Skip to content
Snippets Groups Projects
Commit 69708dab authored by Douwe Maan's avatar Douwe Maan
Browse files

Block blocked users from replying to threads by email.

parent 35224d5e
Branches
Tags
1 merge request!1173Reply by email
Pipeline #
Hide whitespace changes
Inline Side-by-side
app/workers/email_receiver_worker.rb
+ 2
0
View file @ 69708dab
@@ -31,6 +31,8 @@ class EmailReceiverWorker
@@ -31,6 +31,8 @@ class EmailReceiverWorker
reason = "The email was marked as 'auto generated', which we can't accept. Please create your comment through the web interface." reason = "The email was marked as 'auto generated', which we can't accept. Please create your comment through the web interface."
when Gitlab::Email::Receiver::UserNotFoundError when Gitlab::Email::Receiver::UserNotFoundError
reason = "We couldn't figure out what user corresponds to the email. Please create your comment through the web interface." reason = "We couldn't figure out what user corresponds to the email. Please create your comment through the web interface."
when Gitlab::Email::Receiver::UserBlockedError
reason = "Your account has been blocked. If you believe this is in error, contact a staff member."
when Gitlab::Email::Receiver::UserNotAuthorizedError when Gitlab::Email::Receiver::UserNotAuthorizedError
reason = "You are not allowed to respond to the thread you are replying to. If you believe this is in error, contact a staff member." reason = "You are not allowed to respond to the thread you are replying to. If you believe this is in error, contact a staff member."
when Gitlab::Email::Receiver::NoteableNotFoundError when Gitlab::Email::Receiver::NoteableNotFoundError
lib/gitlab/email/receiver.rb
+ 3
0
View file @ 69708dab
@@ -8,6 +8,7 @@ module Gitlab
@@ -8,6 +8,7 @@ module Gitlab
class EmptyEmailError < ProcessingError; end class EmptyEmailError < ProcessingError; end
class AutoGeneratedEmailError < ProcessingError; end class AutoGeneratedEmailError < ProcessingError; end
class UserNotFoundError < ProcessingError; end class UserNotFoundError < ProcessingError; end
class UserBlockedError < ProcessingError; end
class UserNotAuthorizedError < ProcessingError; end class UserNotAuthorizedError < ProcessingError; end
class NoteableNotFoundError < ProcessingError; end class NoteableNotFoundError < ProcessingError; end
class InvalidNoteError < ProcessingError; end class InvalidNoteError < ProcessingError; end
@@ -27,6 +28,8 @@ module Gitlab
@@ -27,6 +28,8 @@ module Gitlab
   
raise UserNotFoundError unless author raise UserNotFoundError unless author
   
raise UserBlockedError if author.blocked?
project = sent_notification.project project = sent_notification.project
   
raise UserNotAuthorizedError unless project && author.can?(:create_note, project) raise UserNotAuthorizedError unless project && author.can?(:create_note, project)
spec/lib/gitlab/email/receiver_spec.rb
+ 10
0
View file @ 69708dab
@@ -58,6 +58,16 @@ describe Gitlab::Email::Receiver do
@@ -58,6 +58,16 @@ describe Gitlab::Email::Receiver do
end end
end end
   
context "when the user has been blocked" do
before do
user.block
end
it "raises a UserBlockedError" do
expect { receiver.execute }.to raise_error(Gitlab::Email::Receiver::UserBlockedError)
end
end
context "when the user is not authorized to create a note" do context "when the user is not authorized to create a note" do
before do before do
project.update_attribute(:visibility_level, Project::PRIVATE) project.update_attribute(:visibility_level, Project::PRIVATE)
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment