IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

Return a 403 instead of 200 when trying to delete a user with posts

Browse Source 
See [this commit][1] for more info

[1]: bd352a17bf
This commit is contained in:
Blake Erickson 2018-05-22 16:17:44 -06:00
parent 609804f5ef
commit 3edca8b104
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/admin/users_controller.rb
View File

@ -382,7 +382,7 @@ class Admin::UsersController < Admin::AdminController
render json: { render json: {
deleted: false, deleted: false,
message: "User #{user.username} has #{user.post_count} posts, so they can't be deleted." message: "User #{user.username} has #{user.post_count} posts, so they can't be deleted."
} }, status: 403
end end
end end
end end

2
spec/controllers/admin/users_controller_spec.rb
View File

@ -531,7 +531,7 @@ describe Admin::UsersController do
it "returns an api response that the user can't be deleted because it has posts" do it "returns an api response that the user can't be deleted because it has posts" do
delete :destroy, params: { id: delete_me.id }, format: :json delete :destroy, params: { id: delete_me.id }, format: :json
expect(response).to be_success expect(response).to be_forbidden
json = ::JSON.parse(response.body) json = ::JSON.parse(response.body)
expect(json['deleted']).to eq(false) expect(json['deleted']).to eq(false)
end end