Merge remote-tracking branch 'origin/v10/dev' into v11/dev

2022-12-20 10:19:36 +01:00
parent 1332ba51e8 fae74c53ba
commit 03e00cbed2
4 changed files with 110 additions and 13 deletions
--- a/src/Umbraco.Web.BackOffice/Controllers/UsersController.cs
+++ b/src/Umbraco.Web.BackOffice/Controllers/UsersController.cs
@@ -35,6 +35,7 @@ using Umbraco.Cms.Web.BackOffice.Security;
 using Umbraco.Cms.Web.Common.ActionsResults;
 using Umbraco.Cms.Web.Common.Attributes;
 using Umbraco.Cms.Web.Common.Authorization;
+using Umbraco.Cms.Web.Common.Models;
 using Umbraco.Cms.Web.Common.Security;
 using Umbraco.Extensions;

@@ -795,22 +796,44 @@ public class UsersController : BackOfficeNotificationsController
            return ValidationProblem("The current user cannot disable itself");
        }

-        IUser[] users = _userService.GetUsersById(userIds).ToArray();
+        var users = _userService.GetUsersById(userIds).ToList();
+        List<IUser> skippedUsers = new();
        foreach (IUser u in users)
        {
+            if (u.UserState is UserState.Invited)
+            {
+                _logger.LogWarning("Could not disable invited user {Username}", u.Name);
+                skippedUsers.Add(u);
+                continue;
+            }
+
            u.IsApproved = false;
            u.InvitedDate = null;
        }

-        _userService.Save(users);
+        users = users.Except(skippedUsers).ToList();

-        if (users.Length > 1)
+        if (users.Any())
        {
-            return Ok(_localizedTextService.Localize("speechBubbles", "disableUsersSuccess",
-                new[] { userIds.Length.ToString() }));
+            _userService.Save(users);
+        }
+        else
+        {
+            return Ok(new DisabledUsersModel());
        }

-        return Ok(_localizedTextService.Localize("speechBubbles", "disableUserSuccess", new[] { users[0].Name }));
+        var disabledUsersModel = new DisabledUsersModel
+        {
+            DisabledUserIds = users.Select(x => x.Id),
+        };
+
+        var message= users.Count > 1
+            ? _localizedTextService.Localize("speechBubbles", "disableUsersSuccess", new[] { userIds.Length.ToString() })
+            : _localizedTextService.Localize("speechBubbles", "disableUserSuccess", new[] { users[0].Name });
+
+        var header = _localizedTextService.Localize("general", "success");
+        disabledUsersModel.Notifications.Add(new BackOfficeNotification(header, message, NotificationStyle.Success));
+        return Ok(disabledUsersModel);
    }

    /// <summary>
--- a/src/Umbraco.Web.Common/Models/DisabledUsersModel.cs
+++ b/src/Umbraco.Web.Common/Models/DisabledUsersModel.cs
@@ -0,0 +1,13 @@
+using System.Runtime.Serialization;
+using Umbraco.Cms.Core.Models.ContentEditing;
+
+namespace Umbraco.Cms.Web.Common.Models;
+
+[DataContract]
+public class DisabledUsersModel : INotificationModel
+{
+    public List<BackOfficeNotification> Notifications { get; } = new();
+
+    [DataMember(Name = "disabledUserIds")]
+    public IEnumerable<int> DisabledUserIds { get; set; } = Enumerable.Empty<int>();
+}
--- a/src/Umbraco.Web.UI.Client/src/views/users/views/users/users.controller.js
+++ b/src/Umbraco.Web.UI.Client/src/views/users/views/users/users.controller.js
@@ -334,7 +334,7 @@
            vm.disableUserButtonState = "busy";
            usersResource.disableUsers(vm.selection).then(function (data) {
                // update userState
-                vm.selection.forEach(function (userId) {
+                data.disabledUserIds.forEach(function (userId) {
                    var user = getUserFromArrayById(userId, vm.users);
                    if (user) {
                        user.userState = "Disabled";
@@ -808,6 +808,7 @@

                if (user.userDisplayState && user.userDisplayState.key === "Invited") {
                    vm.allowEnableUser = false;
+                    vm.allowDisableUser = false;
                }

                if (user.userDisplayState && user.userDisplayState.key === "LockedOut") {
--- a/tests/Umbraco.Tests.Integration/Umbraco.Web.BackOffice/Controllers/UsersControllerTests.cs
+++ b/tests/Umbraco.Tests.Integration/Umbraco.Web.BackOffice/Controllers/UsersControllerTests.cs
@@ -1,14 +1,9 @@
 // Copyright (c) Umbraco.
 // See LICENSE for more details.

-using System;
-using System.Collections.Generic;
-using System.Linq;
 using System.Net;
-using System.Net.Http;
 using System.Net.Mime;
 using System.Text;
-using System.Threading.Tasks;
 using Newtonsoft.Json;
 using NUnit.Framework;
 using Umbraco.Cms.Core;
@@ -21,7 +16,7 @@ using Umbraco.Cms.Tests.Common.Builders.Extensions;
 using Umbraco.Cms.Tests.Integration.TestServerTest;
 using Umbraco.Cms.Web.BackOffice.Controllers;
 using Umbraco.Cms.Web.Common.Formatters;
-using Umbraco.Extensions;
+using Umbraco.Cms.Web.Common.Models;

 namespace Umbraco.Cms.Tests.Integration.Umbraco.Web.BackOffice.Controllers;

@@ -231,4 +226,69 @@ public class UsersControllerTests : UmbracoTestServerTestBase
            Assert.AreEqual($"Unlocked {users.Count()} users", actual.Message);
        });
    }
+
+    [Test]
+    public async Task Cannot_Disable_Invited_User()
+    {
+        var userService = GetRequiredService<IUserService>();
+
+        var user = new UserBuilder()
+            .AddUserGroup()
+            .WithAlias("writer") // Needs to be an existing alias
+            .Done()
+            .Build();
+
+        user.LastLoginDate = default;
+        user.InvitedDate = DateTime.Now;
+        userService.Save(user);
+        var createdUser = userService.GetByEmail("test@test.com");
+
+        // Act
+        var url = PrepareApiControllerUrl<UsersController>(x => x.PostDisableUsers(new []{createdUser.Id}));
+        var response = await Client.PostAsync(url, null);
+
+        // Assert
+        Assert.Multiple(() =>
+        {
+            Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
+            var body = response.Content.ReadAsStringAsync().GetAwaiter().GetResult();
+
+            body = body.TrimStart(AngularJsonMediaTypeFormatter.XsrfPrefix);
+        });
+    }
+
+    [Test]
+    public async Task Can_Disable_Active_User()
+    {
+        var userService = GetRequiredService<IUserService>();
+
+        var user = new UserBuilder()
+            .AddUserGroup()
+            .WithAlias("writer") // Needs to be an existing alias
+            .Done()
+            .Build();
+
+        user.IsApproved = true;
+        userService.Save(user);
+
+        var createdUser = userService.GetByEmail("test@test.com");
+
+        // Act
+        var url = PrepareApiControllerUrl<UsersController>(x => x.PostDisableUsers(new[] { createdUser.Id }));
+        var response = await Client.PostAsync(url, null);
+
+        // Assert
+        Assert.Multiple(() =>
+        {
+            Assert.AreEqual(HttpStatusCode.OK, response.StatusCode);
+            var body = response.Content.ReadAsStringAsync().GetAwaiter().GetResult();
+
+            body = body.TrimStart(AngularJsonMediaTypeFormatter.XsrfPrefix);
+            var affectedUsers = JsonConvert.DeserializeObject<DisabledUsersModel>(body, new JsonSerializerSettings { ContractResolver = new IgnoreRequiredAttributesResolver() });
+            Assert.AreEqual(affectedUsers!.DisabledUserIds.First(), createdUser!.Id);
+
+            var disabledUser = userService.GetByEmail("test@test.com");
+            Assert.AreEqual(disabledUser!.UserState, UserState.Disabled);
+        });
+    }
 }