[Admin] Fix unable to edit users with duplicate emails

Also fixes a mistake in showing the email edit box
2023-04-30 13:10:43 +02:00 · 2023-04-30 13:10:43 +02:00 · b48de755fc
commit b48de755fc
parent 69ea527cde
4 changed files with 29 additions and 9 deletions
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@ -29,8 +29,8 @@ module Admin
    def update
      @user = User.find(params[:id])
      @user.validate_email_format = true
-      @user.skip_email_blank_check = true
-      @user.update!(user_params(@user))
+      @user.is_admin_edit = true
+      @user.update!(user_params(CurrentUser.user))
      if @user.saved_change_to_profile_about || @user.saved_change_to_profile_artinfo
        ModAction.log(:user_text_change, { user_id: @user.id })
      end
--- a/app/models/user.rb
+++ b/app/models/user.rb
@ -64,7 +64,7 @@ class User < ApplicationRecord
  include Danbooru::HasBitFlags
  has_bit_flags BOOLEAN_ATTRIBUTES, :field => "bit_prefs"

-  attr_accessor :password, :old_password, :validate_email_format, :skip_email_blank_check
+  attr_accessor :password, :old_password, :validate_email_format, :is_admin_edit

  after_initialize :initialize_attributes, if: :new_record?

@ -396,8 +396,8 @@ class User < ApplicationRecord
    end

    def enable_email_verification?
-      # Allow admins to edit users with blank emails
-      return false if email.blank? && !email_changed? && skip_email_blank_check
+      # Allow admins to edit users with blank/duplicate emails
+      return false if is_admin_edit && !email_changed?
      Danbooru.config.enable_email_verification? && validate_email_format
    end

--- a/app/views/admin/users/edit.html.erb
+++ b/app/views/admin/users/edit.html.erb
@ -5,7 +5,7 @@
    <%= custom_form_for(@user, url: admin_user_path(@user), method: :put) do |f| %>
      <%= f.input :id, as: :hidden %>
      <%= f.input :name, input_html: { size: 50 } %>
-      <% if @user.is_bd_staff? %>
+      <% if CurrentUser.is_bd_staff? %>
        <%= f.input :email, input_html: { size: 50 } %>
        <div class="input">
          <label class="block" for="user_verified">Email Verified</label>
--- a/test/functional/admin/users_controller_test.rb
+++ b/test/functional/admin/users_controller_test.rb
@ -4,7 +4,7 @@ class Admin::UsersControllerTest < ActionDispatch::IntegrationTest
  context "Admin::UsersController" do
    setup do
      @user = create(:user)
-      @admin = create(:admin_user)
+      @admin = create(:admin_user, is_bd_staff: true)
    end

    context "#edit" do
@ -36,10 +36,10 @@ class Admin::UsersControllerTest < ActionDispatch::IntegrationTest
        end

        should "succeed" do
-          put_auth admin_user_path(@user), @admin, params: { user: { level: "20", email: "" } }
+          put_auth admin_user_path(@user), @admin, params: { user: { level: "30", email: "" } }
          assert_redirected_to(user_path(@user))
          @user.reload
-          assert_equal(20, @user.level)
+          assert_equal(30, @user.level)
        end

        should "prevent invalid emails" do
@ -48,6 +48,26 @@ class Admin::UsersControllerTest < ActionDispatch::IntegrationTest
          assert_equal("", @user.email)
        end
      end
+
+      context "on a user with duplicate email" do
+        setup do
+          @user1 = create(:user, email: "test@e621.net")
+          @user2 = create(:user, email: "test@e621.net")
+          Danbooru.config.stubs(:enable_email_verification?).returns(true)
+        end
+
+        should "allow editing if the email is not changed" do
+          put_auth admin_user_path(@user1), @admin, params: { user: { level: "30" } }
+          @user1.reload
+          assert_equal(30, @user1.level)
+        end
+
+        should "allow changing the email" do
+          put_auth admin_user_path(@user1), @admin, params: { user: { level: "20", email: "abc@e621.net" } }
+          @user1.reload
+          assert_equal("abc@e621.net", @user1.email)
+        end
+      end
    end
  end
 end