diff options
| -rw-r--r-- | CHANGELOG.md | 2 | ||||
| -rwxr-xr-x | bin/oxfordshire/send-rdi-emails | 8 | ||||
| -rw-r--r-- | perllib/FixMyStreet/App/Controller/Admin.pm | 35 | ||||
| -rw-r--r-- | t/app/controller/admin.t | 43 | ||||
| -rw-r--r-- | templates/email/oxfordshire/rdi.txt | 7 | ||||
| -rw-r--r-- | templates/web/base/admin/report_blocks.html | 2 | ||||
| -rw-r--r-- | templates/web/base/admin/user-form.html | 6 | ||||
| -rw-r--r-- | templates/web/base/admin/users.html | 2 |
8 files changed, 91 insertions, 14 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 17db2f645..33a877d39 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,6 +23,7 @@ - Always allow reports to be removed from shortlist #1882 - Remove shortlist form from inspect duplicate list. - Fix pin size when JavaScript unavailable. + - Fix display of text only body contacts #1895 - Prevent text overflow bug on homepage stats #1722 - Admin improvements: - Character length limit can be placed on report detailed information #1848 @@ -33,6 +34,7 @@ - Marking an item as a duplicate enforces providing duplicate id or a public update #1873 - Report field pre-filling for inspectors configurable #1854 + - Admins can now unban users #1881 - UK: - Use SVG logo, inlined on front page. #1887 diff --git a/bin/oxfordshire/send-rdi-emails b/bin/oxfordshire/send-rdi-emails index 801c1a889..9cc3e5502 100755 --- a/bin/oxfordshire/send-rdi-emails +++ b/bin/oxfordshire/send-rdi-emails @@ -40,6 +40,12 @@ foreach my $inspector (@inspectors) { user => $inspector, mark_as_processed => 1, }; + my $email_params = { + start_date => $start_date, + end_date => $end_date, + user => $inspector, + staging_site => FixMyStreet->config('STAGING_SITE'), + }; my $rdi = FixMyStreet::Integrations::ExorRDI->new($params); try { my $hdrs = { @@ -58,7 +64,7 @@ foreach my $inspector (@inspectors) { my $result = FixMyStreet::Email::send_cron( FixMyStreet::DB->schema, - "rdi.txt", $params, $hdrs, + "rdi.txt", $email_params, $hdrs, undef, 0, $cobrand, ); if ($result) { diff --git a/perllib/FixMyStreet/App/Controller/Admin.pm b/perllib/FixMyStreet/App/Controller/Admin.pm index 453ebed82..27aeb9e5b 100644 --- a/perllib/FixMyStreet/App/Controller/Admin.pm +++ b/perllib/FixMyStreet/App/Controller/Admin.pm @@ -608,9 +608,12 @@ sub edit_body : Chained('body') : PathPart('') : Args(0) { $c->set_param('posted', ''); $c->forward('fetch_translations'); - $c->forward('fetch_contacts'); + # don't set this last as fetch_contacts might over-ride it + # to display email addresses as text $c->stash->{template} = 'admin/body.html'; + $c->forward('fetch_contacts'); + return 1; } @@ -1412,6 +1415,7 @@ sub user_edit : Path('user_edit') : Args(1) { } $c->stash->{user} = $user; + $c->forward( 'check_username_for_abuse', [ $user ] ); if ( $user->from_body && $c->user->has_permission_to('user_manage_permissions', $user->from_body->id) ) { $c->stash->{available_permissions} = $c->cobrand->available_permissions; @@ -1425,7 +1429,10 @@ sub user_edit : Path('user_edit') : Args(1) { '<p><em>' . $c->flash->{status_message} . '</em></p>'; } - if ( $c->get_param('submit') ) { + if ( $c->get_param('submit') and $c->get_param('unban') ) { + $c->forward('/auth/check_csrf_token'); + $c->forward('unban_user', [ $user ]); + } elsif ( $c->get_param('submit') ) { $c->forward('/auth/check_csrf_token'); my $edited = 0; @@ -1871,6 +1878,28 @@ sub ban_user : Private { return 1; } +sub unban_user : Private { + my ( $self, $c, $user ) = @_; + + my @username; + if ($user->email_verified && $user->email) { + push @username, $user->email; + } + if ($user->phone_verified && $user->phone) { + push @username, $user->phone; + } + if (@username) { + my $abuse = $c->model('DB::Abuse')->search({ email => \@username }); + if ( $abuse ) { + $abuse->delete; + $c->stash->{status_message} = _('user removed from abuse list'); + } else { + $c->stash->{status_message} = _('user not in abuse list'); + } + $c->stash->{username_in_abuse} = 0; + } +} + =head2 flag_user Sets the flag on a user @@ -1942,8 +1971,6 @@ sub check_username_for_abuse : Private { my $is_abuse = $c->model('DB::Abuse')->find({ email => [ $user->phone, $user->email ] }); $c->stash->{username_in_abuse} = 1 if $is_abuse; - - return 1; } =head2 rotate_photo diff --git a/t/app/controller/admin.t b/t/app/controller/admin.t index b4fb54686..3f69829f7 100644 --- a/t/app/controller/admin.t +++ b/t/app/controller/admin.t @@ -289,6 +289,7 @@ subtest 'check text output' => sub { $mech->get_ok('/admin/body/' . $body->id . '?text=1'); is $mech->content_type, 'text/plain'; $mech->content_contains('test category'); + $mech->content_lacks('<body'); }; @@ -740,13 +741,45 @@ subtest 'adding email to abuse list from report page' => sub { $mech->click_ok('banuser'); $mech->content_contains('User added to abuse list'); - $mech->content_contains('<small>(User in abuse table)</small>'); + $mech->content_contains('<small>User in abuse table</small>'); $abuse = FixMyStreet::App->model('DB::Abuse')->find( { email => $email } ); ok $abuse, 'entry created in abuse table'; $mech->get_ok( '/admin/report_edit/' . $report->id ); - $mech->content_contains('<small>(User in abuse table)</small>'); + $mech->content_contains('<small>User in abuse table</small>'); +}; + +subtest 'remove user from abuse list from edit user page' => sub { + my $abuse = FixMyStreet::App->model('DB::Abuse')->find_or_create( { email => $user->email } ); + $mech->get_ok( '/admin/user_edit/' . $user->id ); + $mech->content_contains('User in abuse table'); + + $mech->click_ok('unban'); + + $abuse = FixMyStreet::App->model('DB::Abuse')->find( { email => $user->email } ); + ok !$abuse, 'record removed from abuse table'; +}; + +subtest 'remove user with phone account from abuse list from edit user page' => sub { + my $abuse_user = $mech->create_user_ok('01234 456789'); + my $abuse = FixMyStreet::App->model('DB::Abuse')->find_or_create( { email => $abuse_user->phone } ); + $mech->get_ok( '/admin/user_edit/' . $abuse_user->id ); + $mech->content_contains('User in abuse table'); + my $abuse_found = FixMyStreet::App->model('DB::Abuse')->find( { email => $abuse_user->phone } ); + ok $abuse_found, 'user in abuse table'; + + $mech->click_ok('unban'); + + $abuse = FixMyStreet::App->model('DB::Abuse')->find( { email => $user->phone } ); + ok !$abuse, 'record removed from abuse table'; +}; + +subtest 'no option to remove user already in abuse list' => sub { + my $abuse = FixMyStreet::App->model('DB::Abuse')->find( { email => $user->email } ); + $abuse->delete if $abuse; + $mech->get_ok( '/admin/user_edit/' . $user->id ); + $mech->content_lacks('User in abuse table'); }; subtest 'flagging user from report page' => sub { @@ -1048,13 +1081,13 @@ subtest 'adding email to abuse list from update page' => sub { $mech->click_ok('banuser'); $mech->content_contains('User added to abuse list'); - $mech->content_contains('<small>(User in abuse table)</small>'); + $mech->content_contains('<small>User in abuse table</small>'); $abuse = FixMyStreet::App->model('DB::Abuse')->find( { email => $email } ); ok $abuse, 'entry created in abuse table'; $mech->get_ok( '/admin/update_edit/' . $update->id ); - $mech->content_contains('<small>(User in abuse table)</small>'); + $mech->content_contains('<small>User in abuse table</small>'); }; subtest 'flagging user from update page' => sub { @@ -1164,7 +1197,7 @@ subtest 'report search' => sub { subtest 'search abuse' => sub { $mech->get_ok( '/admin/users?search=example' ); - $mech->content_like(qr{test4\@example.com.*</td>\s*<td>.*?</td>\s*<td>\(User in abuse table}s); + $mech->content_like(qr{test4\@example.com.*</td>\s*<td>.*?</td>\s*<td>User in abuse table}s); }; subtest 'show flagged entries' => sub { diff --git a/templates/email/oxfordshire/rdi.txt b/templates/email/oxfordshire/rdi.txt index f12467d68..9dcf24186 100644 --- a/templates/email/oxfordshire/rdi.txt +++ b/templates/email/oxfordshire/rdi.txt @@ -1,8 +1,11 @@ -Subject: RDI report for [% user.name %] +Subject:[% IF staging_site %] [STAGING][% END %] RDI report for [% user.name %] Please find attached RDI file for [% start_date %] to [% end_date %]. - +[% IF staging_site %] +NB: This RDI file was generated on a staging site and is for testing +purposes only. +[% END %] ---- The mySociety team and Oxfordshire County Council diff --git a/templates/web/base/admin/report_blocks.html b/templates/web/base/admin/report_blocks.html index 8e8b56393..4c52b14bb 100644 --- a/templates/web/base/admin/report_blocks.html +++ b/templates/web/base/admin/report_blocks.html @@ -15,7 +15,7 @@ SET state_groups = c.cobrand.state_groups_admin; [% BLOCK abuse_button -%] [% IF allowed_pages.abuse_edit -%] -[% IF username_in_abuse %]<small>[% loc('(User in abuse table)') %]</small>[% ELSE %]<input type="submit" class="btn" name="banuser" value="[% loc('Ban user') %]" />[% END %] +[% IF username_in_abuse %]<small>[% loc('User in abuse table') %]</small>[% ELSE %]<input type="submit" class="btn" name="banuser" value="[% loc('Ban user') %]" />[% END %] [%- END %] [%- END %] diff --git a/templates/web/base/admin/user-form.html b/templates/web/base/admin/user-form.html index 5637252e2..7b27f7497 100644 --- a/templates/web/base/admin/user-form.html +++ b/templates/web/base/admin/user-form.html @@ -33,6 +33,12 @@ <input type="hidden" name="phone_verified" value="0"> [% END %] + [% IF username_in_abuse %] + <li> + <p class="error">[% loc('User in abuse table') %] <input name="unban" type="submit" value="[% loc('Unban') %]"></p> + </li> + [% END %] + [% IF c.user.is_superuser || c.cobrand.moniker == 'zurich' %] <li> <div class="admin-hint"> diff --git a/templates/web/base/admin/users.html b/templates/web/base/admin/users.html index d367c18d8..6dfcf4204 100644 --- a/templates/web/base/admin/users.html +++ b/templates/web/base/admin/users.html @@ -29,7 +29,7 @@ [% IF user.is_superuser %] * [% END %] </td> [% IF c.cobrand.moniker != 'zurich' %] - <td>[% user.flagged == 2 ? loc('(User in abuse table)') : user.flagged ? loc('Yes') : ' ' %]</td> + <td>[% user.flagged == 2 ? loc('User in abuse table') : user.flagged ? loc('Yes') : ' ' %]</td> [% END %] <td>[% IF user.id %]<a href="[% c.uri_for( 'user_edit', user.id ) %]">[% loc('Edit') %]</a>[% END %]</td> </tr> |