diff --git a/app/assets/stylesheets/moderation/users/index.scss b/app/assets/stylesheets/moderation/users/index.scss index aab07125c..47471d2d5 100644 --- a/app/assets/stylesheets/moderation/users/index.scss +++ b/app/assets/stylesheets/moderation/users/index.scss @@ -7,4 +7,12 @@ .table-actions { justify-content: flex-end; } + + .soft-block-link { + @include hollow-button($color-warning); + } + + .hide-link { + @include hollow-button($alert-color); + } } diff --git a/app/controllers/moderation/users_controller.rb b/app/controllers/moderation/users_controller.rb index b53dbd722..3466e695c 100644 --- a/app/controllers/moderation/users_controller.rb +++ b/app/controllers/moderation/users_controller.rb @@ -6,6 +6,12 @@ class Moderation::UsersController < Moderation::BaseController def index end + def soft_block + soft_block_user + + redirect_with_query_params_to({ action: :index }, { notice: I18n.t("moderation.users.notice_soft_hide") }) + end + def hide block_user @@ -18,6 +24,11 @@ class Moderation::UsersController < Moderation::BaseController @users = User.with_hidden.search(params[:search]).page(params[:page]).for_render end + def soft_block_user + @user.hide + Activity.log(current_user, :soft_block, @user) + end + def block_user @user.block Activity.log(current_user, :block, @user) diff --git a/app/models/abilities/moderation.rb b/app/models/abilities/moderation.rb index bda41b203..9c6cd3857 100644 --- a/app/models/abilities/moderation.rb +++ b/app/models/abilities/moderation.rb @@ -47,6 +47,9 @@ module Abilities can :hide, User cannot :hide, User, id: user.id + can :soft_block, User + cannot :soft_block, User, id: user.id + can :block, User cannot :block, User, id: user.id diff --git a/app/models/activity.rb b/app/models/activity.rb index 3accc495b..864ef0e5b 100644 --- a/app/models/activity.rb +++ b/app/models/activity.rb @@ -2,7 +2,7 @@ class Activity < ApplicationRecord belongs_to :actionable, -> { with_hidden }, polymorphic: true belongs_to :user, -> { with_hidden }, inverse_of: :activities - VALID_ACTIONS = %w[hide block restore valuate email].freeze + VALID_ACTIONS = %w[hide soft_block block restore valuate email].freeze validates :action, inclusion: { in: VALID_ACTIONS } diff --git a/app/views/moderation/users/index.html.erb b/app/views/moderation/users/index.html.erb index 9068d0505..56d15acd0 100644 --- a/app/views/moderation/users/index.html.erb +++ b/app/views/moderation/users/index.html.erb @@ -22,12 +22,8 @@ <%= t("moderation.users.index.hidden") %> <% else %> <%= render Admin::TableActionsComponent.new(user, actions: []) do |actions| %> - <%= actions.action( - :hide, - text: t("moderation.users.index.hide"), - method: :put, - class: "button hollow alert" - ) %> + <%= actions.action(:soft_block, text: t("moderation.users.index.soft_hide"), method: :put) %> + <%= actions.action(:hide, text: t("moderation.users.index.hide"), method: :put) %> <% end %> <% end %> diff --git a/config/locales/en/moderation.yml b/config/locales/en/moderation.yml index 7f3b8d83c..63c834fcd 100644 --- a/config/locales/en/moderation.yml +++ b/config/locales/en/moderation.yml @@ -104,5 +104,7 @@ en: hidden: Blocked hide: Block search_placeholder: email or name of user + soft_hide: Soft Block title: Block users notice_hide: User blocked. All of this user's debates and comments have been hidden. + notice_soft_hide: User blocked. All ot this user's debates and comments are still available. diff --git a/config/locales/es/moderation.yml b/config/locales/es/moderation.yml index 1cc2f47d0..2fff7b996 100644 --- a/config/locales/es/moderation.yml +++ b/config/locales/es/moderation.yml @@ -104,5 +104,7 @@ es: hidden: Bloqueado hide: Bloquear search_placeholder: email o nombre de usuario + soft_hide: Ocultar title: Bloquear usuarios notice_hide: Usuario bloqueado. Se han ocultado todos sus debates y comentarios. + notice_soft_hide: Usuario bloqueado. Todos sus debates y comentarios siguen disponibles. diff --git a/config/routes/moderation.rb b/config/routes/moderation.rb index e28f28336..009d9484a 100644 --- a/config/routes/moderation.rb +++ b/config/routes/moderation.rb @@ -4,6 +4,7 @@ namespace :moderation do resources :users, only: :index do member do put :hide + put :soft_block end end diff --git a/spec/controllers/moderation/users_controller_spec.rb b/spec/controllers/moderation/users_controller_spec.rb index f4818f0eb..59d2e7f41 100644 --- a/spec/controllers/moderation/users_controller_spec.rb +++ b/spec/controllers/moderation/users_controller_spec.rb @@ -30,4 +30,14 @@ describe Moderation::UsersController do expect(response).to redirect_to budget_investments_path(investment.budget) end end + + describe "PUT soft_block" do + it "keeps query parameters while using protected redirects" do + user = create(:user, email: "user@consul.dev") + + get :soft_block, params: { id: user, name_or_email: "user@consul.dev", host: "evil.dev" } + + expect(response).to redirect_to "/moderation/users?name_or_email=user%40consul.dev" + end + end end diff --git a/spec/models/abilities/moderator_spec.rb b/spec/models/abilities/moderator_spec.rb index 9f3cb14dc..508d268f0 100644 --- a/spec/models/abilities/moderator_spec.rb +++ b/spec/models/abilities/moderator_spec.rb @@ -90,6 +90,9 @@ describe Abilities::Moderator do it { should_not be_able_to(:hide, user) } it { should be_able_to(:hide, other_user) } + it { should_not be_able_to(:soft_block, user) } + it { should be_able_to(:soft_block, other_user) } + it { should_not be_able_to(:block, user) } it { should be_able_to(:block, other_user) }