From 415efd0f5b92f73a44cc994d80581ea6f7d5b0bd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=A9gis=20Hanol?= Date: Wed, 24 Feb 2016 11:30:17 +0100 Subject: [PATCH] FIX: staged user doesn't get notified for replies in topics they created in secured categories --- lib/guardian.rb | 1 + lib/guardian/category_guardian.rb | 5 ++- spec/components/guardian_spec.rb | 51 +++++++++++++++++++++++++++++++ 3 files changed, 56 insertions(+), 1 deletion(-) diff --git a/lib/guardian.rb b/lib/guardian.rb index 92c09f2ed..576d477b1 100644 --- a/lib/guardian.rb +++ b/lib/guardian.rb @@ -22,6 +22,7 @@ class Guardian def staff?; false; end def moderator?; false; end def approved?; false; end + def staged?; false; end def secure_category_ids; []; end def topic_create_allowed_category_ids; []; end def has_trust_level?(level); false; end diff --git a/lib/guardian/category_guardian.rb b/lib/guardian/category_guardian.rb index c24c652b6..b711c12d0 100644 --- a/lib/guardian/category_guardian.rb +++ b/lib/guardian/category_guardian.rb @@ -45,7 +45,10 @@ module CategoryGuardian end def can_see_category?(category) - not(category.read_restricted) || secure_category_ids.include?(category.id) + is_admin? || + !category.read_restricted || + (@user.staged? && category.email_in.present? && category.email_in_allow_strangers) || + secure_category_ids.include?(category.id) end def secure_category_ids diff --git a/spec/components/guardian_spec.rb b/spec/components/guardian_spec.rb index 14db91210..7951409e0 100644 --- a/spec/components/guardian_spec.rb +++ b/spec/components/guardian_spec.rb @@ -370,6 +370,57 @@ describe Guardian do end end + describe 'a Category' do + + it 'allows public categories' do + public_category = build(:category, read_restricted: false) + expect(Guardian.new.can_see?(public_category)).to be_truthy + end + + it 'correctly handles secure categories' do + normal_user = build(:user) + staged_user = build(:user, staged: true) + admin_user = build(:user, admin: true) + + secure_category = build(:category, read_restricted: true) + expect(Guardian.new(normal_user).can_see?(secure_category)).to be_falsey + expect(Guardian.new(staged_user).can_see?(secure_category)).to be_falsey + expect(Guardian.new(admin_user).can_see?(secure_category)).to be_truthy + + secure_category = build(:category, read_restricted: true, email_in: "foo@bar.com") + expect(Guardian.new(normal_user).can_see?(secure_category)).to be_falsey + expect(Guardian.new(staged_user).can_see?(secure_category)).to be_falsey + expect(Guardian.new(admin_user).can_see?(secure_category)).to be_truthy + + secure_category = build(:category, read_restricted: true, email_in_allow_strangers: true) + expect(Guardian.new(normal_user).can_see?(secure_category)).to be_falsey + expect(Guardian.new(staged_user).can_see?(secure_category)).to be_falsey + expect(Guardian.new(admin_user).can_see?(secure_category)).to be_truthy + + secure_category = build(:category, read_restricted: true, email_in: "foo@bar.com", email_in_allow_strangers: true) + expect(Guardian.new(normal_user).can_see?(secure_category)).to be_falsey + expect(Guardian.new(staged_user).can_see?(secure_category)).to be_truthy + expect(Guardian.new(admin_user).can_see?(secure_category)).to be_truthy + end + + it 'allows members of an authorized group' do + user = Fabricate(:user) + group = Fabricate(:group) + + secure_category = Fabricate(:category) + secure_category.set_permissions(group => :readonly) + secure_category.save + + expect(Guardian.new(user).can_see?(secure_category)).to be_falsey + + group.add(user) + group.save + + expect(Guardian.new(user).can_see?(secure_category)).to be_truthy + end + + end + describe 'a Topic' do it 'allows non logged in users to view topics' do expect(Guardian.new.can_see?(topic)).to be_truthy