github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-28 13:51:18 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: CurrentUser now must be passed to resolveTimezone and user card local time issues (#9734)

Browse Source 
* This is to prevent user's timezones being changed accidentally
e.g. by admin looking at a user
* This problem only occurred via the user card, however the user card
was still calling userTimezone even if the setting to display user
time in card was disabled
This commit is contained in:
Martin Brennan
2020-05-11 11:01:47 +10:00
committed by GitHub
parent 44712c5f98
commit 12d4d51d81
10 changed files with 78 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
test/javascripts/models/user-test.js
View File

@ -71,7 +71,7 @@ QUnit.test("canMangeGroup", assert => {
QUnit.test("resolvedTimezone", assert => {
const tz = "Australia/Brisbane";
let user = User.create({ timezone: tz, username: "chuck" });
let user = User.create({ timezone: tz, username: "chuck", id: 111 });
let stub = sandbox.stub(moment.tz, "guess").returns("America/Chicago");
pretender.put("/u/chuck.json", () => {
@ -80,7 +80,7 @@ QUnit.test("resolvedTimezone", assert => {
let spy = sandbox.spy(ajaxlib, "ajax");
assert.equal(
user.resolvedTimezone(),
user.resolvedTimezone(user),
tz,
"if the user already has a timezone return it"
);
@ -88,9 +88,9 @@ QUnit.test("resolvedTimezone", assert => {
spy.notCalled,
"if the user already has a timezone do not call AJAX update"
);
user = User.create({ username: "chuck" });
user = User.create({ username: "chuck", id: 111 });
assert.equal(
user.resolvedTimezone(),
user.resolvedTimezone(user),
"America/Chicago",
"if the user has no timezone guess it with moment"
);
@ -102,6 +102,22 @@ QUnit.test("resolvedTimezone", assert => {
}),
"if the user has no timezone save it with an AJAX update"
);
let otherUser = User.create({ username: "howardhamlin", id: 999 });
assert.equal(
otherUser.resolvedTimezone(user),
null,
"if the user has no timezone and the user is not the current user, do NOT guess with moment"
);
assert.not(
spy.calledWith("/u/howardhamlin.json", {
type: "PUT",
dataType: "json",
data: { timezone: "America/Chicago" }
}),
"if the user has no timezone, and the user is not the current user, do NOT save it with an AJAX update"
);
stub.restore();
});