mirror of
https://github.com/codeninjasllc/discourse.git
synced 2024-11-27 09:36:19 -05:00
FIX: A blocked user should not be able to moderate anything.
This commit is contained in:
parent
e72684f9dc
commit
dfdc54957c
2 changed files with 15 additions and 2 deletions
|
@ -25,6 +25,7 @@ class Guardian
|
||||||
def moderator?; false; end
|
def moderator?; false; end
|
||||||
def approved?; false; end
|
def approved?; false; end
|
||||||
def staged?; false; end
|
def staged?; false; end
|
||||||
|
def blocked?; false; end
|
||||||
def secure_category_ids; []; end
|
def secure_category_ids; []; end
|
||||||
def topic_create_allowed_category_ids; []; end
|
def topic_create_allowed_category_ids; []; end
|
||||||
def has_trust_level?(level); false; end
|
def has_trust_level?(level); false; end
|
||||||
|
@ -62,6 +63,10 @@ class Guardian
|
||||||
@user.moderator?
|
@user.moderator?
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def is_blocked?
|
||||||
|
@user.blocked?
|
||||||
|
end
|
||||||
|
|
||||||
def is_developer?
|
def is_developer?
|
||||||
@user &&
|
@user &&
|
||||||
is_admin? &&
|
is_admin? &&
|
||||||
|
@ -112,7 +117,7 @@ class Guardian
|
||||||
end
|
end
|
||||||
|
|
||||||
def can_moderate?(obj)
|
def can_moderate?(obj)
|
||||||
obj && authenticated? && (is_staff? || (obj.is_a?(Topic) && @user.has_trust_level?(TrustLevel[4])))
|
obj && authenticated? && !is_blocked? && (is_staff? || (obj.is_a?(Topic) && @user.has_trust_level?(TrustLevel[4])))
|
||||||
end
|
end
|
||||||
alias :can_move_posts? :can_moderate?
|
alias :can_move_posts? :can_moderate?
|
||||||
alias :can_see_flags? :can_moderate?
|
alias :can_see_flags? :can_moderate?
|
||||||
|
@ -269,7 +274,7 @@ class Guardian
|
||||||
# Can't send PMs to suspended users
|
# Can't send PMs to suspended users
|
||||||
(is_staff? || target.is_a?(Group) || !target.suspended?) &&
|
(is_staff? || target.is_a?(Group) || !target.suspended?) &&
|
||||||
# Blocked users can only send PM to staff
|
# Blocked users can only send PM to staff
|
||||||
(!@user.blocked? || target.staff?)
|
(!is_blocked? || target.staff?)
|
||||||
end
|
end
|
||||||
|
|
||||||
def can_see_emails?
|
def can_see_emails?
|
||||||
|
|
|
@ -1208,6 +1208,14 @@ describe Guardian do
|
||||||
expect(Guardian.new(user).can_moderate?(nil)).to be_falsey
|
expect(Guardian.new(user).can_moderate?(nil)).to be_falsey
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context 'when user is blocked' do
|
||||||
|
it 'returns false' do
|
||||||
|
user.toggle!(:blocked)
|
||||||
|
expect(Guardian.new(user).can_moderate?(post)).to be(false)
|
||||||
|
expect(Guardian.new(user).can_moderate?(topic)).to be(false)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
context 'a Topic' do
|
context 'a Topic' do
|
||||||
|
|
||||||
it 'returns false when not logged in' do
|
it 'returns false when not logged in' do
|
||||||
|
|
Loading…
Reference in a new issue