From cba7f20dc8614d12e3eeda6e14f454aeb22b9b54 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Thu, 6 Aug 2015 14:03:27 +0200 Subject: Allow users to send abuse reports Signed-off-by: Dmitriy Zaporozhets --- CHANGELOG | 1 + app/controllers/abuse_reports_controller.rb | 23 ++++++++++++++++++ app/models/abuse_report.rb | 9 +++++++ app/views/abuse_reports/new.html.haml | 29 +++++++++++++++++++++++ app/views/users/show.html.haml | 10 ++++++++ config/routes.rb | 3 +++ db/migrate/20150806104937_create_abuse_reports.rb | 11 +++++++++ db/schema.rb | 10 +++++++- spec/factories/abuse_reports.rb | 9 +++++++ spec/models/abuse_report_spec.rb | 7 ++++++ 10 files changed, 111 insertions(+), 1 deletion(-) create mode 100644 app/controllers/abuse_reports_controller.rb create mode 100644 app/models/abuse_report.rb create mode 100644 app/views/abuse_reports/new.html.haml create mode 100644 db/migrate/20150806104937_create_abuse_reports.rb create mode 100644 spec/factories/abuse_reports.rb create mode 100644 spec/models/abuse_report_spec.rb diff --git a/CHANGELOG b/CHANGELOG index 943e4e8c586..0ee85090fdf 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -34,6 +34,7 @@ v 7.14.0 (unreleased) - Add support for CI skipped status - Fetch code from forks to refs/merge-requests/:id/head when merge request created - Remove satellites + - Allow users to send abuse reports v 7.13.2 - Fix randomly failed spec diff --git a/app/controllers/abuse_reports_controller.rb b/app/controllers/abuse_reports_controller.rb new file mode 100644 index 00000000000..757be5ef727 --- /dev/null +++ b/app/controllers/abuse_reports_controller.rb @@ -0,0 +1,23 @@ +class AbuseReportsController < ApplicationController + def new + @abuse_report = AbuseReport.new + @abuse_report.user_id = params[:user_id] + end + + def create + @abuse_report = AbuseReport.new(report_params) + @abuse_report.reporter = current_user + + if @abuse_report.save + redirect_to root_path, notice: 'Thank you for report. GitLab administrator will be able to see it' + else + render :new + end + end + + private + + def report_params + params.require(:abuse_report).permit(:user_id, :message) + end +end diff --git a/app/models/abuse_report.rb b/app/models/abuse_report.rb new file mode 100644 index 00000000000..c8c39db11bc --- /dev/null +++ b/app/models/abuse_report.rb @@ -0,0 +1,9 @@ +class AbuseReport < ActiveRecord::Base + belongs_to :reporter, class_name: "User" + belongs_to :user + + validates :reporter, presence: true + validates :user, presence: true + validates :message, presence: true + validates :user_id, uniqueness: { scope: :reporter_id } +end diff --git a/app/views/abuse_reports/new.html.haml b/app/views/abuse_reports/new.html.haml new file mode 100644 index 00000000000..736456b67ba --- /dev/null +++ b/app/views/abuse_reports/new.html.haml @@ -0,0 +1,29 @@ +- page_title "Report abuse" +%h3.page-title Report abuse +%p Please use this form if user makes spam or inappropriate content +%hr += form_for @abuse_report, html: { class: 'form-horizontal'} do |f| + = f.hidden_field :user_id + - if @abuse_report.errors.any? + .alert.alert-danger + - @abuse_report.errors.full_messages.each do |msg| + %p= msg + .form-group + = f.label :user_id, class: 'control-label' + .col-sm-10 + = users_select_tag("abuse_reports[user_id]", placeholder: 'Select user to report abuse', + class: 'custom-form-control js-select2', selected: @abuse_report.user_id, scope: :all) + .form-group + = f.label :message, class: 'control-label' + .col-sm-10 + = f.text_area :message, class: "form-control", rows: 2, required: true + .help-block + Explain the problem with this account. + %br + If user sends spam please provide a link to spam issue or comment + + .form-actions + = f.submit "Send report", class: "btn btn-create" + +:coffeescript + new UsersSelect() diff --git a/app/views/users/show.html.haml b/app/views/users/show.html.haml index 43d847831d6..64b7f25ad37 100644 --- a/app/views/users/show.html.haml +++ b/app/views/users/show.html.haml @@ -18,6 +18,16 @@ = link_to profile_path, class: 'btn btn-sm' do %i.fa.fa-pencil-square-o Edit Profile settings + - elsif current_user + .pull-right + %span.dropdown + %a.light.dropdown-toggle.btn.btn-sm{href: '#', "data-toggle" => "dropdown"} + = icon('exclamation-circle') + %ul.dropdown-menu.dropdown-menu-right + %li + = link_to new_abuse_report_path(user_id: @user.id) do + Report abuse + .username @#{@user.username} .description diff --git a/config/routes.rb b/config/routes.rb index f252a6fcc91..4e90a89535e 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -65,6 +65,9 @@ Gitlab::Application.routes.draw do end end + # Spam reports + resources :abuse_reports, only: [:new, :create] + # # Import # diff --git a/db/migrate/20150806104937_create_abuse_reports.rb b/db/migrate/20150806104937_create_abuse_reports.rb new file mode 100644 index 00000000000..e97dc4cf04c --- /dev/null +++ b/db/migrate/20150806104937_create_abuse_reports.rb @@ -0,0 +1,11 @@ +class CreateAbuseReports < ActiveRecord::Migration + def change + create_table :abuse_reports do |t| + t.integer :reporter_id + t.integer :user_id + t.text :message + + t.timestamps + end + end +end diff --git a/db/schema.rb b/db/schema.rb index a63c2d05821..af10a2ff7cd 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,11 +11,19 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20150717130904) do +ActiveRecord::Schema.define(version: 20150806104937) do # These are extensions that must be enabled in order to support this database enable_extension "plpgsql" + create_table "abuse_reports", force: true do |t| + t.integer "reporter_id" + t.integer "user_id" + t.text "message" + t.datetime "created_at" + t.datetime "updated_at" + end + create_table "application_settings", force: true do |t| t.integer "default_projects_limit" t.boolean "signup_enabled" diff --git a/spec/factories/abuse_reports.rb b/spec/factories/abuse_reports.rb new file mode 100644 index 00000000000..29fcbc5e197 --- /dev/null +++ b/spec/factories/abuse_reports.rb @@ -0,0 +1,9 @@ +# Read about factories at https://github.com/thoughtbot/factory_girl + +FactoryGirl.define do + factory :abuse_report do + reporter factory: :user + user + message 'User sends spam' + end +end diff --git a/spec/models/abuse_report_spec.rb b/spec/models/abuse_report_spec.rb new file mode 100644 index 00000000000..d83004a8388 --- /dev/null +++ b/spec/models/abuse_report_spec.rb @@ -0,0 +1,7 @@ +require 'rails_helper' + +RSpec.describe AbuseReport, type: :model do + subject { create(:abuse_report) } + + it { expect(subject).to be_valid } +end -- cgit v1.2.1 From 7a9d432cdb84936bf8dd1359d363f42e6ebca542 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Thu, 6 Aug 2015 15:08:22 +0200 Subject: Add abuse report management in admin area Signed-off-by: Dmitriy Zaporozhets --- app/controllers/admin/abuse_reports_controller.rb | 11 +++++++++++ .../admin/abuse_reports/_abuse_report.html.haml | 23 ++++++++++++++++++++++ app/views/admin/abuse_reports/index.html.haml | 16 +++++++++++++++ app/views/layouts/nav/_admin.html.haml | 7 +++++++ config/routes.rb | 1 + 5 files changed, 58 insertions(+) create mode 100644 app/controllers/admin/abuse_reports_controller.rb create mode 100644 app/views/admin/abuse_reports/_abuse_report.html.haml create mode 100644 app/views/admin/abuse_reports/index.html.haml diff --git a/app/controllers/admin/abuse_reports_controller.rb b/app/controllers/admin/abuse_reports_controller.rb new file mode 100644 index 00000000000..34f37bca4ad --- /dev/null +++ b/app/controllers/admin/abuse_reports_controller.rb @@ -0,0 +1,11 @@ +class Admin::AbuseReportsController < Admin::ApplicationController + def index + @abuse_reports = AbuseReport.order(id: :desc).page(params[:page]) + end + + def destroy + AbuseReport.find(params[:id]).destroy + + redirect_to admin_abuse_reports_path, notice: 'Report was removed' + end +end diff --git a/app/views/admin/abuse_reports/_abuse_report.html.haml b/app/views/admin/abuse_reports/_abuse_report.html.haml new file mode 100644 index 00000000000..4449721ae38 --- /dev/null +++ b/app/views/admin/abuse_reports/_abuse_report.html.haml @@ -0,0 +1,23 @@ +- reporter = abuse_report.reporter +- user = abuse_report.user +%tr + %td + - if reporter + = link_to reporter.name, [:admin, reporter] + - else + (removed) + %td + = abuse_report.created_at.to_s(:short) + %td + = abuse_report.message + %td + - if user + = link_to user.name, [:admin, user] + - else + (removed) + %td + - if user + = link_to 'Block', block_admin_user_path(user), data: {confirm: 'USER WILL BE BLOCKED! Are you sure?'}, method: :put, class: "btn btn-xs btn-warning" + = link_to 'Remove user', [:admin, user], data: { confirm: "USER #{user.name} WILL BE REMOVED! Are you sure?" }, method: :delete, class: "btn btn-xs btn-remove" + %td + = link_to 'Remove report', [:admin, abuse_report], method: :delete, class: "btn btn-xs btn-close" diff --git a/app/views/admin/abuse_reports/index.html.haml b/app/views/admin/abuse_reports/index.html.haml new file mode 100644 index 00000000000..a3c900e16aa --- /dev/null +++ b/app/views/admin/abuse_reports/index.html.haml @@ -0,0 +1,16 @@ +- page_title "Abuse Reports" +%h3.page-title Abuse Reports +%hr +- if @abuse_reports.present? + %table.table + %thead + %tr + %th Reported by + %th Reported at + %th Message + %th User + %th + %th + = render @abuse_reports +- else + %h4 There are no abuse reports diff --git a/app/views/layouts/nav/_admin.html.haml b/app/views/layouts/nav/_admin.html.haml index a3191593dae..2065be3828a 100644 --- a/app/views/layouts/nav/_admin.html.haml +++ b/app/views/layouts/nav/_admin.html.haml @@ -57,6 +57,13 @@ %span Service Templates + = nav_link(controller: :abuse_reports) do + = link_to admin_abuse_reports_path, title: "Abuse reports" do + = icon('exclamation-circle fw') + %span + Abuse Reports + %span.count= AbuseReport.count(:all) + = nav_link(controller: :application_settings, html_options: { class: 'separate-item'}) do = link_to admin_application_settings_path, title: 'Settings', data: {placement: 'right'} do = icon('cogs fw') diff --git a/config/routes.rb b/config/routes.rb index 4e90a89535e..d7307a61ede 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -168,6 +168,7 @@ Gitlab::Application.routes.draw do end end + resources :abuse_reports, only: [:index, :destroy] resources :applications resources :groups, constraints: { id: /[^\/]+/ } do -- cgit v1.2.1 From 4ba26988101b502742a17cd47cc5634c28de2d03 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Thu, 6 Aug 2015 15:13:47 +0200 Subject: Remove selectbox from abuse form. Added pagination in admin area Signed-off-by: Dmitriy Zaporozhets --- app/views/abuse_reports/new.html.haml | 7 ++----- app/views/admin/abuse_reports/index.html.haml | 1 + 2 files changed, 3 insertions(+), 5 deletions(-) diff --git a/app/views/abuse_reports/new.html.haml b/app/views/abuse_reports/new.html.haml index 736456b67ba..26a569222b4 100644 --- a/app/views/abuse_reports/new.html.haml +++ b/app/views/abuse_reports/new.html.haml @@ -11,8 +11,8 @@ .form-group = f.label :user_id, class: 'control-label' .col-sm-10 - = users_select_tag("abuse_reports[user_id]", placeholder: 'Select user to report abuse', - class: 'custom-form-control js-select2', selected: @abuse_report.user_id, scope: :all) + - name = "#{@abuse_report.user.name} (@#{@abuse_report.user.username})" + = text_field_tag :user_name, name, class: "form-control", readonly: true .form-group = f.label :message, class: 'control-label' .col-sm-10 @@ -24,6 +24,3 @@ .form-actions = f.submit "Send report", class: "btn btn-create" - -:coffeescript - new UsersSelect() diff --git a/app/views/admin/abuse_reports/index.html.haml b/app/views/admin/abuse_reports/index.html.haml index a3c900e16aa..4a25848f156 100644 --- a/app/views/admin/abuse_reports/index.html.haml +++ b/app/views/admin/abuse_reports/index.html.haml @@ -12,5 +12,6 @@ %th %th = render @abuse_reports + = paginate @abuse_reports - else %h4 There are no abuse reports -- cgit v1.2.1 From ed7a8c9221fe544afb666e2b10672c759c821507 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Thu, 6 Aug 2015 15:15:17 +0200 Subject: Improve wording in abuse report form Signed-off-by: Dmitriy Zaporozhets --- app/controllers/abuse_reports_controller.rb | 3 ++- app/views/abuse_reports/new.html.haml | 6 ++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/app/controllers/abuse_reports_controller.rb b/app/controllers/abuse_reports_controller.rb index 757be5ef727..65dbd5ef551 100644 --- a/app/controllers/abuse_reports_controller.rb +++ b/app/controllers/abuse_reports_controller.rb @@ -9,7 +9,8 @@ class AbuseReportsController < ApplicationController @abuse_report.reporter = current_user if @abuse_report.save - redirect_to root_path, notice: 'Thank you for report. GitLab administrator will be able to see it' + message = "Thank you for your report. A GitLab administrator will look into it shortly." + redirect_to root_path, notice: message else render :new end diff --git a/app/views/abuse_reports/new.html.haml b/app/views/abuse_reports/new.html.haml index 26a569222b4..a3b34345a3c 100644 --- a/app/views/abuse_reports/new.html.haml +++ b/app/views/abuse_reports/new.html.haml @@ -1,6 +1,6 @@ - page_title "Report abuse" %h3.page-title Report abuse -%p Please use this form if user makes spam or inappropriate content +%p Please use this form to report users who create spam issues or comments or who otherwise behave inappropriately. %hr = form_for @abuse_report, html: { class: 'form-horizontal'} do |f| = f.hidden_field :user_id @@ -18,9 +18,7 @@ .col-sm-10 = f.text_area :message, class: "form-control", rows: 2, required: true .help-block - Explain the problem with this account. - %br - If user sends spam please provide a link to spam issue or comment + Explain the problem with this user. If appropriate, provide a link to the relevant issue or comment. .form-actions = f.submit "Send report", class: "btn btn-create" -- cgit v1.2.1 From 02c4a0cc734320af315410b07a93843ca2f80bde Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Thu, 6 Aug 2015 16:57:04 +0200 Subject: Add tests for abuse report feature Signed-off-by: Dmitriy Zaporozhets --- features/abuse_report.feature | 10 ++++++++++ features/admin/abuse_report.feature | 8 ++++++++ features/steps/abuse_reports.rb | 28 ++++++++++++++++++++++++++++ features/steps/admin/abuse_reports.rb | 17 +++++++++++++++++ features/steps/shared/paths.rb | 4 ++++ 5 files changed, 67 insertions(+) create mode 100644 features/abuse_report.feature create mode 100644 features/admin/abuse_report.feature create mode 100644 features/steps/abuse_reports.rb create mode 100644 features/steps/admin/abuse_reports.rb diff --git a/features/abuse_report.feature b/features/abuse_report.feature new file mode 100644 index 00000000000..3e1cb455b77 --- /dev/null +++ b/features/abuse_report.feature @@ -0,0 +1,10 @@ +Feature: Abuse reports + Background: + Given I sign in as a user + And user "Mike" exists + + Scenario: Report abuse + Given I visit "Mike" user page + And I click "Report abuse" button + When I fill and submit abuse form + Then I should see success message diff --git a/features/admin/abuse_report.feature b/features/admin/abuse_report.feature new file mode 100644 index 00000000000..7d4ec2556e5 --- /dev/null +++ b/features/admin/abuse_report.feature @@ -0,0 +1,8 @@ +Feature: Admin Abuse reports + Background: + Given I sign in as an admin + And abuse reports exist + + Scenario: Browse abuse reports + When I visit abuse reports page + Then I should see list of abuse reports diff --git a/features/steps/abuse_reports.rb b/features/steps/abuse_reports.rb new file mode 100644 index 00000000000..8f9ddb2899f --- /dev/null +++ b/features/steps/abuse_reports.rb @@ -0,0 +1,28 @@ +class Spinach::Features::AbuseReports < Spinach::FeatureSteps + include SharedAuthentication + + step 'I visit "Mike" user page' do + visit user_path(user_mike) + end + + step 'I click "Report abuse" button' do + click_link 'Report abuse' + end + + step 'I fill and submit abuse form' do + fill_in 'abuse_report_message', with: 'This user send spam' + click_button 'Send report' + end + + step 'I should see success message' do + page.should have_content 'Thank you for your report' + end + + step 'user "Mike" exists' do + user_mike + end + + def user_mike + @user_mike ||= create(:user, name: 'Mike') + end +end diff --git a/features/steps/admin/abuse_reports.rb b/features/steps/admin/abuse_reports.rb new file mode 100644 index 00000000000..87572e93dba --- /dev/null +++ b/features/steps/admin/abuse_reports.rb @@ -0,0 +1,17 @@ +class Spinach::Features::AdminAbuseReports < Spinach::FeatureSteps + include SharedAuthentication + include SharedPaths + include SharedAdmin + + step 'I should see list of abuse reports' do + page.should have_content("Abuse Reports") + page.should have_content AbuseReport.first.message + page.should have_link("Remove user") + end + + step 'abuse reports exist' do + create(:abuse_report) + end +end + + diff --git a/features/steps/shared/paths.rb b/features/steps/shared/paths.rb index 88a98a37807..bb0cd9ac105 100644 --- a/features/steps/shared/paths.rb +++ b/features/steps/shared/paths.rb @@ -139,6 +139,10 @@ module SharedPaths visit admin_root_path end + step 'I visit abuse reports page' do + visit admin_abuse_reports_path + end + step 'I visit admin projects page' do visit admin_namespaces_projects_path end -- cgit v1.2.1 From 485b9efe9ff458a7b13589d75108be0b6fb99d68 Mon Sep 17 00:00:00 2001 From: Dmitriy Zaporozhets Date: Thu, 6 Aug 2015 17:27:48 +0200 Subject: Remove trailing lines Signed-off-by: Dmitriy Zaporozhets --- features/steps/admin/abuse_reports.rb | 2 -- 1 file changed, 2 deletions(-) diff --git a/features/steps/admin/abuse_reports.rb b/features/steps/admin/abuse_reports.rb index 87572e93dba..0149416c919 100644 --- a/features/steps/admin/abuse_reports.rb +++ b/features/steps/admin/abuse_reports.rb @@ -13,5 +13,3 @@ class Spinach::Features::AdminAbuseReports < Spinach::FeatureSteps create(:abuse_report) end end - - -- cgit v1.2.1