Skip to content

G
gitlab-ce
Commit 13dc3cde authored by Sean McGivern's avatar Sean McGivern
Browse files
Options

Merge branch 'dblessing_unconfirmed_profile_fix' into 'master' 

Fix user display name permission check

See merge request gitlab-org/gitlab!48801
parents f9780f3d a268478c
Hide whitespace changes
Inline Side-by-side
Showing with 31 additions and 16 deletions
app/helpers/users_helper.rb
View file @ 13dc3cde
...@@ -187,7 +187,7 @@ module UsersHelper ...@@ -187,7 +187,7 @@ module UsersHelper
def user_display_name(user) def user_display_name(user)
return s_('UserProfile|Blocked user') if user.blocked? return s_('UserProfile|Blocked user') if user.blocked?
can_read_profile = can?(user, :read_user_profile, current_user) can_read_profile = can?(current_user, :read_user_profile, user)
return s_('UserProfile|Unconfirmed user') unless user.confirmed? || can_read_profile return s_('UserProfile|Unconfirmed user') unless user.confirmed? || can_read_profile
user.name user.name
......
spec/features/users/show_spec.rb
View file @ 13dc3cde
...@@ -126,26 +126,41 @@ RSpec.describe 'User page' do ...@@ -126,26 +126,41 @@ RSpec.describe 'User page' do
context 'with unconfirmed user' do context 'with unconfirmed user' do
let_it_be(:user) { create(:user, :unconfirmed) } let_it_be(:user) { create(:user, :unconfirmed) }
before do shared_examples 'unconfirmed user profile' do
visit_profile before do
end visit_profile
end
it 'shows user name as unconfirmed' do it 'shows user name as unconfirmed' do
expect(page).to have_css(".cover-title", text: 'Unconfirmed user') expect(page).to have_css(".cover-title", text: 'Unconfirmed user')
end end
it 'shows no tab' do it 'shows no tab' do
expect(page).to have_css("div.profile-header") expect(page).to have_css("div.profile-header")
expect(page).not_to have_css("ul.nav-links") expect(page).not_to have_css("ul.nav-links")
end
it 'shows no additional fields' do
expect(page).not_to have_css(".profile-user-bio")
expect(page).not_to have_css(".profile-link-holder")
end
it 'shows private profile message' do
expect(page).to have_content("This user has a private profile")
end
end end
it 'shows no additional fields' do context 'when visited by an authenticated user' do
expect(page).not_to have_css(".profile-user-bio") before do
expect(page).not_to have_css(".profile-link-holder") authenticated_user = create(:user)
sign_in(authenticated_user)
end
it_behaves_like 'unconfirmed user profile'
end end
it 'shows private profile message' do context 'when visited by an unauthenticated user' do
expect(page).to have_content("This user has a private profile") it_behaves_like 'unconfirmed user profile'
end end
end end
......
spec/helpers/users_helper_spec.rb
View file @ 13dc3cde
...@@ -330,7 +330,7 @@ RSpec.describe UsersHelper do ...@@ -330,7 +330,7 @@ RSpec.describe UsersHelper do
end end
def stub_profile_permission_allowed(allowed, current_user = nil) def stub_profile_permission_allowed(allowed, current_user = nil)
allow(helper).to receive(:can?).with(user, :read_user_profile, current_user).and_return(allowed) allow(helper).to receive(:can?).with(current_user, :read_user_profile, user).and_return(allowed)
end end
end end
end end
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7