diff --git a/app/services/users/update_service.rb b/app/services/users/update_service.rb index ac20473b6eb34ff5317bec6c14ce061b95b61b56..866eb070913b2f1584a16d0df5b8b79b4f9d5838 100644 --- a/app/services/users/update_service.rb +++ b/app/services/users/update_service.rb @@ -7,16 +7,32 @@ module Users @params = params.dup end - def execute(skip_authorization: false) - raise Gitlab::Access::AccessDeniedError unless skip_authorization || can_update_user? + def execute(skip_authorization: false, &block) + assign_attributes(skip_authorization, &block) - if @user.update_attributes(params) + if @user.save success else - error('Project could not be updated') + error('User could not be updated') end end + def execute!(skip_authorization: false, &block) + assign_attributes(skip_authorization, &block) + + @user.save! + end + + private + + def assign_attributes(skip_authorization, &block) + raise Gitlab::Access::AccessDeniedError unless skip_authorization || can_update_user? + + yield(@user) if block_given? + + @user.assign_attributes(params) if params.any? + end + def can_update_user? current_user == @user || current_user&.admin? end diff --git a/lib/gitlab/o_auth/user.rb b/lib/gitlab/o_auth/user.rb index 7307f8c2c871156a49d30832b9e7c87c6a43b9c1..8f37f96dcabc8b439c784a357bafbc36c858cee2 100644 --- a/lib/gitlab/o_auth/user.rb +++ b/lib/gitlab/o_auth/user.rb @@ -32,7 +32,7 @@ module Gitlab block_after_save = needs_blocking? - gl_user.save! + Users::UpdateService.new(gl_user, gl_user).execute! gl_user.block if block_after_save diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb index 25ce545a1d74ab361b85a7710530f6b85e24430b..89b0eef6ae1fae862f3749b7778539106aa16dac 100644 --- a/spec/models/user_spec.rb +++ b/spec/models/user_spec.rb @@ -1900,7 +1900,6 @@ describe User, models: true do end end - describe 'audit changes' do let!(:user) { create(:user) }