codeninjasllc/discourse
1
0
Fork 0
mirror of https://github.com/codeninjasllc/discourse.git synced 2024-11-23 23:58:31 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Easier helper for filtering secured categories

Browse source
This commit is contained in:
Robin Ward 2015-02-12 11:52:59 -05:00
parent 5f8e604abc
commit e207ca36ee
4 changed files with 17 additions and 23 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
app/models/group.rb
View file

@ -46,15 +46,7 @@ class Group < ActiveRecord::Base
.where('topics.archetype <> ?', Archetype.private_message) .where('topics.archetype <> ?', Archetype.private_message)
.where(post_type: Post.types[:regular]) .where(post_type: Post.types[:regular])
unless guardian.is_admin? result = guardian.filter_allowed_categories(result)
allowed_ids = guardian.allowed_category_ids
if allowed_ids.length > 0
result = result.where('topics.category_id IS NULL or topics.category_id IN (?)', allowed_ids)
else
result = result.where('topics.category_id IS NULL')
end
end
result = result.where('posts.id < ?', before_post_id) if before_post_id result = result.where('posts.id < ?', before_post_id) if before_post_id
result.order('posts.created_at desc') result.order('posts.created_at desc')
end end

15
lib/guardian/topic_guardian.rb
View file

@ -67,6 +67,19 @@ module TopicGuardian
# not secure, or I can see it # not secure, or I can see it
!topic.read_restricted_category? || can_see_category?(topic.category) !topic.read_restricted_category? || can_see_category?(topic.category)
end
def filter_allowed_categories(records)
unless is_admin?
allowed_ids = allowed_category_ids
if allowed_ids.length > 0
records = records.where('topics.category_id IS NULL or topics.category_id IN (?)', allowed_ids)
else
records = records.where('topics.category_id IS NULL')
end
records = records.references(:categories)
end
records
end
end end
end

13
lib/topic_query.rb
View file

@ -359,18 +359,7 @@ class TopicQuery
result = result.where('topics.posts_count <= ?', options[:max_posts]) if options[:max_posts].present? result = result.where('topics.posts_count <= ?', options[:max_posts]) if options[:max_posts].present?
result = result.where('topics.posts_count >= ?', options[:min_posts]) if options[:min_posts].present? result = result.where('topics.posts_count >= ?', options[:min_posts]) if options[:min_posts].present?
guardian = Guardian.new(@user) Guardian.new(@user).filter_allowed_categories(result)
if !guardian.is_admin?
allowed_ids = guardian.allowed_category_ids
if allowed_ids.length > 0
result = result.where('topics.category_id IS NULL or topics.category_id IN (?)', allowed_ids)
else
result = result.where('topics.category_id IS NULL')
end
result = result.references(:categories)
end
result
end end
def remove_muted_categories(list, user, opts=nil) def remove_muted_categories(list, user, opts=nil)

2
spec/components/guardian_spec.rb
View file

@ -19,7 +19,7 @@ describe Guardian do
expect { Guardian.new }.not_to raise_error expect { Guardian.new }.not_to raise_error
end end
it 'can be instantiaed with a user instance' do it 'can be instantiated with a user instance' do
expect { Guardian.new(user) }.not_to raise_error expect { Guardian.new(user) }.not_to raise_error
end end