[MODERATION] Block issue creation when blocked by repo owner (squash)

- Block the creation of a issue if the user is blocked by the repository owner.
- Fix integration tests (This should ideally in the future all be
self-created fixtures instead of relying on the existing ones as a small
condition can make the tests be inaccurate).

(cherry picked from commit 88d3ee333aa91814bbe0b11d9fc1e62ffecae1b9)
(cherry picked from commit 146c82d232a5a4a81bbbebcae568b5c3b6117804)
(cherry picked from commit d9dc25d0382acf819900eae5f652d682c3594ef5)
(cherry picked from commit cd1eadd9234205bce443e61c52415de342493b13)
(cherry picked from commit 40a8584bbb4768d2527ad1558034ebd2ea1f5077)
This commit is contained in:
Gusted 2023-12-29 15:35:08 +01:00 committed by Earl Warren
parent 9db9f6732d
commit 9bb188176e
WARNING! Although there is a key with this ID in the database it does not verify this commit! This commit is SUSPICIOUS.
GPG key ID: 0579CB2928A78A00
2 changed files with 7 additions and 4 deletions

View file

@ -46,8 +46,8 @@ func CreateRefComment(ctx context.Context, doer *user_model.User, repo *repo_mod
// CreateIssueComment creates a plain issue comment. // CreateIssueComment creates a plain issue comment.
func CreateIssueComment(ctx context.Context, doer *user_model.User, repo *repo_model.Repository, issue *issues_model.Issue, content string, attachments []string) (*issues_model.Comment, error) { func CreateIssueComment(ctx context.Context, doer *user_model.User, repo *repo_model.Repository, issue *issues_model.Issue, content string, attachments []string) (*issues_model.Comment, error) {
// Check if doer is blocked by the poster of the issue. // Check if doer is blocked by the poster of the issue or by the owner of the repository.
if user_model.IsBlocked(ctx, issue.PosterID, doer.ID) { if user_model.IsBlockedMultiple(ctx, []int64{issue.PosterID, repo.OwnerID}, doer.ID) {
return nil, user_model.ErrBlockedByUser return nil, user_model.ErrBlockedByUser
} }

View file

@ -168,6 +168,9 @@ func TestBlockActions(t *testing.T) {
repo7 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 7, OwnerID: blockedUser2.ID}) repo7 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 7, OwnerID: blockedUser2.ID})
issue4 := unittest.AssertExistsAndLoadBean(t, &issue_model.Issue{ID: 4, RepoID: repo2.ID}) issue4 := unittest.AssertExistsAndLoadBean(t, &issue_model.Issue{ID: 4, RepoID: repo2.ID})
issue4URL := fmt.Sprintf("/%s/issues/%d", repo2.FullName(), issue4.Index) issue4URL := fmt.Sprintf("/%s/issues/%d", repo2.FullName(), issue4.Index)
repo42 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 42, OwnerID: doer.ID})
issue10 := unittest.AssertExistsAndLoadBean(t, &issue_model.Issue{ID: 10, RepoID: repo42.ID}, unittest.Cond("poster_id != ?", doer.ID))
issue10URL := fmt.Sprintf("/%s/issues/%d", repo42.FullName(), issue10.Index)
// NOTE: Sessions shouldn't be shared, because in some situations flash // NOTE: Sessions shouldn't be shared, because in some situations flash
// messages are persistent and that would interfere with accurate test // messages are persistent and that would interfere with accurate test
// results. // results.
@ -206,8 +209,8 @@ func TestBlockActions(t *testing.T) {
session := loginUser(t, blockedUser.Name) session := loginUser(t, blockedUser.Name)
req := NewRequestWithValues(t, "POST", path.Join(issue4URL, "/comments"), map[string]string{ req := NewRequestWithValues(t, "POST", path.Join(issue10URL, "/comments"), map[string]string{
"_csrf": GetCSRF(t, session, issue4URL), "_csrf": GetCSRF(t, session, issue10URL),
"content": "Not a kind comment", "content": "Not a kind comment",
}) })
session.MakeRequest(t, req, http.StatusOK) session.MakeRequest(t, req, http.StatusOK)