Block blocked users from replying to threads by email.

69708dab · Douwe Maan · 35224d5e · 69708dab · 69708dab · 69708dab
Commit 69708dab authored 9 years ago by Douwe Maan
--- a/app/workers/email_receiver_worker.rb
+++ b/app/workers/email_receiver_worker.rb
@@ -31,6 +31,8 @@ class EmailReceiverWorker
      reason = "The email was marked as 'auto generated', which we can't accept. Please create your comment through the web interface."
    when Gitlab::Email::Receiver::UserNotFoundError
      reason = "We couldn't figure out what user corresponds to the email. Please create your comment through the web interface."
+    when Gitlab::Email::Receiver::UserBlockedError
+      reason = "Your account has been blocked. If you believe this is in error, contact a staff member."
    when Gitlab::Email::Receiver::UserNotAuthorizedError
      reason = "You are not allowed to respond to the thread you are replying to. If you believe this is in error, contact a staff member."
    when Gitlab::Email::Receiver::NoteableNotFoundError

--- a/lib/gitlab/email/receiver.rb
+++ b/lib/gitlab/email/receiver.rb
@@ -8,6 +8,7 @@ module Gitlab
      class EmptyEmailError < ProcessingError; end
      class AutoGeneratedEmailError < ProcessingError; end
      class UserNotFoundError < ProcessingError; end
+      class UserBlockedError < ProcessingError; end
      class UserNotAuthorizedError < ProcessingError; end
      class NoteableNotFoundError < ProcessingError; end
      class InvalidNoteError < ProcessingError; end
@@ -27,6 +28,8 @@ module Gitlab
  
        raise UserNotFoundError unless author
  
+        raise UserBlockedError if author.blocked?
+
        project = sent_notification.project
  
        raise UserNotAuthorizedError unless project && author.can?(:create_note, project)

--- a/spec/lib/gitlab/email/receiver_spec.rb
+++ b/spec/lib/gitlab/email/receiver_spec.rb
@@ -58,6 +58,16 @@ describe Gitlab::Email::Receiver do
    end
  end
  
+  context "when the user has been blocked" do
+    before do
+      user.block
+    end
+
+    it "raises a UserBlockedError" do
+      expect { receiver.execute }.to raise_error(Gitlab::Email::Receiver::UserBlockedError)
+    end
+  end
+
  context "when the user is not authorized to create a note" do
    before do
      project.update_attribute(:visibility_level, Project::PRIVATE)