Don't allow to edit award emoji comments
This commit is contained in:
parent
bdc62d704c
commit
e3ee46a13b
|
@ -27,6 +27,7 @@ v 8.3.0 (unreleased)
|
|||
- Improve wording on project visibility levels (Zeger-Jan van de Weg)
|
||||
- Automatically select default clone protocol based on user preferences (Eirik Lygre)
|
||||
- Make Network page as sub tab of Commits
|
||||
- Prevent possible XSS attack with award-emoji
|
||||
|
||||
v 8.2.3
|
||||
- Fix application settings cache not expiring after changes (Stan Hu)
|
||||
|
|
|
@ -350,7 +350,7 @@ class Note < ActiveRecord::Base
|
|||
end
|
||||
|
||||
def editable?
|
||||
!system?
|
||||
!system? && !is_award
|
||||
end
|
||||
|
||||
# Checks if note is an award added as a comment
|
||||
|
|
|
@ -142,4 +142,21 @@ describe Note, models: true do
|
|||
expect(Note.grouped_awards.first.last).to match_array(Note.all)
|
||||
end
|
||||
end
|
||||
|
||||
describe "editable?" do
|
||||
it "returns true" do
|
||||
note = build(:note)
|
||||
expect(note.editable?).to be_truthy
|
||||
end
|
||||
|
||||
it "returns false" do
|
||||
note = build(:note, system: true)
|
||||
expect(note.editable?).to be_falsy
|
||||
end
|
||||
|
||||
it "returns false" do
|
||||
note = build(:note, is_award: true, note: "smiley")
|
||||
expect(note.editable?).to be_falsy
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue