git724/forgejo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 8

feat: don't allow blocking the doer

Browse source 
- In the case of organization blocking users, disallow blocking the doer.
- Resolves #5390
- Added integration test.
This commit is contained in:
Gusted 2024-12-30 00:09:07 +01:00
parent d071c09bf7
commit e14f2d0c84
No known key found for this signature in database
GPG key ID: FD821B732837125F
3 changed files with 21 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

14
tests/integration/block_test.go
View file

@ -147,6 +147,20 @@ func TestBlockUserFromOrganization(t *testing.T) {
session.MakeRequest(t, req, http.StatusInternalServerError)
})
})
t.Run("Block the doer", func(t *testing.T) {
defer tests.PrintCurrentTest(t)()
req := NewRequestWithValues(t, "POST", org.OrganisationLink()+"/settings/blocked_users/block", map[string]string{
"_csrf": GetCSRF(t, session, org.OrganisationLink()+"/settings/blocked_users"),
"uname": doer.Name,
})
session.MakeRequest(t, req, http.StatusSeeOther)
assert.False(t, unittest.BeanExists(t, &user_model.BlockedUser{BlockID: doer.ID, UserID: org.ID}))
flashCookie := session.GetCookie(forgejo_context.CookieNameFlash)
assert.NotNil(t, flashCookie)
assert.EqualValues(t, "error%3DYou%2Bcannot%2Bblock%2Byourself.", flashCookie.Value)
})
}
// TestBlockActions ensures that certain actions cannot be performed as a doer