Merge branch 'report-spam'

dcb0bf0d · Dmitriy Zaporozhets · 69f0defc · 485b9efe · dcb0bf0d · dcb0bf0d
Commit dcb0bf0d authored Aug 06, 2015 by Dmitriy Zaporozhets
19 changed files
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -40,6 +40,7 @@ v 7.14.0 (unreleased)

 v 7.13.3
  - Fix bug causing Bitbucket importer to crash when OAuth application had been removed.
+  - Allow users to send abuse reports

 v 7.13.2
  - Fix randomly failed spec

--- a/app/controllers/abuse_reports_controller.rb
+++ b/app/controllers/abuse_reports_controller.rb
+class AbuseReportsController < ApplicationController
+  def new
+    @abuse_report = AbuseReport.new
+    @abuse_report.user_id = params[:user_id]
+  end
+
+  def create
+    @abuse_report = AbuseReport.new(report_params)
+    @abuse_report.reporter = current_user
+
+    if @abuse_report.save
+      message = "Thank you for your report. A GitLab administrator will look into it shortly."
+      redirect_to root_path, notice: message
+    else
+      render :new
+    end
+  end
+
+  private
+
+  def report_params
+    params.require(:abuse_report).permit(:user_id, :message)
+  end
+end
--- a/app/controllers/admin/abuse_reports_controller.rb
+++ b/app/controllers/admin/abuse_reports_controller.rb
+class Admin::AbuseReportsController < Admin::ApplicationController
+  def index
+    @abuse_reports = AbuseReport.order(id: :desc).page(params[:page])
+  end
+
+  def destroy
+    AbuseReport.find(params[:id]).destroy
+
+    redirect_to admin_abuse_reports_path, notice: 'Report was removed'
+  end
+end
--- a/app/models/abuse_report.rb
+++ b/app/models/abuse_report.rb
+class AbuseReport < ActiveRecord::Base
+  belongs_to :reporter, class_name: "User"
+  belongs_to :user
+
+  validates :reporter, presence: true
+  validates :user, presence: true
+  validates :message, presence: true
+  validates :user_id, uniqueness: { scope: :reporter_id }
+end
--- a/app/views/abuse_reports/new.html.haml
+++ b/app/views/abuse_reports/new.html.haml
+- page_title "Report abuse"
+%h3.page-title Report abuse
+%p Please use this form to report users who create spam issues or comments or who otherwise behave inappropriately.
+%hr
+= form_for @abuse_report, html: { class: 'form-horizontal'} do |f|
+  = f.hidden_field :user_id
+  - if @abuse_report.errors.any?
+    .alert.alert-danger
+      - @abuse_report.errors.full_messages.each do |msg|
+        %p= msg
+  .form-group
+    = f.label :user_id, class: 'control-label'
+    .col-sm-10
+      - name = "#{@abuse_report.user.name} (@#{@abuse_report.user.username})"
+      = text_field_tag :user_name, name, class: "form-control", readonly: true
+  .form-group
+    = f.label :message, class: 'control-label'
+    .col-sm-10
+      = f.text_area :message, class: "form-control", rows: 2, required: true
+      .help-block
+        Explain the problem with this user. If appropriate, provide a link to the relevant issue or comment.
+
+  .form-actions
+    = f.submit "Send report", class: "btn btn-create"
--- a/app/views/admin/abuse_reports/_abuse_report.html.haml
+++ b/app/views/admin/abuse_reports/_abuse_report.html.haml
+- reporter = abuse_report.reporter
+- user = abuse_report.user
+%tr
+  %td
+    - if reporter
+      = link_to reporter.name, [:admin, reporter]
+    - else
+      (removed)
+  %td
+    = abuse_report.created_at.to_s(:short)
+  %td
+    = abuse_report.message
+  %td
+    - if user
+      = link_to user.name, [:admin, user]
+    - else
+      (removed)
+  %td
+    - if user
+      = link_to 'Block', block_admin_user_path(user), data: {confirm: 'USER WILL BE BLOCKED! Are you sure?'}, method: :put, class: "btn btn-xs btn-warning"
+      = link_to 'Remove user', [:admin, user], data: { confirm: "USER #{user.name} WILL BE REMOVED! Are you sure?" }, method: :delete, class: "btn btn-xs btn-remove"
+  %td
+    = link_to 'Remove report', [:admin, abuse_report], method: :delete, class: "btn btn-xs btn-close"
--- a/app/views/admin/abuse_reports/index.html.haml
+++ b/app/views/admin/abuse_reports/index.html.haml
+- page_title "Abuse Reports"
+%h3.page-title Abuse Reports
+%hr
+- if @abuse_reports.present?
+  %table.table
+    %thead
+      %tr
+        %th Reported by
+        %th Reported at
+        %th Message
+        %th User
+        %th
+        %th
+    = render @abuse_reports
+  = paginate @abuse_reports
+- else
+  %h4 There are no abuse reports
--- a/app/views/layouts/nav/_admin.html.haml
+++ b/app/views/layouts/nav/_admin.html.haml
@@ -57,6 +57,13 @@
      %span
        Service Templates

+  = nav_link(controller: :abuse_reports) do
+    = link_to admin_abuse_reports_path, title: "Abuse reports" do
+      = icon('exclamation-circle fw')
+      %span
+        Abuse Reports
+        %span.count= AbuseReport.count(:all)
+
  = nav_link(controller: :application_settings, html_options: { class: 'separate-item'}) do
    = link_to admin_application_settings_path, title: 'Settings', data: {placement: 'right'} do
      = icon('cogs fw')

--- a/app/views/users/show.html.haml
+++ b/app/views/users/show.html.haml
@@ -18,6 +18,16 @@
            = link_to profile_path, class: 'btn btn-sm' do
              %i.fa.fa-pencil-square-o
              Edit Profile settings
+        - elsif current_user
+          .pull-right
+            %span.dropdown
+              %a.light.dropdown-toggle.btn.btn-sm{href: '#', "data-toggle" => "dropdown"}
+                = icon('exclamation-circle')
+              %ul.dropdown-menu.dropdown-menu-right
+                %li
+                  = link_to new_abuse_report_path(user_id: @user.id) do
+                    Report abuse
+
      .username
        @#{@user.username}
      .description

--- a/config/routes.rb
+++ b/config/routes.rb
@@ -65,6 +65,9 @@ Gitlab::Application.routes.draw do
    end
  end

+  # Spam reports
+  resources :abuse_reports, only: [:new, :create]
+
  #
  # Import
  #
@@ -165,6 +168,7 @@ Gitlab::Application.routes.draw do
      end
    end

+    resources :abuse_reports, only: [:index, :destroy]
    resources :applications

    resources :groups, constraints: { id: /[^\/]+/ } do

--- a/db/migrate/20150806104937_create_abuse_reports.rb
+++ b/db/migrate/20150806104937_create_abuse_reports.rb
+class CreateAbuseReports < ActiveRecord::Migration
+  def change
+    create_table :abuse_reports do |t|
+      t.integer :reporter_id
+      t.integer :user_id
+      t.text :message
+
+      t.timestamps
+    end
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,11 +11,19 @@
 #
 # It's strongly recommended that you check this file into your version control system.

-ActiveRecord::Schema.define(version: 20150717130904) do
+ActiveRecord::Schema.define(version: 20150806104937) do

  # These are extensions that must be enabled in order to support this database
  enable_extension "plpgsql"

+  create_table "abuse_reports", force: true do |t|
+    t.integer  "reporter_id"
+    t.integer  "user_id"
+    t.text     "message"
+    t.datetime "created_at"
+    t.datetime "updated_at"
+  end
+
  create_table "application_settings", force: true do |t|
    t.integer  "default_projects_limit"
    t.boolean  "signup_enabled"

--- a/features/abuse_report.feature
+++ b/features/abuse_report.feature
+Feature: Abuse reports
+  Background:
+    Given I sign in as a user
+    And user "Mike" exists
+
+  Scenario: Report abuse
+    Given I visit "Mike" user page
+    And I click "Report abuse" button
+    When I fill and submit abuse form
+    Then I should see success message
--- a/features/admin/abuse_report.feature
+++ b/features/admin/abuse_report.feature
+Feature: Admin Abuse reports
+  Background:
+    Given I sign in as an admin
+    And abuse reports exist
+
+  Scenario: Browse abuse reports
+    When I visit abuse reports page
+    Then I should see list of abuse reports
--- a/features/steps/abuse_reports.rb
+++ b/features/steps/abuse_reports.rb
+class Spinach::Features::AbuseReports < Spinach::FeatureSteps
+  include SharedAuthentication
+
+  step 'I visit "Mike" user page' do
+    visit user_path(user_mike)
+  end
+
+  step 'I click "Report abuse" button' do
+    click_link 'Report abuse'
+  end
+
+  step 'I fill and submit abuse form' do
+    fill_in 'abuse_report_message', with: 'This user send spam'
+    click_button 'Send report'
+  end
+
+  step 'I should see success message' do
+    page.should have_content 'Thank you for your report'
+  end
+
+  step 'user "Mike" exists' do
+    user_mike
+  end
+
+  def user_mike
+    @user_mike ||= create(:user, name: 'Mike')
+  end
+end
--- a/features/steps/admin/abuse_reports.rb
+++ b/features/steps/admin/abuse_reports.rb
+class Spinach::Features::AdminAbuseReports < Spinach::FeatureSteps
+  include SharedAuthentication
+  include SharedPaths
+  include SharedAdmin
+
+  step 'I should see list of abuse reports' do
+    page.should have_content("Abuse Reports")
+    page.should have_content AbuseReport.first.message
+    page.should have_link("Remove user")
+  end
+
+  step 'abuse reports exist' do
+    create(:abuse_report)
+  end
+end
--- a/features/steps/shared/paths.rb
+++ b/features/steps/shared/paths.rb
@@ -139,6 +139,10 @@ module SharedPaths
    visit admin_root_path
  end

+  step 'I visit abuse reports page' do
+    visit admin_abuse_reports_path
+  end
+
  step 'I visit admin projects page' do
    visit admin_namespaces_projects_path
  end

--- a/spec/factories/abuse_reports.rb
+++ b/spec/factories/abuse_reports.rb
+# Read about factories at https://github.com/thoughtbot/factory_girl
+
+FactoryGirl.define do
+  factory :abuse_report do
+    reporter factory: :user
+    user
+    message 'User sends spam'
+  end
+end
--- a/spec/models/abuse_report_spec.rb
+++ b/spec/models/abuse_report_spec.rb
+require 'rails_helper'
+
+RSpec.describe AbuseReport, type: :model do
+  subject { create(:abuse_report) }
+
+  it { expect(subject).to be_valid }
+end