From ae4fbae26cefbf10848719ee8c06d418c348420c Mon Sep 17 00:00:00 2001
From: Jonathan Rochkind <jonathan@dnil.net>
Date: Thu, 8 Oct 2015 11:13:28 -0400
Subject: [PATCH] Send an email (to support) when a user is reported for spam

---
 app/controllers/abuse_reports_controller.rb   |  3 ++
 .../admin/application_settings_controller.rb  |  1 +
 app/mailers/abuse_report_mailer.rb            |  8 +++
 .../abuse_report_mailer/notify.text.haml      |  5 ++
 .../application_settings/_form.html.haml      |  4 ++
 ...19_add_admin_notification_email_setting.rb |  5 ++
 db/schema.rb                                  |  3 +-
 .../abuse_reports_controller_spec.rb          | 53 +++++++++++++++++++
 8 files changed, 81 insertions(+), 1 deletion(-)
 create mode 100644 app/mailers/abuse_report_mailer.rb
 create mode 100644 app/views/abuse_report_mailer/notify.text.haml
 create mode 100644 db/migrate/20151008143519_add_admin_notification_email_setting.rb
 create mode 100644 spec/controllers/abuse_reports_controller_spec.rb

diff --git a/app/controllers/abuse_reports_controller.rb b/app/controllers/abuse_reports_controller.rb
index 65dbd5ef551..482ec5054ac 100644
--- a/app/controllers/abuse_reports_controller.rb
+++ b/app/controllers/abuse_reports_controller.rb
@@ -11,6 +11,9 @@ class AbuseReportsController < ApplicationController
     if @abuse_report.save
       message = "Thank you for your report. A GitLab administrator will look into it shortly."
       redirect_to root_path, notice: message
+      if current_application_settings.admin_notification_email.present?
+        AbuseReportMailer.delay.notify(@abuse_report, current_application_settings.admin_notification_email)
+      end
     else
       render :new
     end
diff --git a/app/controllers/admin/application_settings_controller.rb b/app/controllers/admin/application_settings_controller.rb
index 5f70582cbb7..18a258c139f 100644
--- a/app/controllers/admin/application_settings_controller.rb
+++ b/app/controllers/admin/application_settings_controller.rb
@@ -55,6 +55,7 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
       :default_snippet_visibility,
       :restricted_signup_domains_raw,
       :version_check_enabled,
+      :admin_notification_email,
       :user_oauth_applications,
       :ci_enabled,
       restricted_visibility_levels: [],
diff --git a/app/mailers/abuse_report_mailer.rb b/app/mailers/abuse_report_mailer.rb
new file mode 100644
index 00000000000..c8b9c9c1628
--- /dev/null
+++ b/app/mailers/abuse_report_mailer.rb
@@ -0,0 +1,8 @@
+class AbuseReportMailer < BaseMailer
+
+  def notify(abuse_report, to_email)
+    @abuse_report = abuse_report
+
+    mail(to: to_email, subject: "[Gitlab] Abuse report filed for `#{@abuse_report.user.username}`")
+  end
+end
diff --git a/app/views/abuse_report_mailer/notify.text.haml b/app/views/abuse_report_mailer/notify.text.haml
new file mode 100644
index 00000000000..70e4e6a3c6c
--- /dev/null
+++ b/app/views/abuse_report_mailer/notify.text.haml
@@ -0,0 +1,5 @@
+An abuse report was filed on `#{@abuse_report.user.username}` by `#{@abuse_report.reporter.username}`.
+\
+= @abuse_report.message
+\
+Abuse report admin screen: #{abuse_reports_url}
\ No newline at end of file
diff --git a/app/views/admin/application_settings/_form.html.haml b/app/views/admin/application_settings/_form.html.haml
index 143cd10c543..036e24d3a46 100644
--- a/app/views/admin/application_settings/_form.html.haml
+++ b/app/views/admin/application_settings/_form.html.haml
@@ -47,6 +47,10 @@
           = f.label :version_check_enabled do
             = f.check_box :version_check_enabled
             Version check enabled
+    .form-group
+      = f.label :admin_notification_email, class: 'control-label col-sm-2'
+      .col-sm-10
+        = f.text_field :admin_notification_email, class: 'form-control'
 
   %fieldset
     %legend Account and Limit Settings
diff --git a/db/migrate/20151008143519_add_admin_notification_email_setting.rb b/db/migrate/20151008143519_add_admin_notification_email_setting.rb
new file mode 100644
index 00000000000..0bb581efe2c
--- /dev/null
+++ b/db/migrate/20151008143519_add_admin_notification_email_setting.rb
@@ -0,0 +1,5 @@
+class AddAdminNotificationEmailSetting < ActiveRecord::Migration
+  def change
+    add_column :application_settings, :admin_notification_email, :string
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 72609da93f1..23627bdaa22 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 20150930095736) do
+ActiveRecord::Schema.define(version: 20151008143519) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -47,6 +47,7 @@ ActiveRecord::Schema.define(version: 20150930095736) do
     t.text     "import_sources"
     t.text     "help_page_text"
     t.boolean  "ci_enabled",                   default: true,  null: false
+    t.string   "admin_notification_email"
   end
 
   create_table "audit_events", force: true do |t|
diff --git a/spec/controllers/abuse_reports_controller_spec.rb b/spec/controllers/abuse_reports_controller_spec.rb
new file mode 100644
index 00000000000..6d157406a2b
--- /dev/null
+++ b/spec/controllers/abuse_reports_controller_spec.rb
@@ -0,0 +1,53 @@
+require 'spec_helper'
+
+describe AbuseReportsController do
+  let(:reporter)    { create(:user) }
+  let(:user)        { create(:user) }
+  let(:message)     { "This user is a spammer" }
+
+  before do
+    sign_in(reporter)
+  end
+
+  describe "with admin notification_email set" do
+    let(:admin_email) { "admin@example.com"}
+    before(:example) { allow(current_application_settings).to receive(:admin_notification_email).and_return(admin_email) }
+
+    it "sends a notification email" do
+      post(:create,
+        abuse_report: {
+          user_id: user.id,
+          message: message
+        }
+      )
+
+      expect(response).to have_http_status(:redirect)
+      expect(flash[:notice]).to start_with("Thank you for your report")
+
+      email = ActionMailer::Base.deliveries.last
+
+      expect(email).to          be_present
+      expect(email.subject).to  eq("[Gitlab] Abuse report filed for `#{user.username}`")
+      expect(email.to).to       eq([admin_email])
+      expect(email.body).to     include(message)
+    end
+  end
+
+  describe "without admin notification email set" do
+    before(:example) { allow(current_application_settings).to receive(:admin_notification_email).and_return(nil) }
+
+    it "does not send a notification email" do
+      expect do
+        post(:create,
+          abuse_report: {
+            user_id: user.id,
+            message: message
+          }
+        )
+      end.to_not change{ActionMailer::Base.deliveries}
+
+      expect(response).to have_http_status(:redirect)
+      expect(flash[:notice]).to start_with("Thank you for your report")
+    end
+  end
+end
\ No newline at end of file
-- 
GitLab