kotovalexarian-likes-gitlab/gitlab-org--gitlab-foss
1
0
Fork 0
Code Releases Activity

Block blocked users from replying to threads by email.

Browse source
This commit is contained in:
Douwe Maan 2015-08-21 10:14:45 -07:00
parent 35224d5e7f
commit 69708dab9f
3 changed files with 15 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
app/workers/email_receiver_worker.rb
View file

@ -31,6 +31,8 @@ class EmailReceiverWorker
reason = "The email was marked as 'auto generated', which we can't accept. Please create your comment through the web interface."
when Gitlab::Email::Receiver::UserNotFoundError
reason = "We couldn't figure out what user corresponds to the email. Please create your comment through the web interface."
when Gitlab::Email::Receiver::UserBlockedError
reason = "Your account has been blocked. If you believe this is in error, contact a staff member."
when Gitlab::Email::Receiver::UserNotAuthorizedError
reason = "You are not allowed to respond to the thread you are replying to. If you believe this is in error, contact a staff member."
when Gitlab::Email::Receiver::NoteableNotFoundError

3
lib/gitlab/email/receiver.rb
View file

@ -8,6 +8,7 @@ module Gitlab
class EmptyEmailError < ProcessingError; end
class AutoGeneratedEmailError < ProcessingError; end
class UserNotFoundError < ProcessingError; end
class UserBlockedError < ProcessingError; end
class UserNotAuthorizedError < ProcessingError; end
class NoteableNotFoundError < ProcessingError; end
class InvalidNoteError < ProcessingError; end
@ -27,6 +28,8 @@ module Gitlab
raise UserNotFoundError unless author
raise UserBlockedError if author.blocked?
project = sent_notification.project
raise UserNotAuthorizedError unless project && author.can?(:create_note, project)

10
spec/lib/gitlab/email/receiver_spec.rb
View file

@ -58,6 +58,16 @@ describe Gitlab::Email::Receiver do
end
end
context "when the user has been blocked" do
before do
user.block
end
it "raises a UserBlockedError" do
expect { receiver.execute }.to raise_error(Gitlab::Email::Receiver::UserBlockedError)
end
end
context "when the user is not authorized to create a note" do
before do
project.update_attribute(:visibility_level, Project::PRIVATE)