From 362a7b967819ca0a58dd251ab77842ab18aa7f64 Mon Sep 17 00:00:00 2001
From: Gareth Rees <gareth@mysociety.org>
Date: Wed, 18 Feb 2015 14:43:58 +0000
Subject: Add specs to AboutMeValidator

---
 app/controllers/user_controller.rb | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'app/controllers/user_controller.rb')

diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index 56f42891d..32b6978ea 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -569,6 +569,12 @@ class UserController < ApplicationController
             return
         end
 
+        if @user.banned?
+          flash[:error] = _('Banned users cannot edit their profile')
+          redirect_to set_profile_about_me_path
+          return
+        end
+
         @about_me = AboutMeValidator.new(params[:about_me])
         if !@about_me.valid?
             render :action => 'set_profile_about_me'
-- 
cgit v1.2.3


From d8b9ea8bfe9fdf534504044774f0dcdb4bba20f2 Mon Sep 17 00:00:00 2001
From: Gareth Rees <gareth@mysociety.org>
Date: Wed, 18 Feb 2015 15:37:11 +0000
Subject: Fully prevent banned users editing their photo

---
 app/controllers/user_controller.rb | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'app/controllers/user_controller.rb')

diff --git a/app/controllers/user_controller.rb b/app/controllers/user_controller.rb
index 32b6978ea..d66b4aa8e 100644
--- a/app/controllers/user_controller.rb
+++ b/app/controllers/user_controller.rb
@@ -460,6 +460,12 @@ class UserController < ApplicationController
             return
         end
         if !params[:submitted_draft_profile_photo].nil?
+            if @user.banned?
+              flash[:error]= _('Banned users cannot edit their profile')
+              redirect_to set_profile_photo_path
+              return
+            end
+
             # check for uploaded image
             file_name = nil
             file_content = nil
-- 
cgit v1.2.3