Fix admins being able to suspend their instance actor (#14567)

* Fix admin being able to suspend their own instance account

* Add text about the instance's own actor in admin view

* Change instance actor notice from flash message to template

* Do not list local instance actor in account moderation list
master
ThibG 4 years ago committed by GitHub
parent 8485c436d5
commit 8357969559
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 3
      app/models/account.rb
  2. 2
      app/models/account_filter.rb
  3. 4
      app/policies/account_policy.rb
  4. 4
      app/views/admin/accounts/show.html.haml
  5. 1
      config/locales/en.yml
  6. 2
      spec/models/account_filter_spec.rb

@ -100,6 +100,7 @@ class Account < ApplicationRecord
scope :sensitized, -> { where.not(sensitized_at: nil) } scope :sensitized, -> { where.not(sensitized_at: nil) }
scope :without_suspended, -> { where(suspended_at: nil) } scope :without_suspended, -> { where(suspended_at: nil) }
scope :without_silenced, -> { where(silenced_at: nil) } scope :without_silenced, -> { where(silenced_at: nil) }
scope :without_instance_actor, -> { where.not(id: -99) }
scope :recent, -> { reorder(id: :desc) } scope :recent, -> { reorder(id: :desc) }
scope :bots, -> { where(actor_type: %w(Application Service)) } scope :bots, -> { where(actor_type: %w(Application Service)) }
scope :groups, -> { where(actor_type: 'Group') } scope :groups, -> { where(actor_type: 'Group') }
@ -222,7 +223,7 @@ class Account < ApplicationRecord
end end
def suspended? def suspended?
suspended_at.present? suspended_at.present? && !instance_actor?
end end
def suspended_permanently? def suspended_permanently?

@ -45,7 +45,7 @@ class AccountFilter
def scope_for(key, value) def scope_for(key, value)
case key.to_s case key.to_s
when 'local' when 'local'
Account.local Account.local.without_instance_actor
when 'remote' when 'remote'
Account.remote Account.remote
when 'by_domain' when 'by_domain'

@ -14,7 +14,7 @@ class AccountPolicy < ApplicationPolicy
end end
def suspend? def suspend?
staff? && !record.user&.staff? staff? && !record.user&.staff? && !record.instance_actor?
end end
def destroy? def destroy?
@ -62,6 +62,6 @@ class AccountPolicy < ApplicationPolicy
end end
def memorialize? def memorialize?
admin? && !record.user&.admin? admin? && !record.user&.admin? && !record.instance_actor?
end end
end end

@ -1,6 +1,10 @@
- content_for :page_title do - content_for :page_title do
= @account.acct = @account.acct
- if @account.instance_actor?
.flash-message.notice
%strong= t('accounts.instance_actor_flash')
= render 'application/card', account: @account = render 'application/card', account: @account
- account = @account - account = @account

@ -60,6 +60,7 @@ en:
one: Follower one: Follower
other: Followers other: Followers
following: Following following: Following
instance_actor_flash: This account is a virtual actor used to represent the server itself and not any individual user. It is used for federation purposes and should not be suspended.
joined: Joined %{date} joined: Joined %{date}
last_active: last active last_active: last active
link_verified_on: Ownership of this link was checked on %{date} link_verified_on: Ownership of this link was checked on %{date}

@ -5,7 +5,7 @@ describe AccountFilter do
it 'defaults to recent local not-suspended account list' do it 'defaults to recent local not-suspended account list' do
filter = described_class.new({}) filter = described_class.new({})
expect(filter.results).to eq Account.local.recent.without_suspended expect(filter.results).to eq Account.local.without_instance_actor.recent.without_suspended
end end
end end

Loading…
Cancel
Save