FIX: Do not update last_seen for API access

This regressed in 2dc3a50. I have now added tests for the behavior.
2025-06-01 17:40:43 +08:00 · 2018-10-25 13:38:57 +01:00
parent effbef7d0b
commit 56e0f47bcd
2 changed files with 8 additions and 1 deletions
--- a/spec/components/auth/default_current_user_provider_spec.rb
+++ b/spec/components/auth/default_current_user_provider_spec.rb
@ -32,7 +32,11 @@ describe Auth::DefaultCurrentUserProvider do
    it "finds a user for a correct per-user api key" do
      user = Fabricate(:user)
      ApiKey.create!(key: "hello", user_id: user.id, created_by_id: -1)
-      expect(provider("/?api_key=hello").current_user.id).to eq(user.id)
+      good_provider = provider("/?api_key=hello")
+      expect(good_provider.current_user.id).to eq(user.id)
+      expect(good_provider.is_api?).to eq(true)
+      expect(good_provider.is_user_api?).to eq(false)
+      expect(good_provider.should_update_last_seen?).to eq(false)

      user.update_columns(active: false)

@ -399,6 +403,7 @@ describe Auth::DefaultCurrentUserProvider do
      expect(good_provider.current_user.id).to eq(user.id)
      expect(good_provider.is_api?).to eq(false)
      expect(good_provider.is_user_api?).to eq(true)
+      expect(good_provider.should_update_last_seen?).to eq(false)

      expect {
        provider("/", params.merge("REQUEST_METHOD" => "POST")).current_user