Fix admins being able to suspend their instance actor (#14567)

* Fix admin being able to suspend their own instance account

* Add text about the instance's own actor in admin view

* Change instance actor notice from flash message to template

* Do not list local instance actor in account moderation list
rebase/4.0.0rc2
ThibG 2020-12-15 17:23:58 +01:00 committed by GitHub
parent 8485c436d5
commit 8357969559
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 11 additions and 5 deletions

View File

@ -100,6 +100,7 @@ class Account < ApplicationRecord
scope :sensitized, -> { where.not(sensitized_at: nil) }
scope :without_suspended, -> { where(suspended_at: nil) }
scope :without_silenced, -> { where(silenced_at: nil) }
scope :without_instance_actor, -> { where.not(id: -99) }
scope :recent, -> { reorder(id: :desc) }
scope :bots, -> { where(actor_type: %w(Application Service)) }
scope :groups, -> { where(actor_type: 'Group') }
@ -222,7 +223,7 @@ class Account < ApplicationRecord
end
def suspended?
suspended_at.present?
suspended_at.present? && !instance_actor?
end
def suspended_permanently?

View File

@ -45,7 +45,7 @@ class AccountFilter
def scope_for(key, value)
case key.to_s
when 'local'
Account.local
Account.local.without_instance_actor
when 'remote'
Account.remote
when 'by_domain'

View File

@ -14,7 +14,7 @@ class AccountPolicy < ApplicationPolicy
end
def suspend?
staff? && !record.user&.staff?
staff? && !record.user&.staff? && !record.instance_actor?
end
def destroy?
@ -62,6 +62,6 @@ class AccountPolicy < ApplicationPolicy
end
def memorialize?
admin? && !record.user&.admin?
admin? && !record.user&.admin? && !record.instance_actor?
end
end

View File

@ -1,6 +1,10 @@
- content_for :page_title do
= @account.acct
- if @account.instance_actor?
.flash-message.notice
%strong= t('accounts.instance_actor_flash')
= render 'application/card', account: @account
- account = @account

View File

@ -60,6 +60,7 @@ en:
one: Follower
other: Followers
following: Following
instance_actor_flash: This account is a virtual actor used to represent the server itself and not any individual user. It is used for federation purposes and should not be suspended.
joined: Joined %{date}
last_active: last active
link_verified_on: Ownership of this link was checked on %{date}

View File

@ -5,7 +5,7 @@ describe AccountFilter do
it 'defaults to recent local not-suspended account list' do
filter = described_class.new({})
expect(filter.results).to eq Account.local.recent.without_suspended
expect(filter.results).to eq Account.local.without_instance_actor.recent.without_suspended
end
end