diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml index 3e555899a85..5666cf7920c 100644 --- a/config/locales/server.en.yml +++ b/config/locales/server.en.yml @@ -1801,7 +1801,7 @@ en: external_emoji_url: "URL of the external service for emoji images. Leave blank to disable." use_site_small_logo_as_system_avatar: "Use the site's small logo instead of the system user's avatar. Requires the logo to be present." restrict_letter_avatar_colors: "A list of 6-digit hexadecimal color values to be used for letter avatar background." - + enable_listing_suspended_users_on_search: "Enable regular users to find suspended users." selectable_avatars_enabled: "Force users to choose an avatar from the list." selectable_avatars: "List of avatars users can choose from." diff --git a/config/site_settings.yml b/config/site_settings.yml index f6d7582bdc3..fdf60d15c0c 100644 --- a/config/site_settings.yml +++ b/config/site_settings.yml @@ -2197,6 +2197,9 @@ uncategorized: use_site_small_logo_as_system_avatar: default: true + enable_listing_suspended_users_on_search: + default: false + disable_system_edit_notifications: true notification_consolidation_threshold: diff --git a/lib/search.rb b/lib/search.rb index a2e024c4dd2..c843e13aad1 100644 --- a/lib/search.rb +++ b/lib/search.rb @@ -758,11 +758,11 @@ class Search # calling protected methods send("#{@results.type_filter}_search") else - unless @search_context - user_search if @term.present? - category_search if @term.present? - tags_search if @term.present? - groups_search if @term.present? + if @term.present? && !@search_context + user_search + category_search + tags_search + groups_search end topic_search end @@ -832,6 +832,10 @@ class Search .order("last_posted_at DESC") .limit(limit) + if !SiteSetting.enable_listing_suspended_users_on_search && !@guardian.user&.admin + users = users.where(suspended_at: nil) + end + users_custom_data_query = DB.query(<<~SQL, user_ids: users.pluck(:id), term: "%#{@original_term.downcase}%") SELECT user_custom_fields.user_id, user_fields.name, user_custom_fields.value FROM user_custom_fields INNER JOIN user_fields ON user_fields.id = REPLACE(user_custom_fields.name, 'user_field_', '')::INTEGER AND user_fields.searchable IS TRUE diff --git a/spec/lib/search_spec.rb b/spec/lib/search_spec.rb index 63f28b7ecb7..1d10264f630 100644 --- a/spec/lib/search_spec.rb +++ b/spec/lib/search_spec.rb @@ -165,6 +165,33 @@ describe Search do { name: "another custom field", value: "second user test" } ]) end + + context "when using SiteSetting.enable_listing_suspended_users_on_search" do + fab!(:suspended_user) { Fabricate(:user, username: 'revolver_ocelot', suspended_at: Time.now, suspended_till: 5.days.from_now) } + + before { SearchIndexer.index(suspended_user, force: true) } + + it "should list suspended users to regular users if the setting is enabled" do + SiteSetting.enable_listing_suspended_users_on_search = true + + result = Search.execute("revolver_ocelot", guardian: Guardian.new(user)) + expect(result.users).to contain_exactly(suspended_user) + end + + it "shouldn't list suspended users to regular users if the setting is disabled" do + SiteSetting.enable_listing_suspended_users_on_search = false + + result = Search.execute("revolver_ocelot", guardian: Guardian.new(user)) + expect(result.users).to be_empty + end + + it "should list suspended users to admins regardless of the setting" do + SiteSetting.enable_listing_suspended_users_on_search = false + + result = Search.execute("revolver_ocelot", guardian: Guardian.new(Fabricate(:admin))) + expect(result.users).to contain_exactly(suspended_user) + end + end end context "categories" do