FIX: prevent re-flagging when we have reviewed flags before (#10010)

FIX: prevent re-flagging when we have reviewed flags before (#10010)

FIX: prevent re-flagging when we have reviewed flags before

Fixes an edge case where a review can be reflagged when: User flags as inappropriate. Moderator rejects the flag. Another user re-flags the post as spam.

Before, anyone was able to re-flag as inappropriate despite it being flagged previously. With this, users are unable to re-flag for the same reason regardless of reviewable status.

diff --git a/lib/post_action_creator.rb b/lib/post_action_creator.rb
index f647a43..62d5768 100644
--- a/lib/post_action_creator.rb
+++ b/lib/post_action_creator.rb
@@ -141,11 +141,11 @@ private
 
   def cannot_flag_again?(reviewable)
     return false if @post_action_type_id == PostActionType.types[:notify_moderators]
-    flag_type_already_used = reviewable.reviewable_scores.any? { |rs| rs.reviewable_score_type == @post_action_type_id }
+    flag_type_already_used = reviewable.reviewable_scores.any? { |rs| rs.reviewable_score_type == @post_action_type_id && rs.status != ReviewableScore.statuses[:pending] }
     not_edited_since_last_review = @post.last_version_at.blank? || reviewable.updated_at > @post.last_version_at
     handled_recently = reviewable.updated_at > SiteSetting.cooldown_hours_until_reflag.to_i.hours.ago
 
-    !reviewable.pending? && flag_type_already_used && not_edited_since_last_review && handled_recently
+    flag_type_already_used && not_edited_since_last_review && handled_recently
   end
 
   def notify_subscribers
diff --git a/spec/components/post_action_creator_spec.rb b/spec/components/post_action_creator_spec.rb
index ad013f8..010455f 100644
--- a/spec/components/post_action_creator_spec.rb
+++ b/spec/components/post_action_creator_spec.rb
@@ -151,6 +151,26 @@ describe PostActionCreator do
           expect(result.success?).to eq(false)
         end
 
+        it "succeeds with other flag action types" do
+          freeze_time 10.seconds.from_now
+          spam_result = PostActionCreator.create(user, post, :spam)
+
+          expect(reviewable.reload.pending?).to eq(true)
+        end
+
+        it "fails when other flag action types are open" do
+          freeze_time 10.seconds.from_now
+          spam_result = PostActionCreator.create(user, post, :spam)
+
+          inappropriate_result = PostActionCreator.create(Fabricate(:user), post, :inappropriate)
+
+          reviewable.reload
+
+          expect(inappropriate_result.success?).to eq(false)
+          expect(reviewable.pending?).to eq(true)
+          expect(reviewable.reviewable_scores.select(&:pending?).count).to eq(1)
+        end
+
         it "succesfully flags the post if it was reviewed more than 24 hours ago" do
           reviewable.update!(updated_at: 25.hours.ago)
           post.last_version_at = 30.hours.ago

GitHub sha: 70a88111

1 Like

This commit appears in #10010 which was approved by romanrizzi. It was merged by featheredtoast.