From e207ca36eeaa674e81180b2428b84abf6e6cebb1 Mon Sep 17 00:00:00 2001
From: Robin Ward <robin.ward@gmail.com>
Date: Thu, 12 Feb 2015 11:52:59 -0500
Subject: [PATCH] Easier helper for filtering secured categories

---
 app/models/group.rb              | 10 +---------
 lib/guardian/topic_guardian.rb   | 15 ++++++++++++++-
 lib/topic_query.rb               | 13 +------------
 spec/components/guardian_spec.rb |  2 +-
 4 files changed, 17 insertions(+), 23 deletions(-)

diff --git a/app/models/group.rb b/app/models/group.rb
index bfe0a874d..c8329eb5c 100644
--- a/app/models/group.rb
+++ b/app/models/group.rb
@@ -46,15 +46,7 @@ class Group < ActiveRecord::Base
                  .where('topics.archetype <> ?', Archetype.private_message)
                  .where(post_type: Post.types[:regular])
 
-    unless guardian.is_admin?
-      allowed_ids = guardian.allowed_category_ids
-      if allowed_ids.length > 0
-        result = result.where('topics.category_id IS NULL or topics.category_id IN (?)', allowed_ids)
-      else
-        result = result.where('topics.category_id IS NULL')
-      end
-    end
-
+    result = guardian.filter_allowed_categories(result)
     result = result.where('posts.id < ?', before_post_id) if before_post_id
     result.order('posts.created_at desc')
   end
diff --git a/lib/guardian/topic_guardian.rb b/lib/guardian/topic_guardian.rb
index f2829fb83..a3ec5abb6 100644
--- a/lib/guardian/topic_guardian.rb
+++ b/lib/guardian/topic_guardian.rb
@@ -67,6 +67,19 @@ module TopicGuardian
 
     # not secure, or I can see it
     !topic.read_restricted_category? || can_see_category?(topic.category)
-
   end
+
+  def filter_allowed_categories(records)
+    unless is_admin?
+      allowed_ids = allowed_category_ids
+      if allowed_ids.length > 0
+        records = records.where('topics.category_id IS NULL or topics.category_id IN (?)', allowed_ids)
+      else
+        records = records.where('topics.category_id IS NULL')
+      end
+      records = records.references(:categories)
+    end
+    records
+  end
+
 end
diff --git a/lib/topic_query.rb b/lib/topic_query.rb
index 69369fd9e..3485e59d8 100644
--- a/lib/topic_query.rb
+++ b/lib/topic_query.rb
@@ -359,18 +359,7 @@ class TopicQuery
       result = result.where('topics.posts_count <= ?', options[:max_posts]) if options[:max_posts].present?
       result = result.where('topics.posts_count >= ?', options[:min_posts]) if options[:min_posts].present?
 
-      guardian = Guardian.new(@user)
-      if !guardian.is_admin?
-        allowed_ids = guardian.allowed_category_ids
-        if allowed_ids.length > 0
-          result = result.where('topics.category_id IS NULL or topics.category_id IN (?)', allowed_ids)
-        else
-          result = result.where('topics.category_id IS NULL')
-        end
-        result = result.references(:categories)
-      end
-
-      result
+      Guardian.new(@user).filter_allowed_categories(result)
     end
 
     def remove_muted_categories(list, user, opts=nil)
diff --git a/spec/components/guardian_spec.rb b/spec/components/guardian_spec.rb
index d77791874..2a6318ab9 100644
--- a/spec/components/guardian_spec.rb
+++ b/spec/components/guardian_spec.rb
@@ -19,7 +19,7 @@ describe Guardian do
     expect { Guardian.new }.not_to raise_error
   end
 
-  it 'can be instantiaed with a user instance' do
+  it 'can be instantiated with a user instance' do
     expect { Guardian.new(user) }.not_to raise_error
   end