mirror of
https://github.com/codeninjasllc/discourse.git
synced 2024-11-27 09:36:19 -05:00
small topic/category guardians refactor
This commit is contained in:
parent
ea46e5dd57
commit
5eda2f43c6
2 changed files with 9 additions and 25 deletions
|
@ -45,9 +45,9 @@ module CategoryGuardian
|
|||
end
|
||||
|
||||
def can_see_category?(category)
|
||||
is_admin? ||
|
||||
!category.read_restricted ||
|
||||
(@user.staged? && category.email_in.present? && category.email_in_allow_strangers) ||
|
||||
return true if is_admin?
|
||||
return true if !category.read_restricted
|
||||
return true if is_staged? && category.email_in.present? && category.email_in_allow_strangers
|
||||
secure_category_ids.include?(category.id)
|
||||
end
|
||||
|
||||
|
|
|
@ -68,43 +68,27 @@ module TopicGuardian
|
|||
end
|
||||
|
||||
def can_reply_as_new_topic?(topic)
|
||||
authenticated? && topic && not(topic.private_message?) && @user.has_trust_level?(TrustLevel[1])
|
||||
authenticated? && topic && !topic.private_message? && @user.has_trust_level?(TrustLevel[1])
|
||||
end
|
||||
|
||||
def can_see_deleted_topics?
|
||||
is_staff?
|
||||
end
|
||||
|
||||
def can_see_topic?(topic)
|
||||
def can_see_topic?(topic, hide_deleted=true)
|
||||
return false unless topic
|
||||
# Admins can see everything
|
||||
return true if is_admin?
|
||||
# Deleted topics
|
||||
return false if topic.deleted_at && !can_see_deleted_topics?
|
||||
return false if hide_deleted && topic.deleted_at && !can_see_deleted_topics?
|
||||
|
||||
if topic.private_message?
|
||||
return authenticated? &&
|
||||
topic.all_allowed_users.where(id: @user.id).exists?
|
||||
return authenticated? && topic.all_allowed_users.where(id: @user.id).exists?
|
||||
end
|
||||
|
||||
# not secure, or I can see it
|
||||
!topic.read_restricted_category? || can_see_category?(topic.category)
|
||||
can_see_category?(topic.category)
|
||||
end
|
||||
|
||||
def can_see_topic_if_not_deleted?(topic)
|
||||
return false unless topic
|
||||
# Admins can see everything
|
||||
return true if is_admin?
|
||||
# Deleted topics
|
||||
# return false if topic.deleted_at && !can_see_deleted_topics?
|
||||
|
||||
if topic.private_message?
|
||||
return authenticated? &&
|
||||
topic.all_allowed_users.where(id: @user.id).exists?
|
||||
end
|
||||
|
||||
# not secure, or I can see it
|
||||
!topic.read_restricted_category? || can_see_category?(topic.category)
|
||||
can_see_topic?(topic, false)
|
||||
end
|
||||
|
||||
def filter_allowed_categories(records)
|
||||
|
|
Loading…
Reference in a new issue