Nemcio/Redmine
1
0
Fork 0
mirror of https://github.com/redmine/redmine.git synced 2025-11-14 09:16:02 +01:00
Code Issues Packages Projects Releases Activity

User bulk destroy (#37674).

Browse Source 
includes a confirmation page that also gives the opportunity to lock
users instead of deleting them.

Patch by Jens Krämer.


git-svn-id: https://svn.redmine.org/redmine/trunk@21824 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Go MAEDA
2022-09-20 03:36:40 +00:00
parent cd70187c2f
commit 62f7551d57
6 changed files with 105 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
app/controllers/users_controller.rb
View File

@@ -215,6 +215,21 @@ class UsersController < ApplicationController
end end
end end
def bulk_destroy
@users = User.logged.where(id: params[:ids]).where.not(id: User.current)
(render_404; return) unless @users.any?
if params[:lock]
@users.update_all status: User::STATUS_LOCKED
flash[:notice] = l(:notice_successful_update)
redirect_to users_path
elsif params[:confirm] == I18n.t(:general_text_Yes)
@users.destroy_all
flash[:notice] = l(:notice_successful_delete)
redirect_to users_path
end
end
private private
def find_user(logged = true) def find_user(logged = true)

6
app/views/context_menus/users.html.erb
View File

@@ -20,5 +20,11 @@
method: :delete, class: 'icon icon-del' %> method: :delete, class: 'icon icon-del' %>
</li> </li>
<% end %> <% end %>
<% else %>
<li>
<%= context_menu_link l(:button_delete),
{controller: 'users', action: 'bulk_destroy', ids: @users.map(&:id)},
method: :delete, class: 'icon icon-del' %>
</li>
<% end %> <% end %>
</ul> </ul>

22
app/views/users/bulk_destroy.html.erb Normal file
View File

@@ -0,0 +1,22 @@
<%= title l(:label_confirmation) %>
<%= form_tag(bulk_destroy_users_path(ids: @users.map(&:id)), method: :delete) do %>
<div class="warning">
<p><%= simple_format l :text_users_bulk_destroy_head %></p>
<% @users.each do |user| %>
<p><strong><%= user.name %></strong> (<%= user.login %>)</p>
<% end %>
<p><%= l :text_users_bulk_destroy_confirm, yes: l(:general_text_Yes) %></p>
<p><%= text_field_tag 'confirm' %></p>
</div>
<p>
<%= submit_tag l(:button_delete), class: 'btn-alert btn-small' %>
<%= submit_tag l(:button_lock), class: 'btn', name: 'lock' %>
<%= link_to l(:button_cancel), users_path %>
</p>
<% end %>

2
config/locales/en.yml
View File

@@ -1230,6 +1230,8 @@ en:
text_project_close_confirmation: Are you sure you want to close the '%{value}' project to make it read-only? text_project_close_confirmation: Are you sure you want to close the '%{value}' project to make it read-only?
text_project_reopen_confirmation: Are you sure you want to reopen the '%{value}' project? text_project_reopen_confirmation: Are you sure you want to reopen the '%{value}' project?
text_project_archive_confirmation: Are you sure you want to archive the '%{value}' project? text_project_archive_confirmation: Are you sure you want to archive the '%{value}' project?
text_users_bulk_destroy_head: 'You are about to delete the following users and remove all references to them. This cannot be undone. Often, locking users instead of deleting them is the better solution.'
text_users_bulk_destroy_confirm: 'To confirm, please enter "%{yes}" below.'
text_workflow_edit: Select a role and a tracker to edit the workflow text_workflow_edit: Select a role and a tracker to edit the workflow
text_are_you_sure: Are you sure? text_are_you_sure: Are you sure?
text_journal_changed: "%{label} changed from %{old} to %{new}" text_journal_changed: "%{label} changed from %{old} to %{new}"

3
config/routes.rb
View File

@@ -110,6 +110,9 @@ Rails.application.routes.draw do
match '/users/context_menu', to: 'context_menus#users', as: :users_context_menu, via: [:get, :post] match '/users/context_menu', to: 'context_menus#users', as: :users_context_menu, via: [:get, :post]
resources :users do resources :users do
collection do
delete 'bulk_destroy'
end
resources :memberships, :controller => 'principal_memberships' resources :memberships, :controller => 'principal_memberships'
resources :email_addresses, :only => [:index, :create, :update, :destroy] resources :email_addresses, :only => [:index, :create, :update, :destroy]
end end

57
test/functional/users_controller_test.rb
View File

@@ -1092,4 +1092,61 @@ class UsersControllerTest < Redmine::ControllerTest
assert_response 422 assert_response 422
end end
end end
def test_bulk_destroy
assert_difference 'User.count', -1 do
delete :bulk_destroy, :params => {:ids => [2], :confirm => 'Yes'}
end
assert_redirected_to '/users'
assert_nil User.find_by_id(2)
end
def test_bulk_destroy_should_not_destroy_current_user
assert_difference 'User.count', -1 do
delete :bulk_destroy, :params => {:ids => [2, 1], :confirm => 'Yes'}
end
assert_redirected_to '/users'
assert_nil User.find_by_id(2)
end
def test_bulk_destroy_with_lock_param_should_lock_instead
assert_no_difference 'User.count' do
delete :bulk_destroy, :params => {:ids => [2], :lock => 'lock'}
end
assert_redirected_to '/users'
assert User.find_by_id(2).locked?
end
def test_bulk_destroy_should_require_confirmation
assert_no_difference 'User.count' do
delete :bulk_destroy, :params => {:ids => [2]}
end
assert_response :success
assert_select '.warning', :text => /You are about to delete the following users/
end
def test_bulk_destroy_should_require_correct_confirmation
assert_no_difference 'User.count' do
delete :bulk_destroy, :params => {:ids => [2], :confirm => 'wrong'}
end
assert_response :success
assert_select '.warning', :text => /You are about to delete the following users/
end
def test_bulk_destroy_should_be_denied_for_non_admin_users
@request.session[:user_id] = 3
assert_no_difference 'User.count' do
delete :bulk_destroy, :params => {:ids => [2], :confirm => 'Yes'}
end
assert_response 403
end
def test_bulk_destroy_should_be_denied_for_anonymous
assert User.find(6).anonymous?
assert_no_difference 'User.count' do
delete :bulk_destroy, :params => {:ids => [6], :confirm => "Yes"}
end
assert_response 404
end
end end