Merge branch '24576_cant_stop_impersonating' into 'master'

Allow admins to stop impersonating users without e-mail addresses Closes #24576 See merge request !7550

Merge branch '24576_cant_stop_impersonating' into 'master'
Allow admins to stop impersonating users without e-mail addresses Closes #24576 See merge request !7550
45d69bf1 · Sean McGivern · 7902395f · 8dd9a8b6 · 45d69bf1 · 45d69bf1
Commit 45d69bf1 authored Nov 22, 2016 by Sean McGivern
3 changed files
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -224,7 +224,7 @@ class ApplicationController < ActionController::Base
  end
  def require_email
-    if current_user && current_user.temp_oauth_email?
+    if current_user && current_user.temp_oauth_email? && session[:impersonator_id].nil?
      redirect_to profile_path, notice: 'Please complete your profile with email address' and return
    end
  end

--- a/changelogs/unreleased/24576_cant_stop_impersonating.yml
+++ b/changelogs/unreleased/24576_cant_stop_impersonating.yml
+---
+title: Allow admins to stop impersonating users without e-mail addresses
+merge_request: 7550
+author: Oren Kanner
--- a/spec/controllers/admin/impersonations_controller_spec.rb
+++ b/spec/controllers/admin/impersonations_controller_spec.rb
@@ -76,18 +76,32 @@ describe Admin::ImpersonationsController do
          end
          context "when the impersonator is not blocked" do
-            it "redirects to the impersonated user's page" do
+            shared_examples_for "successfully stops impersonating" do
-              expect(Gitlab::AppLogger).to receive(:info).with("User #{impersonator.username} has stopped impersonating #{user.username}").and_call_original
+              it "redirects to the impersonated user's page" do
+                expect(Gitlab::AppLogger).to receive(:info).with("User #{impersonator.username} has stopped impersonating #{user.username}").and_call_original
-              delete :destroy
+                delete :destroy
+                expect(response).to redirect_to(admin_user_path(user))
+              end
+              it "signs us in as the impersonator" do
+                delete :destroy
-              expect(response).to redirect_to(admin_user_path(user))
+                expect(warden.user).to eq(impersonator)
+              end
            end
-            it "signs us in as the impersonator" do
+            # base case
-              delete :destroy
+            it_behaves_like "successfully stops impersonating"
+            context "and the user has a temporary oauth e-mail address" do
+              before do
+                allow(user).to receive(:temp_oauth_email?).and_return(true)
+                allow(controller).to receive(:current_user).and_return(user)
+              end
-              expect(warden.user).to eq(impersonator)
+              it_behaves_like "successfully stops impersonating"
            end
          end
        end