Merge branch '7-12-fix-delete-user-error' into '7-12-stable'

Fix error when deleting a user who has projects See merge request !875

Merge branch '7-12-fix-delete-user-error' into '7-12-stable'
Fix error when deleting a user who has projects See merge request !875
9852183e · Jacob Vosmaer · 93ba5b90 · 711e5519 · 9852183e · 9852183e
Commit 9852183e authored Jun 23, 2015 by Jacob Vosmaer
6 changed files
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -10,10 +10,13 @@ v 7.13.0 (unreleased)
  - Update ssl_ciphers in Nginx example to remove DHE settings. This will deny forward secrecy for Android 2.3.7, Java 6 and OpenSSL 0.9.8
  - Convert CRLF newlines to LF when committing using the web editor.

-v 7.12.0 (unreleased)
+v 7.12.1 (unreleased)
+  - Fix error when deleting a user who has projects (Stan Hu)
+  - Fix post-receive errors on a push when an external issue tracker is configured (Stan Hu)
+
+v 7.12.0
  - Fix Error 500 when one user attempts to access a personal, internal snippet (Stan Hu)
  - Disable changing of target branch in new merge request page when a branch has already been specified (Stan Hu)
-  - Fix post-receive errors on a push when an external issue tracker is configured (Stan Hu)
  - Update oauth button logos for Twitter and Google to recommended assets
  - Fix hooks for web based events with external issue references (Daniel Gerhardt)
  - Update browser gem to version 0.8.0 for IE11 support (Stan Hu)

--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -86,7 +86,7 @@ class Admin::UsersController < Admin::ApplicationController
  end

  def destroy
-    DeleteUserService.new.execute(user)
+    DeleteUserService.new(current_user).execute(user)

    respond_to do |format|
      format.html { redirect_to admin_users_path }

--- a/app/controllers/registrations_controller.rb
+++ b/app/controllers/registrations_controller.rb
@@ -6,7 +6,7 @@ class RegistrationsController < Devise::RegistrationsController
  end

  def destroy
-    DeleteUserService.new.execute(current_user)
+    DeleteUserService.new(current_user).execute(current_user)

    respond_to do |format|
      format.html { redirect_to new_user_session_path, notice: "Account successfully removed." }

--- a/app/services/delete_user_service.rb
+++ b/app/services/delete_user_service.rb
 class DeleteUserService
+  attr_accessor :current_user
+
+  def initialize(current_user)
+    @current_user = current_user
+  end
+
  def execute(user)
    if user.solo_owned_groups.present?
      user.errors[:base] << 'You must transfer ownership or delete groups before you can remove user'

--- a/lib/api/users.rb
+++ b/lib/api/users.rb
@@ -194,7 +194,7 @@ module API
        user = User.find_by(id: params[:id])

        if user
-          DeleteUserService.new.execute(user)
+          DeleteUserService.new(current_user).execute(user)
        else
          not_found!('User')
        end

--- a/spec/controllers/admin/users_controller_spec.rb
+++ b/spec/controllers/admin/users_controller_spec.rb
+require 'spec_helper'
+
+describe Admin::UsersController do
+  let(:admin)    { create(:admin) }
+
+  before do
+    sign_in(admin)
+  end
+
+  describe 'DELETE #user with projects' do
+    let(:user) { create(:user) }
+    let(:project) { create(:project, namespace: user.namespace) }
+
+    before do
+      project.team << [user, :developer]
+    end
+
+    it 'deletes user' do
+      delete :destroy, id: user.username, format: :json
+      expect(response.status).to eq(200)
+      expect { User.find(user.id) }.to raise_exception(ActiveRecord::RecordNotFound)
+    end
+  end
+end