Fix errors caused by attempts to report already blocked or deleted users

49957cf5 · Horacio Bertorello · d3c3200c · 49957cf5 · 49957cf5 · 49957cf5
Commit 49957cf5 authored Jun 27, 2017 by Horacio Bertorello
4 changed files
--- a/app/controllers/abuse_reports_controller.rb
+++ b/app/controllers/abuse_reports_controller.rb
 class AbuseReportsController < ApplicationController
+  before_action :set_user, only: [:new]
+
  def new
    @abuse_report = AbuseReport.new
-    @abuse_report.user_id = params[:user_id]
+    @abuse_report.user_id = @user.id
    @ref_url = params.fetch(:ref_url, '')
  end

@@ -27,4 +29,14 @@ class AbuseReportsController < ApplicationController
      user_id
    ))
  end
+
+  def set_user
+    @user = User.find_by(id: params[:user_id])
+
+    if @user.nil?
+      redirect_to root_path, alert: "Cannot create the abuse report. The user has been deleted."
+    elsif @user.blocked?
+      redirect_to @user, alert: "Cannot create the abuse report. This user has been blocked."
+    end
+  end
 end
--- a/changelogs/unreleased/hb-fix-abuse-report-on-stale-user-profile.yml
+++ b/changelogs/unreleased/hb-fix-abuse-report-on-stale-user-profile.yml
+---
+title: Fix errors caused by attempts to report already blocked or deleted users
+merge_request: 12502
+author: Horacio Bertorello
--- a/spec/controllers/abuse_reports_controller_spec.rb
+++ b/spec/controllers/abuse_reports_controller_spec.rb
@@ -13,6 +13,31 @@ describe AbuseReportsController do
    sign_in(reporter)
  end

+  describe 'GET new' do
+    context 'when the user has already been deleted' do
+      it 'redirects the reporter to root_path' do
+        user_id = user.id
+        user.destroy
+
+        get :new, { user_id: user_id }
+
+        expect(response).to redirect_to root_path
+        expect(flash[:alert]).to eq('Cannot create the abuse report. The user has been deleted.')
+      end
+    end
+
+    context 'when the user has already been blocked' do
+      it 'redirects the reporter to the user\'s profile' do
+        user.block
+
+        get :new, { user_id: user.id }
+
+        expect(response).to redirect_to user
+        expect(flash[:alert]).to eq('Cannot create the abuse report. This user has been blocked.')
+      end
+    end
+  end
+
  describe 'POST create' do
    context 'with valid attributes' do
      it 'saves the abuse report' do

--- a/spec/features/abuse_report_spec.rb
+++ b/spec/features/abuse_report_spec.rb
@@ -12,7 +12,7 @@ feature 'Abuse reports', feature: true do

    click_link 'Report abuse'

-    fill_in 'abuse_report_message', with: 'This user send spam'
+    fill_in 'abuse_report_message', with: 'This user sends spam'
    click_button 'Send report'

    expect(page).to have_content 'Thank you for your report'