Merge branch 'rc/add_cc_validation_checkbox' into 'master'

Add cc validation checkbox to admin users panel See merge request gitlab-org/gitlab!62160

Merge branch 'rc/add_cc_validation_checkbox' into 'master'
Add cc validation checkbox to admin users panel See merge request gitlab-org/gitlab!62160
ab8f384c · Nick Thomas · e5c44a3c · 907b59ab · ab8f384c · ab8f384c
Commit ab8f384c authored May 24, 2021 by Nick Thomas
5 changed files
--- a/app/controllers/admin/users_controller.rb
+++ b/app/controllers/admin/users_controller.rb
@@ -209,6 +209,9 @@ class Admin::UsersController < Admin::ApplicationController
      user_params_with_pass.merge!(password_params)
    end
+    cc_validation_params = process_credit_card_validation_params(user_params_with_pass.delete(:credit_card_validation_attributes))
+    user_params_with_pass.merge!(cc_validation_params)
    respond_to do |format|
      result = Users::UpdateService.new(current_user, user_params_with_pass.merge(user: user)).execute do |user|
        user.skip_reconfirmation!
@@ -253,6 +256,27 @@ class Admin::UsersController < Admin::ApplicationController
  protected
+  def process_credit_card_validation_params(cc_validation_params)
+    return unless cc_validation_params && cc_validation_params[:credit_card_validated_at]
+    cc_validation = cc_validation_params[:credit_card_validated_at]
+    if cc_validation == "1" && !user.credit_card_validated_at
+      {
+        credit_card_validation_attributes: {
+          credit_card_validated_at: Time.zone.now
+        }
+      }
+    elsif cc_validation == "0" && user.credit_card_validated_at
+      {
+        credit_card_validation_attributes: {
+          _destroy: true
+        }
+      }
+    end
+  end
  def paginate_without_count?
    counts = Gitlab::Database::Count.approximate_counts([User])
@@ -330,7 +354,8 @@ class Admin::UsersController < Admin::ApplicationController
      :twitter,
      :username,
      :website_url,
-      :note
+      :note,
+      credit_card_validation_attributes: [:credit_card_validated_at]
    ]
  end

--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -321,7 +321,7 @@ class User < ApplicationRecord
  accepts_nested_attributes_for :user_preference, update_only: true
  accepts_nested_attributes_for :user_detail, update_only: true
-  accepts_nested_attributes_for :credit_card_validation, update_only: true
+  accepts_nested_attributes_for :credit_card_validation, update_only: true, allow_destroy: true
  state_machine :state, initial: :active do
    event :block do

--- a/app/views/admin/users/_access_levels.html.haml
+++ b/app/views/admin/users/_access_levels.html.haml
@@ -48,3 +48,17 @@
      %row.hidden#warning_external_automatically_set.hidden
        .badge.badge-warning.text-white
          = s_('AdminUsers|Automatically marked as default internal user')
+  .form-group.row
+    - @user.credit_card_validation || @user.build_credit_card_validation
+    = f.fields_for :credit_card_validation do |ff|
+      .col-sm-2.col-form-label.gl-pt-0
+        = ff.label s_("AdminUsers|Validate user account")
+      .col-sm-10.gl-display-flex.gl-align-items-baseline
+        = ff.check_box :credit_card_validated_at, checked: @user.credit_card_validated_at.present?
+        .gl-pl-2
+          .light
+            = s_('AdminUsers|User is validated and can use free CI minutes on shared runners.')
+          .gl-text-gray-600
+            = s_('AdminUsers|A user can validate themselves by inputting a credit/debit card, or an admin can manually validate a user.')
--- a/locale/gitlab.pot
+++ b/locale/gitlab.pot
@@ -2461,6 +2461,9 @@ msgstr ""
 msgid "AdminUsers|2FA Enabled"
 msgstr ""
+msgid "AdminUsers|A user can validate themselves by inputting a credit/debit card, or an admin can manually validate a user."
+msgstr ""
 msgid "AdminUsers|Access"
 msgstr ""
@@ -2719,6 +2722,9 @@ msgstr ""
 msgid "AdminUsers|Unlock user %{username}?"
 msgstr ""
+msgid "AdminUsers|User is validated and can use free CI minutes on shared runners."
+msgstr ""
 msgid "AdminUsers|User will be blocked"
 msgstr ""
@@ -2734,6 +2740,9 @@ msgstr ""
 msgid "AdminUsers|Users can still be invited to your instance and/or add themselves if permitted based on your settings. They will not have access to your instance, nor count towards your subscribed seat count until you %{approve_link}."
 msgstr ""
+msgid "AdminUsers|Validate user account"
+msgstr ""
 msgid "AdminUsers|View pending member requests"
 msgstr ""

--- a/spec/controllers/admin/users_controller_spec.rb
+++ b/spec/controllers/admin/users_controller_spec.rb
@@ -651,6 +651,95 @@ RSpec.describe Admin::UsersController do
        expect { post :update, params: params }.to change { user.reload.note }.to(note)
      end
    end
+    context 'when updating credit card validation for user account' do
+      let(:params) do
+        {
+          id: user.to_param,
+          user: user_params
+        }
+      end
+      shared_examples 'no credit card validation param' do
+        let(:user_params) { { name: 'foo' } }
+        it 'does not change credit card validation' do
+          expect { post :update, params: params }.not_to change(Users::CreditCardValidation, :count)
+        end
+      end
+      context 'when user has a credit card validation' do
+        before do
+          user.create_credit_card_validation!(credit_card_validated_at: Time.zone.now)
+        end
+        context 'with unchecked credit card validation' do
+          let(:user_params) do
+            { credit_card_validation_attributes: { credit_card_validated_at: '0' } }
+          end
+          it 'deletes credit_card_validation' do
+            expect { post :update, params: params }.to change { Users::CreditCardValidation.count }.by(-1)
+          end
+        end
+        context 'with checked credit card validation' do
+          let(:user_params) do
+            { credit_card_validation_attributes: { credit_card_validated_at: '1' } }
+          end
+          it 'does not change credit_card_validated_at' do
+            expect { post :update, params: params }.not_to change { user.credit_card_validated_at }
+          end
+        end
+        it_behaves_like 'no credit card validation param'
+      end
+      context 'when user does not have a credit card validation' do
+        context 'with checked credit card validation' do
+          let(:user_params) do
+            { credit_card_validation_attributes: { credit_card_validated_at: '1' } }
+          end
+          it 'creates new credit card validation' do
+            expect { post :update, params: params }.to change { Users::CreditCardValidation.count }.by 1
+          end
+        end
+        context 'with unchecked credit card validation' do
+          let(:user_params) do
+            { credit_card_validation_attributes: { credit_card_validated_at: '0' } }
+          end
+          it 'does not blow up' do
+            expect { post :update, params: params }.not_to change(Users::CreditCardValidation, :count)
+          end
+        end
+        it_behaves_like 'no credit card validation param'
+      end
+      context 'invalid parameters' do
+        let(:user_params) do
+          { credit_card_validation_attributes: { credit_card_validated_at: Time.current.iso8601 } }
+        end
+        it_behaves_like 'no credit card validation param'
+      end
+      context 'with non permitted params' do
+        let(:user_params) do
+          { credit_card_validation_attributes: { _destroy: true } }
+        end
+        before do
+          user.create_credit_card_validation!(credit_card_validated_at: Time.zone.now)
+        end
+        it_behaves_like 'no credit card validation param'
+      end
+    end
  end
  describe "DELETE #remove_email" do