FIX: staged users weren't able to reply in restricted categories

This commit is contained in:
Régis Hanol 2016-06-26 19:25:45 +02:00
parent 74e93d2260
commit 800081f606
5 changed files with 53 additions and 50 deletions

View file

@ -60,32 +60,21 @@ class Category < ActiveRecord::Base
has_many :category_tag_groups, dependent: :destroy
has_many :tag_groups, through: :category_tag_groups
scope :latest, ->{ order('topic_count desc') }
scope :latest, -> { order('topic_count DESC') }
scope :secured, ->(guardian = nil) {
scope :secured, -> (guardian = nil) {
ids = guardian.secure_category_ids if guardian
if ids.present?
where("NOT categories.read_restricted or categories.id in (:cats)", cats: ids).references(:categories)
where("NOT categories.read_restricted OR categories.id IN (:cats)", cats: ids).references(:categories)
else
where("NOT categories.read_restricted").references(:categories)
end
}
scope :topic_create_allowed, ->(guardian) {
if guardian.anonymous?
where("1=0")
else
scoped_to_permissions(guardian, [:full])
end
}
scope :post_create_allowed, ->(guardian) {
if guardian.anonymous?
where("1=0")
else
scoped_to_permissions(guardian, [:create_post, :full])
end
}
TOPIC_CREATION_PERMISSIONS ||= [:full]
POST_CREATION_PERMISSIONS ||= [:create_post, :full]
scope :topic_create_allowed, -> (guardian) { scoped_to_permissions(guardian, TOPIC_CREATION_PERMISSIONS) }
scope :post_create_allowed, -> (guardian) { scoped_to_permissions(guardian, POST_CREATION_PERMISSIONS) }
delegate :post_template, to: 'self.class'
@ -98,7 +87,7 @@ class Category < ActiveRecord::Base
end
def self.scoped_to_permissions(guardian, permission_types)
if guardian && guardian.is_admin?
if guardian.try(:is_admin?)
all
elsif !guardian || guardian.anonymous?
if permission_types.include?(:readonly)
@ -107,28 +96,19 @@ class Category < ActiveRecord::Base
where("1 = 0")
end
else
permission_types = permission_types.map{ |permission_type|
CategoryGroup.permission_types[permission_type]
}
where("categories.id in (
SELECT cg.category_id FROM category_groups cg
WHERE permission_type in (:permissions) AND
(
group_id IN (
SELECT g.group_id FROM group_users g where g.user_id = :user_id
)
)
)
OR
categories.id in (
SELECT cg.category_id FROM category_groups cg
WHERE permission_type in (:permissions) AND group_id = :everyone
)
OR
categories.id NOT in (SELECT cg.category_id FROM category_groups cg)
", permissions: permission_types,
user_id: guardian.user.id,
everyone: Group[:everyone].id)
permissions = permission_types.map { |p| CategoryGroup.permission_types[p] }
where("(:staged AND LENGTH(COALESCE(email_in, '')) > 0 AND email_in_allow_strangers)
OR categories.id NOT IN (SELECT category_id FROM category_groups)
OR categories.id IN (
SELECT category_id
FROM category_groups
WHERE permission_type IN (:permissions)
AND (group_id = :everyone OR group_id IN (SELECT group_id FROM group_users WHERE user_id = :user_id))
)",
staged: guardian.is_staged?,
permissions: permissions,
user_id: guardian.user.id,
everyone: Group[:everyone].id)
end
end
@ -139,14 +119,13 @@ class Category < ActiveRecord::Base
.group("topics.category_id")
.visible.to_sql
Category.exec_sql <<SQL
Category.exec_sql <<-SQL
UPDATE categories c
SET topic_count = x.topic_count,
post_count = x.post_count
FROM (#{topics_with_post_count}) x
WHERE x.category_id = c.id AND
(c.topic_count <> x.topic_count OR c.post_count <> x.post_count)
SET topic_count = x.topic_count,
post_count = x.post_count
FROM (#{topics_with_post_count}) x
WHERE x.category_id = c.id
AND (c.topic_count <> x.topic_count OR c.post_count <> x.post_count)
SQL
# Yes, there are a lot of queries happening below.

View file

@ -78,6 +78,10 @@ class Guardian
)
end
def is_staged?
@user.staged?
end
# Can the user see the object?
def can_see?(obj)
if obj

View file

@ -76,7 +76,6 @@ module PostGuardian
# Creating Method
def can_create_post?(parent)
(!SpamRule::AutoBlock.block?(@user) || (!!parent.try(:private_message?) && parent.allowed_users.include?(@user))) && (
!parent ||
!parent.category ||

View file

@ -107,8 +107,9 @@ describe Email::Receiver do
context "reply" do
let(:reply_key) { "4f97315cc828096c9cb34c6f1a0d6fe8" }
let(:category) { Fabricate(:category) }
let(:user) { Fabricate(:user, email: "discourse@bar.com") }
let(:topic) { create_topic(user: user) }
let(:topic) { create_topic(category: category, user: user) }
let(:post) { create_post(topic: topic, user: user) }
let!(:email_log) { Fabricate(:email_log, reply_key: reply_key, user: user, topic: topic, post: post) }
@ -214,6 +215,17 @@ describe Email::Receiver do
expect { process(:auto_generated_unblocked) }.to change { topic.posts.count }
end
it "allows staged users to reply to a restricted category" do
user.update_columns(staged: true)
category.email_in = "category@bar.com"
category.email_in_allow_strangers = true
category.set_permissions(Group[:trust_level_4] => :full)
category.save
expect { process(:staged_reply_restricted) }.to change { topic.posts.count }
end
describe 'Unsubscribing via email' do
let(:last_email) { ActionMailer::Base.deliveries.last }

View file

@ -0,0 +1,9 @@
Return-Path: <discourse@bar.com>
From: Foo Bar <discourse@bar.com>
To: reply+4f97315cc828096c9cb34c6f1a0d6fe8@bar.com
Date: Fri, 15 Jun 2016 00:12:43 +0100
Message-ID: <54@foo.bar.mail>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
This is a reply from a staged user in a topic in a restricted category.