github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-22 16:01:20 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: user_id handling on remove user from group

Browse Source 
Under some conditions it was possible to pass in a user_id as an
integer, but we would try and parse it as a comma delimited string
resulting in an error. This has been fixed so that we are no longer
mapping the user_id param to user_ids.
This commit is contained in:
Blake Erickson
2019-01-24 17:28:48 -07:00
parent 0947fa2bad
commit de47b35b2d
2 changed files with 22 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
app/controllers/groups_controller.rb
View File

@ -327,7 +327,6 @@ class GroupsController < ApplicationController
# Maintain backwards compatibility
params[:usernames] = params[:username] if params[:username].present?
params[:user_ids] = params[:user_id] if params[:user_id].present?
params[:user_emails] = params[:user_email] if params[:user_email].present?
users = users_from_params
@ -492,8 +491,11 @@ class GroupsController < ApplicationController
if params[:usernames].present?
users = User.where(username_lower: params[:usernames].split(",").map(&:downcase))
raise Discourse::InvalidParameters.new(:usernames) if users.blank?
elsif params[:user_id].present?
users = User.where(id: params[:user_id].to_i)
raise Discourse::InvalidParameters.new(:user_id) if users.blank?
elsif params[:user_ids].present?
users = User.where(id: params[:user_ids].split(","))
users = User.where(id: params[:user_ids].to_s.split(","))
raise Discourse::InvalidParameters.new(:user_ids) if users.blank?
elsif params[:user_emails].present?
users = User.with_email(params[:user_emails].split(","))