>IP</strong>
<span><%= link_to_ip forum_post.creator_ip_addr %></span>
</li>
<li>|</li>
<%= render "user_warnable/buttons", model: forum_post %>
<li>|</li>
<% end %>
<% if params[:controller] == "forum_posts" %>
<li><%= link_to "Parent", forum_topic_path(forum_post.topic, :page => forum_post.forum_topic_page, :anchor => "forum_post_#{forum_post.id}") %></li>
<% end %>
<% if forum_post.votable? %>
<ul class="votes" id="forum-post-votes-for-<%= forum_post.id %>">

2
app/views/maintenance/user/dmail_filters/edit.html.erb
View File

@ -9,7 +9,7 @@
<li><strong>Sender</strong>: <%= link_to_user @dmail.from %></li>
<li><strong>Recipient</strong>: <%= link_to_user @dmail.to %></li>
<li><strong>Date</strong>: <%= compact_time(@dmail.created_at) %></li>
<% if CurrentUser.user.is_moderator? %>
<% if CurrentUser.user.is_admin? %>
<li><strong>Sender IP</strong>: <%= link_to_ip @dmail.creator_ip_addr %></li>
<% end %>
</ul>

4
app/views/news_updates/index.html.erb
View File

@ -8,7 +8,7 @@
<th>Creator</th>
<th>Date</th>
<th>Message</th>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<th></th>
<% end %>
</tr>
@ -19,7 +19,7 @@
<td><%= link_to_user news_update.creator %></td>
<td><%= compact_time news_update.updated_at %></td>
<td><div class="dtext-container"><%= format_text news_update.message %></div></td>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<td><%= link_to "Edit", edit_news_update_path(news_update) %> | <%= link_to "Delete", news_update_path(news_update), :method => :delete %></td>
<% end %>
</tr>

4
app/views/note_versions/_revert_listing.html.erb
View File

@ -7,7 +7,7 @@
<th width="5%">Note</th>
<th>Body</th>
<th width="5%">Position</th>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<th width="10%">IP Address</th>
<% end %>
<th width="10%">Edited By</th>
@ -43,7 +43,7 @@
<td>
<%= note_version_position_diff(note_version) %>
</td>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<td>
<%= link_to_ip note_version.updater_ip_addr %>
</td>

4
app/views/note_versions/_standard_listing.html.erb
View File

@ -7,7 +7,7 @@
<th width="5%">Note</th>
<th>Body</th>
<th width="5%">Position</th>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<th width="10%">IP Address</th>
<% end %>
<th width="10%">Edited By</th>
@ -36,7 +36,7 @@
<td>
<%= note_version_position_diff(note_version) %>
</td>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<td>
<%= link_to_ip note_version.updater_ip_addr %>
</td>

4
app/views/pool_versions/_revert_listing.html.erb
View File

@ -7,7 +7,7 @@
<th>Changes</th>
<th>Desc Chg</th>
<th>Updater</th>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<th>IP Address</th>
<% end %>
<th>Date</th>
@ -28,7 +28,7 @@
<%= link_to_user pool_version.updater %>
<% end %>
</td>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<td>
<%= link_to_ip pool_version.updater_ip_addr %>
</td>

4
app/views/pool_versions/_standard_listing.html.erb
View File

@ -7,7 +7,7 @@
<th>Changes</th>
<th>Desc Chg</th>
<th>Updater</th>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<th>IP Address</th>
<% end %>
<th>Date</th>
@ -25,7 +25,7 @@
<%= link_to_user pool_version.updater %>
<% end %>
</td>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<td>
<%= link_to_ip pool_version.updater_ip_addr %>
</td>

2
app/views/post_replacements/index.html.erb
View File

@ -118,7 +118,7 @@
<%= link_to "Reset To", "#approve", class: "replacement-approve-action", data: { replacement_id: post_replacement.id, penalize: false} %><br>
<% end %>
<% end %>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<%= link_to "Destroy", post_replacement_path(post_replacement), method: :DELETE, 'data-confirm': 'Are you sure you want to destroy this replacement?' %>
<% end %>
</td>

2
app/views/post_sets/_search.html.erb
View File

@ -2,7 +2,7 @@
<%= f.input :name, label: "Name" %>
<%= f.input :shortname, label: "Short Name" %>
<%= f.input :creator_name, label: "Username", autocomplete: "users" %>
<% if CurrentUser.is_admin? %>
<% if CurrentUser.is_moderator? %>
<%= f.input :is_public, label: "Public?", collection: [["Yes", true], ["No", false]], include_blank: true %>
<% end %>
<%= f.input :order, collection: [%w[Name name], ['Short Name', 'shortname'], ['Post Count', 'post_count'], %w[Created created_at], %w[Updated updated_at]], include_blank: false %>

2
app/views/post_versions/_listing.html.erb
View File

@ -27,7 +27,7 @@
<% if post_version.updater %>
<%= link_to_user(post_version.updater) %>
<% end %>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
(<%= link_to_ip(post_version.updater_ip_addr) %>)
<% end %>
<%= time_ago_in_words_tagged(post_version.updated_at, compact: true) %>

4
app/views/posts/partials/show/_edit.html.erb
View File

@ -26,7 +26,7 @@
<div id="tag-string-editor"></div>
<%= f.input :locked_tags, label: "Locked Tags", autocomplete: "tag-edit", input_html: { value: (post.locked_tags || ""), spellcheck: false, size: "60x2", disabled: !CurrentUser.is_admin? } %>
<%= f.input :locked_tags, label: "Locked Tags", autocomplete: "tag-edit", input_html: { value: (post.locked_tags || ""), spellcheck: false, size: "60x2", disabled: !CurrentUser.is_moderator? } %>
</div>
<% if post.is_rating_locked? %>
@ -54,7 +54,7 @@
<%= f.input :is_note_locked, label: "Notes" %>
<% end %>
<%= f.input :is_rating_locked, label: "Rating" %>
<% if CurrentUser.is_admin? %>
<% if CurrentUser.is_moderator? %>
<%= f.input :is_status_locked, label: "Status" %>
<% end %>
</fieldset>

2
app/views/posts/partials/show/_information.html.erb
View File

@ -7,7 +7,7 @@
</li>
<li>Rating: <%= pretty_html_rating(post) %></li>
<li>Score: <%= post_vote_block(post, post.own_vote) %>
<% if CurrentUser.is_admin? %><span><%= link_to "(votes)", controller: :post_votes, search: { post_id: post.id} %></span><% end %>
<% if CurrentUser.is_moderator? %><span><%= link_to "(votes)", controller: :post_votes, search: { post_id: post.id} %></span><% end %>
</li>
<li>
Posted: <%= link_to time_ago_in_words_tagged(post.created_at), posts_path(:tags => "date:#{post.created_at.to_date}"), :rel => "nofollow" %>

2
app/views/static/site_map.html.erb
View File

@ -117,8 +117,6 @@
<li><%= link_to("Post Report Reasons", post_report_reasons_path) %></li>
<li><%= link_to("Alias & Implication Import", new_admin_alias_and_implication_import_path) %></li>
<li><%= link_to("Danger Zone", admin_danger_zone_index_path) %></li>
<% end %>
<% if CurrentUser.is_moderator? %>
<li><%= link_to("IP Bans", ip_bans_path) %></li>
<% end %>
<li><%= link_to("Upload Whitelist", upload_whitelists_path) %></li>

2
app/views/tag_alias_requests/new.html.erb
View File

@ -11,7 +11,7 @@
<%= f.input :antecedent_name, label: "From", autocomplete: "tag" %>
<%= f.input :consequent_name, label: "To", autocomplete: "tag" %>
<%= f.input :reason, as: :dtext, limit: Danbooru.config.forum_post_max_size %>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<%= f.input :skip_forum, as: :boolean, label: "Skip forum topic creation" %>
<% end %>
<%= f.button :submit, "Submit" %>

2
app/views/tag_aliases/index.html.erb
View File

@ -2,7 +2,7 @@
<div id="a-index">
<%= render "tag_relationships/search", url: tag_aliases_path %>
<%= render "tag_relationships/listing", tag_relations: @tag_aliases %>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<%= render "tag_relationships/add_form", type: :tag_alias_request, path: tag_alias_request_path %>
<% end %>

2
app/views/tag_implication_requests/new.html.erb
View File

@ -11,7 +11,7 @@
<%= f.input :antecedent_name, label: "From", autocomplete: "tag" %>
<%= f.input :consequent_name, label: "To", autocomplete: "tag" %>
<%= f.input :reason, as: :dtext, limit: Danbooru.config.forum_post_max_size %>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<%= f.input :skip_forum, as: :boolean, label: "Skip forum topic creation" %>
<% end %>
<%= f.button :submit, "Submit" %>

2
app/views/tag_implications/index.html.erb
View File

@ -2,7 +2,7 @@
<div id="a-index">
<%= render "tag_relationships/search", url: tag_implications_path %>
<%= render "tag_relationships/listing", tag_relations: @tag_implications %>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<%= render "tag_relationships/add_form", type: :tag_implication_request, path: tag_implication_request_path %>
<% end %>

2
app/views/tickets/_footer.html.erb
View File

@ -3,7 +3,7 @@
<% unless current_user.anon? %>
<li><%= link_to "Mine", action: "index", user_id: current_user.id %></li>
<% end %>
<% if current_user.is_admin? %>
<% if current_user.is_moderator? %>
<li><%= link_to "Claimed", action: "index", claim_id: current_user.id %></li>
<% end %>
<li><%= link_to "Help", controller: "help" %></li>

2
app/views/tickets/_search.html.erb
View File

@ -1,5 +1,5 @@
<%= form_search path: tickets_path do |f| %>
<% if CurrentUser.is_admin? %>
<% if CurrentUser.is_moderator? %>
<%= f.input :creator_name, label: "Reporter", autocomplete: "user" %>
<%= f.input :creator_id, label: "Reporter ID" %>
<%= f.input :accused_name, label: "Accused", autocomplete: "user" %>

2
app/views/tickets/_secondary_links.html.erb
View File

@ -4,7 +4,7 @@
<% unless CurrentUser.is_anonymous? %>
<%= subnav_link_to 'Mine', tickets_path(search: {creator_id: CurrentUser.id}) %>
<% end %>
<% if CurrentUser.is_admin? %>
<% if CurrentUser.is_moderator? %>
<%= subnav_link_to 'Claimed', tickets_path(search: {claimant_id: CurrentUser.id}) %>
<% end %>
</menu>

4
app/views/tickets/index.html.erb
View File

@ -7,7 +7,7 @@
<thead>
<tr>
<th style="width:5%">ID</th>
<% if CurrentUser.is_admin? %>
<% if CurrentUser.is_moderator? %>
<th style="width:10%">Reporter</th>
<th style="width:10%">Claimed By</th>
<% end %>
@ -23,7 +23,7 @@
<% @tickets.each do |ticket| %>
<tr data-link="<%= ticket_path(ticket) %>">
<td><%= link_to ticket.id, ticket_path(ticket) %></td>
<% if CurrentUser.is_admin? %>
<% if CurrentUser.is_moderator? %>
<td><%= link_to_user ticket.creator %></td>
<td>
<% if ticket.claimant.nil? %>

7
app/views/tickets/show.html.erb
View File

@ -21,7 +21,7 @@
<td><span class="title">Updated</span></td>
<td style="cursor:help;" title="<%= @ticket.updated_at.strftime("%b %d, %Y %I:%M %p") %>"><%= time_ago_in_words(@ticket.updated_at) %> ago</td>
</tr>
<% if CurrentUser.is_admin? %>
<% if CurrentUser.is_moderator? %>
<tr>
<td><span class="title">Claimed By</span></td>
<% if @ticket.claimant.nil? %>
@ -42,6 +42,9 @@
<td><span class='title'>IP</span></td>
<td><%= link_to_ip(@ticket.creator_ip_addr) %></td>
</tr>
<% end %>
<% if CurrentUser.is_moderator? %>
<tr>
<td><span class="title">Open Duplicates</span></td>
<td><ul>
@ -77,7 +80,7 @@
</table>
</div>
<% if CurrentUser.is_admin? %>
<% if CurrentUser.is_moderator? %>
<%= custom_form_for(@ticket) do |f| %>
<div class='section'>
<table>

2
app/views/uploads/new.html.erb
View File

@ -38,7 +38,7 @@
safeSite: <%= CurrentUser.safe_mode?.to_json %>,
uploadTags: <%= CurrentUser.presenter.favorite_tags_with_types.to_json.html_safe %>,
recentTags: <%= CurrentUser.presenter.recent_tags_with_types.to_json.html_safe %>,
allowLockedTags: <%= CurrentUser.is_admin?.to_json %>,
allowLockedTags: <%= CurrentUser.is_moderator?.to_json %>,
allowRatingLock: <%= CurrentUser.is_privileged?.to_json %>,
allowUploadAsPending: <%= CurrentUser.can_upload_free?.to_json %>,
descrLimit: <%= Danbooru.config.post_descr_max_size %>,

16
app/views/user_votes/_common_index.html.erb
View File

@ -21,11 +21,15 @@
<th><%= type.model_type.capitalize %></th>
<th><%= type.model_type.capitalize %> Creator</th>
<th>Voter</th>
<th>Email</th>
<% if CurrentUser.is_admin? %>
<th>Email</th>
<% end %>
<th>Signed Up</th>
<th>Vote</th>
<th>Created</th>
<th>IP</th>
<% if CurrentUser.is_admin? %>
<th>IP</th>
<% end %>
</tr>
</thead>
<tbody>
@ -35,7 +39,9 @@
<td><%= link_to vote.send("#{type.model_type}_id"), vote.send(type.model_type) %></td>
<td><%= mod_link_to_user vote.send(type.model_type).send(type.model_creator_column), :negative %></td>
<td><%= mod_link_to_user vote.user, :negative %></td>
<td><%= vote.user.email %>
<% if CurrentUser.is_admin? %>
<td><%= vote.user.email %>
<% end %>
<td title="Signed up at <%= vote.user.created_at.strftime("%c") %>"><%= time_ago_in_words(vote.user.created_at) %> ago
<td>
<% if vote.is_positive? %><span class='greentext'>Up</span>
@ -44,7 +50,9 @@
<% end %></td>
<td title="Created at <%= vote.created_at.strftime("%c") %>"><%= time_ago_in_words(vote.created_at) %> ago
</td>
<td><%= link_to_ip vote.user_ip_addr %></td>
<% if CurrentUser.is_admin? %>
<td><%= link_to_ip vote.user_ip_addr %></td>
<% end %>
</tr>
<% end %>
</tbody>

4
app/views/users/_secondary_links.html.erb
View File

@ -19,10 +19,12 @@
<%= subnav_link_to "Report/Commend", new_ticket_path(disp_id: @user.id, qtype: 'user') %>
<% end %>
<% if CurrentUser.user.is_moderator? %>
<% if CurrentUser.is_admin? %>
<%= subnav_link_to "Reset Password", request_password_reset_admin_user_path(@user) %>
<%= subnav_link_to "Edit Blacklist", edit_blacklist_admin_user_path(@user) %>
<%= subnav_link_to "Edit User", edit_admin_user_path(@user) %>
<% end %>
<% if CurrentUser.is_moderator? %>
<% if @user.is_banned? %>
<%= subnav_link_to "Unban", ban_path(@user.recent_ban) %>
<% else %>

3
app/views/users/_statistics.html.erb
View File

@ -85,9 +85,6 @@
<% if CurrentUser.is_admin? %>
<span>Email</span>
<span><%= user.email %></span>
<% end %>
<% if CurrentUser.is_moderator? %>
<span>Last IP</span>
<span><%= link_to_ip(user.last_ip_addr) %></span>
<% end %>

4
app/views/users/index.html.erb
View File

@ -10,7 +10,7 @@
<th>Name</th>
<th>Posts</th>
<th>Deleted</th>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<th>Email</th>
<th>Last IP</th>
<% end %>
@ -33,7 +33,7 @@
</td>
<td><%= link_to user.post_upload_count, posts_path(:tags => "user:#{user.name}") %></td>
<td><%= user.post_deleted_count %></td>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<td><%= user.email %></td>
<td><%= link_to_ip(user.last_ip_addr) %></td>
<% end %>

4
app/views/wiki_page_versions/_global_listing.html.erb
View File

@ -4,7 +4,7 @@
<tr>
<th>Title</th>
<th>Wiki</th>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<th>IP Address</th>
<% end %>
<th>Last edited</th>
@ -21,7 +21,7 @@
<% end %>
</td>
<td><%= link_to "wiki", wiki_page_path(wiki_page_version.wiki_page_id) %></td>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<td>
<%= link_to_ip wiki_page_version.updater_ip_addr %>
</td>

4
app/views/wiki_page_versions/_page_listing.html.erb
View File

@ -9,7 +9,7 @@
<th>Title</th>
<th>View</th>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<th>IP Address</th>
<% end %>
<th>Last edited</th>
@ -36,7 +36,7 @@
<% end %>
</td>
<td><%= link_to "view version", wiki_page_version_path(wiki_page_version) %></td>
<% if CurrentUser.is_moderator? %>
<% if CurrentUser.is_admin? %>
<td>
<%= link_to_ip wiki_page_version.updater_ip_addr %>
</td>

2
app/views/wiki_pages/_secondary_links.html.erb
View File

@ -33,7 +33,7 @@
<%= subnav_link_to "Edit", edit_wiki_page_path(@wiki_page), "data-shortcut": "e" %>
<% end %>
<% if CurrentUser.is_moderator? && !@wiki_page.is_deleted? %>
<% if CurrentUser.is_admin? && !@wiki_page.is_deleted? %>
<%= subnav_link_to "Delete", wiki_page_path(@wiki_page), :method => :delete, :"data-confirm" => "Are you sure you want to delete this wiki page?" %>
<% end %>

32
test/functional/admin/users_controller_test.rb
View File

@ -3,44 +3,30 @@ require 'test_helper'
class Admin::UsersControllerTest < ActionDispatch::IntegrationTest
context "Admin::UsersController" do
setup do
@mod = create(:moderator_user)
@user = create(:user)
@admin = create(:admin_user)
end
context "#edit" do
should "render" do
get_auth edit_admin_user_path(@user), @mod
get_auth edit_admin_user_path(@user), @admin
assert_response :success
end
end
context "#update" do
context "on a basic user" do
should "fail for moderators" do
put_auth admin_user_path(@user), create(:moderator_user), params: { user: { level: "30" } }
assert_response :forbidden
end
should "succeed" do
put_auth admin_user_path(@user), @mod, params: { user: { level: "30" } }
put_auth admin_user_path(@user), @admin, params: { user: { level: "30" } }
assert_redirected_to(user_path(@user))
@user.reload
assert_equal(30, @user.level)
end
context "promoted to an admin" do
should "fail" do
put_auth admin_user_path(@user), @mod, params: { user: { level: "50" } }
assert_response(403)
@user.reload
assert_equal(20, @user.level)
end
end
end
context "on an admin user" do
should "fail" do
put_auth admin_user_path(@admin), @mod, params: {:user => {:level => "30"}}
assert_response(403)
@admin.reload
assert_equal(50, @admin.level)
end
end
context "on an user with a blank email" do
@ -50,14 +36,14 @@ class Admin::UsersControllerTest < ActionDispatch::IntegrationTest
end
should "succeed" do
put_auth admin_user_path(@user), @mod, params: { user: { level: "20", email: "" } }
put_auth admin_user_path(@user), @admin, params: { user: { level: "20", email: "" } }
assert_redirected_to(user_path(@user))
@user.reload
assert_equal(20, @user.level)
end
should "prevent invalid emails" do
put_auth admin_user_path(@user), @mod, params: { user: { level: "10", email: "invalid" } }
put_auth admin_user_path(@user), @admin, params: { user: { level: "10", email: "invalid" } }
@user.reload
assert_equal("", @user.email)
end

3
test/functional/comments_controller_test.rb
View File

@ -70,6 +70,7 @@ class CommentsControllerTest < ActionDispatch::IntegrationTest
context "when stickying a comment" do
should "succeed if updater is a moderator" do
@comment = create(:comment, creator: @mod)
put_auth comment_path(@comment.id), @mod, params: {comment: {is_sticky: true}}
assert_equal(true, @comment.reload.is_sticky)
assert_redirected_to @comment.post
@ -154,7 +155,7 @@ class CommentsControllerTest < ActionDispatch::IntegrationTest
context "destroy action" do
should "destroy the comment" do
delete_auth comment_path(@comment.id), @mod
delete_auth comment_path(@comment.id), create(:admin_user)
assert_equal(0, Comment.where(id: @comment.id).count)
end
end

5
test/functional/forum_posts_controller_test.rb
View File

@ -115,8 +115,9 @@ class ForumPostsControllerTest < ActionDispatch::IntegrationTest
context "destroy action" do
should "destroy the posts" do
delete_auth forum_post_path(@forum_post), @mod
get_auth forum_post_path(@forum_post), @mod
@admin = create(:admin_user)
delete_auth forum_post_path(@forum_post), @admin
get_auth forum_post_path(@forum_post), @admin
assert_response :not_found
end
end

2
test/functional/forum_topics_controller_test.rb
View File

@ -112,7 +112,7 @@ class ForumTopicsControllerTest < ActionDispatch::IntegrationTest
end
should "destroy the topic and any associated posts" do
delete_auth forum_topic_path(@forum_topic), @mod
delete_auth forum_topic_path(@forum_topic), create(:admin_user)
assert_response :no_content
end
end

7
test/functional/moderator/ip_addrs_controller_test.rb
View File

@ -4,13 +4,18 @@ module Moderator
class IpAddrsControllerTest < ActionDispatch::IntegrationTest
context "The ip addrs controller" do
setup do
@user = create(:moderator_user, created_at: 1.month.ago)
@user = create(:admin_user, created_at: 1.month.ago)
as(@user) do
create(:comment)
end
end
should "fail for moderators" do
get_auth moderator_ip_addrs_path, create(:moderator_user), params: { search: { ip_addr: "127.0.0.1" } }
assert_response :forbidden
end
should "find by ip addr" do
get_auth moderator_ip_addrs_path, @user, params: { search: { ip_addr: "127.0.0.1" } }
assert_response :success

2
test/functional/moderator/tags_controller_test.rb
View File

@ -4,7 +4,7 @@ module Moderator
class TagsControllerTest < ActionDispatch::IntegrationTest
context "The tags controller" do
setup do
@user = create(:moderator_user)
@user = create(:admin_user)
as(@user) do
@post = create(:post)
end

3
test/functional/wiki_pages_controller_test.rb
View File

@ -146,11 +146,10 @@ class WikiPagesControllerTest < ActionDispatch::IntegrationTest
as(@user) do
@wiki_page = create(:wiki_page)
end
@mod = create(:mod_user)
end
should "destroy a wiki_page" do
delete_auth wiki_page_path(@wiki_page), @mod
delete_auth wiki_page_path(@wiki_page), create(:admin_user)
assert_not(WikiPage.exists?(@wiki_page.id))
end
end