Expunge the admin accounts avatar and header deletes to more recumbulant places?!

2025-09-05 17:31:12 +00:00 · 2025-08-16 19:07:05 -04:00 · 2025-08-16 19:07:05 -04:00 · d57b5176b8
commit d57b5176b8
parent 72bd1ed4b3
8 changed files with 119 additions and 49 deletions
--- a/app/controllers/admin/accounts/avatars_controller.rb
+++ b/app/controllers/admin/accounts/avatars_controller.rb
@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Admin
+  class Accounts::AvatarsController < BaseController
+    before_action :set_account
+
+    def destroy
+      authorize @account, :remove_avatar?
+
+      @account.avatar = nil
+      @account.save!
+
+      log_action :remove_avatar, @account.user
+
+      redirect_to admin_account_path(@account.id), notice: t('admin.accounts.removed_avatar_msg', username: @account.acct)
+    end
+
+    private
+
+    def set_account
+      @account = Account.find(params[:account_id])
+    end
+  end
+end
--- a/app/controllers/admin/accounts/headers_controller.rb
+++ b/app/controllers/admin/accounts/headers_controller.rb
@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+module Admin
+  class Accounts::HeadersController < BaseController
+    before_action :set_account
+
+    def destroy
+      authorize @account, :remove_header?
+
+      @account.header = nil
+      @account.save!
+
+      log_action :remove_header, @account.user
+
+      redirect_to admin_account_path(@account.id), notice: t('admin.accounts.removed_header_msg', username: @account.acct)
+    end
+
+    private
+
+    def set_account
+      @account = Account.find(params[:account_id])
+    end
+  end
+end
--- a/app/controllers/admin/accounts_controller.rb
+++ b/app/controllers/admin/accounts_controller.rb
@ -106,28 +106,6 @@ module Admin
      redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.redownloaded_msg', username: @account.acct)
    end

-    def remove_avatar
-      authorize @account, :remove_avatar?
-
-      @account.avatar = nil
-      @account.save!
-
-      log_action :remove_avatar, @account.user
-
-      redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.removed_avatar_msg', username: @account.acct)
-    end
-
-    def remove_header
-      authorize @account, :remove_header?
-
-      @account.header = nil
-      @account.save!
-
-      log_action :remove_header, @account.user
-
-      redirect_to admin_account_path(@account.id), notice: I18n.t('admin.accounts.removed_header_msg', username: @account.acct)
-    end
-
    def unblock_email
      authorize @account, :unblock_email?

--- a/app/views/admin/accounts/_local_account.html.haml
+++ b/app/views/admin/accounts/_local_account.html.haml
@ -1,12 +1,12 @@
 - if account.avatar?
  %tr
    %th= t('admin.accounts.avatar')
-    %td= table_link_to 'delete', t('admin.accounts.remove_avatar'), remove_avatar_admin_account_path(account.id), method: :post, data: { confirm: t('admin.accounts.are_you_sure') } if can?(:remove_avatar, account)
+    %td= table_link_to 'delete', t('admin.accounts.remove_avatar'), admin_account_avatar_path(account.id), method: :delete, data: { confirm: t('admin.accounts.are_you_sure') } if can?(:remove_avatar, account)
    %td
 - if account.header?
  %tr
    %th= t('admin.accounts.header')
-    %td= table_link_to 'delete', t('admin.accounts.remove_header'), remove_header_admin_account_path(account.id), method: :post, data: { confirm: t('admin.accounts.are_you_sure') } if can?(:remove_header, account)
+    %td= table_link_to 'delete', t('admin.accounts.remove_header'), admin_account_header_path(account.id), method: :delete, data: { confirm: t('admin.accounts.are_you_sure') } if can?(:remove_header, account)
    %td
 %tr
  %th= t('admin.accounts.role')
--- a/config/routes/admin.rb
+++ b/config/routes/admin.rb
@ -131,14 +131,17 @@ namespace :admin do
  resources :report_notes, only: [:create, :destroy]

  resources :accounts, only: [:index, :show, :destroy] do
+    scope module: :accounts do
+      resource :header, only: :destroy
+      resource :avatar, only: :destroy
+    end
+
    member do
      post :enable
      post :unsensitive
      post :unsilence
      post :unsuspend
      post :redownload
-      post :remove_avatar
-      post :remove_header
      post :memorialize
      post :approve
      post :reject
--- a/spec/controllers/admin/accounts/avatars_controller_spec.rb
+++ b/spec/controllers/admin/accounts/avatars_controller_spec.rb
@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe Admin::Accounts::AvatarsController do
+  render_views
+
+  before { sign_in current_user }
+
+  describe 'DELETE #destroy' do
+    subject { delete :destroy, params: { account_id: account.id } }
+
+    let(:current_user) { Fabricate(:user, role: role) }
+    let(:account) { Fabricate(:account) }
+
+    context 'when user is admin' do
+      let(:role) { UserRole.find_by(name: 'Admin') }
+
+      it 'succeeds in removing avatar' do
+        expect(subject).to redirect_to admin_account_path(account.id)
+      end
+    end
+
+    context 'when user is not admin' do
+      let(:role) { UserRole.everyone }
+
+      it 'fails to remove avatar' do
+        expect(subject).to have_http_status 403
+      end
+    end
+  end
+end
--- a/spec/controllers/admin/accounts/headers_controller_spec.rb
+++ b/spec/controllers/admin/accounts/headers_controller_spec.rb
@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+require 'rails_helper'
+
+RSpec.describe Admin::Accounts::HeadersController do
+  render_views
+
+  before { sign_in current_user }
+
+  describe 'DELETE #destroy' do
+    subject { delete :destroy, params: { account_id: account.id } }
+
+    let(:current_user) { Fabricate(:user, role: role) }
+    let(:account) { Fabricate(:account) }
+
+    context 'when user is admin' do
+      let(:role) { UserRole.find_by(name: 'Admin') }
+
+      it 'succeeds in removing header' do
+        expect(subject).to redirect_to admin_account_path(account.id)
+      end
+    end
+
+    context 'when user is not admin' do
+      let(:role) { UserRole.everyone }
+
+      it 'fails to remove header' do
+        expect(subject).to have_http_status 403
+      end
+    end
+  end
+end
--- a/spec/controllers/admin/accounts_controller_spec.rb
+++ b/spec/controllers/admin/accounts_controller_spec.rb
@ -280,29 +280,6 @@ RSpec.describe Admin::AccountsController do
    end
  end

-  describe 'POST #remove_avatar' do
-    subject { post :remove_avatar, params: { id: account.id } }
-
-    let(:current_user) { Fabricate(:user, role: role) }
-    let(:account) { Fabricate(:account) }
-
-    context 'when user is admin' do
-      let(:role) { UserRole.find_by(name: 'Admin') }
-
-      it 'succeeds in removing avatar' do
-        expect(subject).to redirect_to admin_account_path(account.id)
-      end
-    end
-
-    context 'when user is not admin' do
-      let(:role) { UserRole.everyone }
-
-      it 'fails to remove avatar' do
-        expect(subject).to have_http_status 403
-      end
-    end
-  end
-
  describe 'POST #unblock_email' do
    subject { post :unblock_email, params: { id: account.id } }