Merge branch 'improve/avatar_upload_only_images' of /home/git/repositories/gitlab/gitlabhq

2 files changed, 21 insertions, 2 deletions

diff --git a/app/models/user.rb b/app/models/user.rb
index d36af7a8b8a..cdf6592bc69 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -113,9 +113,8 @@ class User < ActiveRecord::Base
                       message: "only letters, digits & '_' '-' '.' allowed. Letter should be first" }
 
   validates :notification_level, inclusion: { in: Notification.notification_levels }, presence: true
-
   validate :namespace_uniq, if: ->(user) { user.username_changed? }
-
+  validate :avatar_type, if: ->(user) { user.avatar_changed? }
   validates :avatar, file_size: { maximum: 100.kilobytes.to_i }
 
   before_validation :generate_password, on: :create
@@ -244,6 +243,12 @@ class User < ActiveRecord::Base
     end
   end
 
+  def avatar_type
+    unless self.avatar.image?
+      self.errors.add :avatar, "only images allowed"
+    end
+  end
+
   # Groups user has access to
   def authorized_groups
     @authorized_groups ||= begin
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 59f75ae552a..94bd19f5900 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -279,4 +279,18 @@ describe User do
       User.by_username_or_id('bar').should be_nil
     end
   end
+
+  describe :avatar_type do
+    let(:user) { create(:user) }
+
+    it "should be true if avatar is image" do
+      user.update_attribute(:avatar, 'uploads/avatar.png')
+      user.avatar_type.should be_true
+    end
+
+    it "should be false if avatar is html page" do
+      user.update_attribute(:avatar, 'uploads/avatar.html')
+      user.avatar_type.should == ["only images allowed"]
+    end
+  end
 end