FIX: staged user doesn't get notified for replies in topics they created in secured categories

This commit is contained in:
Régis Hanol 2016-02-24 11:30:17 +01:00
parent 0097dc55b5
commit 415efd0f5b
3 changed files with 56 additions and 1 deletions

View file

@ -22,6 +22,7 @@ class Guardian
def staff?; false; end
def moderator?; false; end
def approved?; false; end
def staged?; false; end
def secure_category_ids; []; end
def topic_create_allowed_category_ids; []; end
def has_trust_level?(level); false; end

View file

@ -45,7 +45,10 @@ module CategoryGuardian
end
def can_see_category?(category)
not(category.read_restricted) || secure_category_ids.include?(category.id)
is_admin? ||
!category.read_restricted ||
(@user.staged? && category.email_in.present? && category.email_in_allow_strangers) ||
secure_category_ids.include?(category.id)
end
def secure_category_ids

View file

@ -370,6 +370,57 @@ describe Guardian do
end
end
describe 'a Category' do
it 'allows public categories' do
public_category = build(:category, read_restricted: false)
expect(Guardian.new.can_see?(public_category)).to be_truthy
end
it 'correctly handles secure categories' do
normal_user = build(:user)
staged_user = build(:user, staged: true)
admin_user = build(:user, admin: true)
secure_category = build(:category, read_restricted: true)
expect(Guardian.new(normal_user).can_see?(secure_category)).to be_falsey
expect(Guardian.new(staged_user).can_see?(secure_category)).to be_falsey
expect(Guardian.new(admin_user).can_see?(secure_category)).to be_truthy
secure_category = build(:category, read_restricted: true, email_in: "foo@bar.com")
expect(Guardian.new(normal_user).can_see?(secure_category)).to be_falsey
expect(Guardian.new(staged_user).can_see?(secure_category)).to be_falsey
expect(Guardian.new(admin_user).can_see?(secure_category)).to be_truthy
secure_category = build(:category, read_restricted: true, email_in_allow_strangers: true)
expect(Guardian.new(normal_user).can_see?(secure_category)).to be_falsey
expect(Guardian.new(staged_user).can_see?(secure_category)).to be_falsey
expect(Guardian.new(admin_user).can_see?(secure_category)).to be_truthy
secure_category = build(:category, read_restricted: true, email_in: "foo@bar.com", email_in_allow_strangers: true)
expect(Guardian.new(normal_user).can_see?(secure_category)).to be_falsey
expect(Guardian.new(staged_user).can_see?(secure_category)).to be_truthy
expect(Guardian.new(admin_user).can_see?(secure_category)).to be_truthy
end
it 'allows members of an authorized group' do
user = Fabricate(:user)
group = Fabricate(:group)
secure_category = Fabricate(:category)
secure_category.set_permissions(group => :readonly)
secure_category.save
expect(Guardian.new(user).can_see?(secure_category)).to be_falsey
group.add(user)
group.save
expect(Guardian.new(user).can_see?(secure_category)).to be_truthy
end
end
describe 'a Topic' do
it 'allows non logged in users to view topics' do
expect(Guardian.new.can_see?(topic)).to be_truthy