Merge pull request #8859 from CitizenLabDotCo/TAN-2632-gravatar-featu…

…re-flag

TAN-2632 Added a feature flag to opt-out of Gravatar

back/app/jobs/generate_user_avatar_job.rb

@@ -5,6 +5,7 @@ class GenerateUserAvatarJob < ApplicationJob
 
   def run(user)
     return unless AppConfiguration.instance.feature_activated?('user_avatars')
+    return unless AppConfiguration.instance.feature_activated?('gravatar_avatars')
     return unless user && !user.avatar? && user.email
 
     hash = Digest::MD5.hexdigest(user.email)

back/config/schemas/settings.schema.json.erb

@@ -255,6 +255,18 @@
         }
       },
 
+      "gravatar_avatars": {
+        "type": "object",
+        "title": "Automatically try to download an avatar from an external service called Gravatar when a user registers without an avatar",
+        "description": "Allow users to upload a profile picture.",
+        "additionalProperties": false,
+        "required": ["allowed", "enabled"],
+        "properties": {
+          "allowed": { "type": "boolean", "default": true },
+          "enabled": { "type": "boolean", "default": true }
+        }
+      },
+
       "internal_commenting": {
         "type": "object",
         "title": "Internal commenting",
@@ -1354,7 +1366,8 @@
     "large_summaries": ["analysis"],
     "ask_a_question": ["analysis"],
     "advanced_autotagging": ["analysis"],
-    "import_printed_forms": ["input_importer"]
+    "import_printed_forms": ["input_importer"],
+    "gravatar_avatars": ["user_avatars"]
   },
   "definitions": {
     "multiloc_string": {

back/engines/commercial/multi_tenancy/db/seeds/tenants.rb

@@ -397,6 +397,10 @@ def create_localhost_tenant
               enabled: true,
               allowed: true
             },
+            gravatar_avatars: {
+              enabled: true,
+              allowed: true
+            },
             internal_commenting: {
               enabled: true,
               allowed: true

back/spec/acceptance/users_spec.rb

@@ -174,7 +174,10 @@
         end
 
         context 'when the user_avatars module is inactive' do
-          before { SettingsService.new.deactivate_feature!('user_avatars') }
+          before do
+            SettingsService.new.deactivate_feature!('gravatar_avatars')
+            SettingsService.new.deactivate_feature!('user_avatars')
+          end
 
           example_request 'Create a user without avatar' do
             assert_status 201
@@ -1192,7 +1195,10 @@
         end
 
         describe 'when user_avatars is disabled' do
-          before { SettingsService.new.deactivate_feature!('user_avatars') }
+          before do
+            SettingsService.new.deactivate_feature!('gravatar_avatars')
+            SettingsService.new.deactivate_feature!('user_avatars')
+          end
 
           example 'The user avatar can be removed' do
             @user.update!(avatar: Rails.root.join('spec/fixtures/male_avatar_1.jpg').open)

back/spec/jobs/generate_user_avatar_job_spec.rb

@@ -19,7 +19,30 @@
     end
 
     context 'when user_avatars is disabled' do
-      before { SettingsService.new.deactivate_feature!('user_avatars') }
+      before do
+        SettingsService.new.deactivate_feature!('gravatar_avatars')
+        SettingsService.new.deactivate_feature!('user_avatars')
+      end
+
+      it 'does not retrieve and store the gravatar' do
+        expect(user).not_to receive(:remote_avatar_url=)
+        expect(user).not_to receive(:save)
+
+        job.perform(user)
+      end
+    end
+
+    context 'when gravatar_avatars is enabled' do
+      before { SettingsService.new.activate_feature!('gravatar_avatars') }
+
+      it 'retrieves and stores an avatar when the user has a gravatar for his email address' do
+        job.perform(user)
+        expect(user.reload.avatar).to be_present
+      end
+    end
+
+    context 'when gravatar_avatars is disabled' do
+      before { SettingsService.new.deactivate_feature!('gravatar_avatars') }
 
       it 'does not retrieve and store the gravatar' do
         expect(user).not_to receive(:remote_avatar_url=)