Commit b51fe683 authored by Dmitriy Zaporozhets's avatar Dmitriy Zaporozhets

Merge branch 'fix-delete-user-error' into 'master'

Fix error when deleting a user who has projects

### What does this MR do?

This MR fixes an error that prevented users from being deleted in the Admin page if the user had personal projects.

### Why was this MR needed?

Deleting a user who had projects would result in an error such as this:

```
Started DELETE "/admin/users/tdb1" for MYIP at 2015-06-22 20:53:02 +0100
Processing by Admin::UsersController#destroy as HTML
Parameters: {"authenticity_token"=>"[FILTERED]", "id"=>"tdb1"}
Completed 500 Internal Server Error in 30ms (ActiveRecord: 6.7ms)

NameError (undefined local variable or method `current_user' for #<DeleteUserService:0x0000000cd01d38>):
app/services/delete_user_service.rb:10:in `block in execute'
app/services/delete_user_service.rb:7:in `execute'
app/controllers/admin/users_controller.rb:89:in `destroy'
```

### What are the relevant issue numbers?

* Closes #1856
* Closes https://github.com/gitlabhq/gitlabhq/issues/9394

See merge request !868
parents 1cfdc7a6 e80d7a80
......@@ -2,6 +2,7 @@ Please view this file on the master branch, on stable branches it's out of date.
v 7.13.0 (unreleased)
- Fix invalid timestamps in RSS feeds (Rowan Wookey)
- Fix error when deleting a user who has projects (Stan Hu)
- Update maintenance documentation to explain no need to recompile asssets for omnibus installations (Stan Hu)
- Support commenting on diffs in side-by-side mode (Stan Hu)
- Fix JavaScript error when clicking on the comment button on a diff line that has a comment already (Stan Hu)
......
......@@ -86,7 +86,7 @@ class Admin::UsersController < Admin::ApplicationController
end
def destroy
DeleteUserService.new.execute(user)
DeleteUserService.new(current_user).execute(user)
respond_to do |format|
format.html { redirect_to admin_users_path }
......
......@@ -6,7 +6,7 @@ class RegistrationsController < Devise::RegistrationsController
end
def destroy
DeleteUserService.new.execute(current_user)
DeleteUserService.new(current_user).execute(current_user)
respond_to do |format|
format.html { redirect_to new_user_session_path, notice: "Account successfully removed." }
......
class DeleteUserService
attr_accessor :current_user
def initialize(current_user)
@current_user = current_user
end
def execute(user)
if user.solo_owned_groups.present?
user.errors[:base] << 'You must transfer ownership or delete groups before you can remove user'
......
......@@ -194,7 +194,7 @@ module API
user = User.find_by(id: params[:id])
if user
DeleteUserService.new.execute(user)
DeleteUserService.new(current_user).execute(user)
else
not_found!('User')
end
......
require 'spec_helper'
describe Admin::UsersController do
let(:admin) { create(:admin) }
before do
sign_in(admin)
end
describe 'DELETE #user with projects' do
let(:user) { create(:user) }
let(:project) { create(:project, namespace: user.namespace) }
before do
project.team << [user, :developer]
end
it 'deletes user' do
delete :destroy, id: user.username, format: :json
expect(response.status).to eq(200)
expect { User.find(user.id) }.to raise_exception(ActiveRecord::RecordNotFound)
end
end
end
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment