Disable profile_photo file field if user is banned

Stops the user editing their profile photo if they have been banned. https://www.righttoknow.org.au/ reported that spam accounts were being created and even though the user accounts were getting banned, the spam user/bots couls still edit the about me field to propagate more spam. This prevents the profile photo being modified so that they cannot add offensive images.
author: Gareth Rees <gareth@mysociety.org> 2015-02-18 15:25:39 +0000
committer: Gareth Rees <gareth@mysociety.org> 2015-02-24 13:23:17 +0000
commit: 8341ff286c42cc09dfd56d3f76521375ee4d0219 (patch)
tree: 487a10eedb3b81ba30fdfbc2bcd65eb32b864e32
parent: 782ea13f061f57563a9671894035bc91baef10ab (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/app/views/user/set_draft_profile_photo.html.erb b/app/views/user/set_draft_profile_photo.html.erb
index b4bdd80f3..ba44f54f4 100644
--- a/app/views/user/set_draft_profile_photo.html.erb
+++ b/app/views/user/set_draft_profile_photo.html.erb
@@ -11,7 +11,9 @@
 <%= form_tag 'set_photo', :id => 'set_draft_profile_photo_form', :multipart => true do %>
     <p>
 	    <label class="form_label" for="file_1"><%= _('Photo of you:')%></label>
-        <%= file_field_tag :file, :size => 35, :id => 'file_1' %>
+      <% file_opts = { :size => 35, :id => 'file_1' } %>
+      <% file_opts.merge!({ :disabled => true }) if @user.banned? %>
+      <%= file_field_tag :file, file_opts %>
     </p>
 
 <ul>
author	Gareth Rees <gareth@mysociety.org>	2015-02-18 15:25:39 +0000
committer	Gareth Rees <gareth@mysociety.org>	2015-02-24 13:23:17 +0000
commit	8341ff286c42cc09dfd56d3f76521375ee4d0219 (patch)
tree	487a10eedb3b81ba30fdfbc2bcd65eb32b864e32
parent	782ea13f061f57563a9671894035bc91baef10ab (diff)