diff --git a/services/issue/comments.go b/services/issue/comments.go index cd17641090..d1645d5a80 100644 --- a/services/issue/comments.go +++ b/services/issue/comments.go @@ -46,8 +46,8 @@ func CreateRefComment(ctx context.Context, doer *user_model.User, repo *repo_mod // CreateIssueComment creates a plain issue comment. func CreateIssueComment(ctx context.Context, doer *user_model.User, repo *repo_model.Repository, issue *issues_model.Issue, content string, attachments []string) (*issues_model.Comment, error) { - // Check if doer is blocked by the poster of the issue. - if user_model.IsBlocked(ctx, issue.PosterID, doer.ID) { + // Check if doer is blocked by the poster of the issue or by the owner of the repository. + if user_model.IsBlockedMultiple(ctx, []int64{issue.PosterID, repo.OwnerID}, doer.ID) { return nil, user_model.ErrBlockedByUser } diff --git a/tests/integration/block_test.go b/tests/integration/block_test.go index 70e3fc08a5..4f8249f8cc 100644 --- a/tests/integration/block_test.go +++ b/tests/integration/block_test.go @@ -168,6 +168,9 @@ func TestBlockActions(t *testing.T) { repo7 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 7, OwnerID: blockedUser2.ID}) issue4 := unittest.AssertExistsAndLoadBean(t, &issue_model.Issue{ID: 4, RepoID: repo2.ID}) issue4URL := fmt.Sprintf("/%s/issues/%d", repo2.FullName(), issue4.Index) + repo42 := unittest.AssertExistsAndLoadBean(t, &repo_model.Repository{ID: 42, OwnerID: doer.ID}) + issue10 := unittest.AssertExistsAndLoadBean(t, &issue_model.Issue{ID: 10, RepoID: repo42.ID}, unittest.Cond("poster_id != ?", doer.ID)) + issue10URL := fmt.Sprintf("/%s/issues/%d", repo42.FullName(), issue10.Index) // NOTE: Sessions shouldn't be shared, because in some situations flash // messages are persistent and that would interfere with accurate test // results. @@ -206,8 +209,8 @@ func TestBlockActions(t *testing.T) { session := loginUser(t, blockedUser.Name) - req := NewRequestWithValues(t, "POST", path.Join(issue4URL, "/comments"), map[string]string{ - "_csrf": GetCSRF(t, session, issue4URL), + req := NewRequestWithValues(t, "POST", path.Join(issue10URL, "/comments"), map[string]string{ + "_csrf": GetCSRF(t, session, issue10URL), "content": "Not a kind comment", }) session.MakeRequest(t, req, http.StatusOK)