[MODERATION] Block issue creation when blocked by repo owner (squash)

- Block the creation of a issue if the user is blocked by the repository owner.
- Fix integration tests (This should ideally in the future all be
self-created fixtures instead of relying on the existing ones as a small
condition can make the tests be inaccurate).

(cherry picked from commit 88d3ee333a)
(cherry picked from commit 146c82d232)
(cherry picked from commit d9dc25d038)
(cherry picked from commit cd1eadd923)
This commit is contained in:
Gusted 2023-12-29 15:35:08 +01:00 committed by Earl Warren
parent d6d98d001f
commit 40a8584bbb
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00
2 changed files with 7 additions and 4 deletions

View file

@ -46,8 +46,8 @@ func CreateRefComment(ctx context.Context, doer *user_model.User, repo *repo_mod
// CreateIssueComment creates a plain issue comment.
func CreateIssueComment(ctx context.Context, doer *user_model.User, repo *repo_model.Repository, issue *issues_model.Issue, content string, attachments []string) (*issues_model.Comment, error) {
// Check if doer is blocked by the poster of the issue.
if user_model.IsBlocked(ctx, issue.PosterID, doer.ID) {
// Check if doer is blocked by the poster of the issue or by the owner of the repository.
if user_model.IsBlockedMultiple(ctx, []int64{issue.PosterID, repo.OwnerID}, doer.ID) {
return nil, user_model.ErrBlockedByUser
}

View file

@ -168,6 +168,9 @@ func TestBlockActions(t *testing.T) {
repo7 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 7, OwnerID: blockedUser2.ID})
issue4 := unittest.AssertExistsAndLoadBean(t, &issue_model.Issue{ID: 4, RepoID: repo2.ID})
issue4URL := fmt.Sprintf("/%s/issues/%d", repo2.FullName(), issue4.Index)
repo42 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 42, OwnerID: doer.ID})
issue10 := unittest.AssertExistsAndLoadBean(t, &issue_model.Issue{ID: 10, RepoID: repo42.ID}, unittest.Cond("poster_id != ?", doer.ID))
issue10URL := fmt.Sprintf("/%s/issues/%d", repo42.FullName(), issue10.Index)
// NOTE: Sessions shouldn't be shared, because in some situations flash
// messages are persistent and that would interfere with accurate test
// results.
@ -206,8 +209,8 @@ func TestBlockActions(t *testing.T) {
session := loginUser(t, blockedUser.Name)
req := NewRequestWithValues(t, "POST", path.Join(issue4URL, "/comments"), map[string]string{
"_csrf": GetCSRF(t, session, issue4URL),
req := NewRequestWithValues(t, "POST", path.Join(issue10URL, "/comments"), map[string]string{
"_csrf": GetCSRF(t, session, issue10URL),
"content": "Not a kind comment",
})
session.MakeRequest(t, req, http.StatusOK)