Module: TopicGuardian
- Included in:
- Guardian
- Defined in:
- lib/guardian/topic_guardian.rb
Overview
mixin for all guardian methods dealing with topic permissions
Instance Method Summary collapse
- #affected_by_slow_mode?(topic) ⇒ Boolean
- #can_banner_topic?(topic) ⇒ Boolean
- #can_convert_topic?(topic) ⇒ Boolean
- #can_create_post_on_topic?(topic) ⇒ Boolean
- #can_create_shared_draft? ⇒ Boolean
-
#can_create_topic?(parent) ⇒ Boolean
Creating Methods.
- #can_create_topic_on_category?(category) ⇒ Boolean
- #can_create_whisper? ⇒ Boolean
- #can_delete_topic?(topic) ⇒ Boolean
- #can_edit_featured_link?(category_id) ⇒ Boolean
- #can_edit_tags?(topic) ⇒ Boolean
-
#can_edit_topic?(topic) ⇒ Boolean
Editing Method.
- #can_get_access_to_topic?(topic) ⇒ Boolean
- #can_moderate_topic?(topic) ⇒ Boolean
- #can_move_posts?(topic) ⇒ Boolean
- #can_move_topic_to_category?(category) ⇒ Boolean
- #can_perform_action_available_to_group_moderators?(topic) ⇒ Boolean (also: #can_archive_topic?, #can_close_topic?, #can_open_topic?, #can_split_merge_topic?, #can_edit_staff_notes?, #can_pin_unpin_topic?)
- #can_permanently_delete_topic?(topic) ⇒ Boolean
- #can_publish_topic?(topic, category) ⇒ Boolean
- #can_recover_topic?(topic) ⇒ Boolean
- #can_remove_allowed_users?(topic, target_user = nil) ⇒ Boolean
- #can_reply_as_new_topic?(topic) ⇒ Boolean
- #can_review_topic?(topic) ⇒ Boolean
- #can_see_deleted_topics?(category) ⇒ Boolean
- #can_see_shared_draft? ⇒ Boolean
- #can_see_topic?(topic, hide_deleted = true) ⇒ Boolean
-
#can_see_topic_ids(topic_ids: [], hide_deleted: true) ⇒ Object
Accepts an array of ‘Topic#id` and returns an array of `Topic#id` which the user can see.
- #can_see_unlisted_topics? ⇒ Boolean
- #can_see_whispers?(_topic = nil) ⇒ Boolean
- #can_toggle_topic_visibility?(topic) ⇒ Boolean (also: #can_create_unlisted_topic?)
- #can_update_bumped_at? ⇒ Boolean
- #filter_allowed_categories(records, category_id_column: "topics.category_id") ⇒ Object
- #is_in_edit_topic_groups? ⇒ Boolean
Instance Method Details
#affected_by_slow_mode?(topic) ⇒ Boolean
359 360 361 |
# File 'lib/guardian/topic_guardian.rb', line 359 def affected_by_slow_mode?(topic) topic&.slow_mode_seconds.to_i > 0 && @user.human? && !is_staff? end |
#can_banner_topic?(topic) ⇒ Boolean
323 324 325 |
# File 'lib/guardian/topic_guardian.rb', line 323 def (topic) topic && authenticated? && !topic. && is_staff? end |
#can_convert_topic?(topic) ⇒ Boolean
203 204 205 206 207 208 209 210 |
# File 'lib/guardian/topic_guardian.rb', line 203 def can_convert_topic?(topic) return false if topic.blank? return false if topic.trashed? return false if topic.is_category_topic? return true if is_admin? return false if !@user.in_any_groups?(SiteSetting.) is_moderator? && can_create_post?(topic) end |
#can_create_post_on_topic?(topic) ⇒ Boolean
77 78 79 80 81 82 83 84 85 86 87 88 |
# File 'lib/guardian/topic_guardian.rb', line 77 def can_create_post_on_topic?(topic) # No users can create posts on deleted topics return false if topic.blank? return false if topic.trashed? return true if is_admin? trusted = (authenticated? && user.has_trust_level?(TrustLevel[4])) || is_moderator? || can_perform_action_available_to_group_moderators?(topic) (!(topic.closed? || topic.archived?) || trusted) && can_create_post?(topic) end |
#can_create_shared_draft? ⇒ Boolean
27 28 29 |
# File 'lib/guardian/topic_guardian.rb', line 27 def can_create_shared_draft? SiteSetting.shared_drafts_enabled? && can_see_shared_draft? end |
#can_create_topic?(parent) ⇒ Boolean
Creating Methods
48 49 50 51 52 53 54 |
# File 'lib/guardian/topic_guardian.rb', line 48 def can_create_topic?(parent) is_staff? || ( user && user.trust_level >= SiteSetting.min_trust_to_create_topic.to_i && can_create_post?(parent) && Category.topic_create_allowed(self).limit(1).count == 1 ) end |
#can_create_topic_on_category?(category) ⇒ Boolean
56 57 58 59 60 61 62 |
# File 'lib/guardian/topic_guardian.rb', line 56 def can_create_topic_on_category?(category) # allow for category to be a number as well category_id = Category === category ? category.id : category can_create_topic?(nil) && (!category || Category.topic_create_allowed(self).where(id: category_id).count == 1) end |
#can_create_whisper? ⇒ Boolean
35 36 37 |
# File 'lib/guardian/topic_guardian.rb', line 35 def can_create_whisper? @user.whisperer? end |
#can_delete_topic?(topic) ⇒ Boolean
156 157 158 159 160 161 162 163 164 165 166 |
# File 'lib/guardian/topic_guardian.rb', line 156 def can_delete_topic?(topic) !topic.trashed? && ( is_staff? || ( is_my_own?(topic) && topic.posts_count <= 1 && topic.created_at && topic.created_at > 24.hours.ago ) || is_category_group_moderator?(topic.category) || (SiteSetting.tl4_delete_posts_and_topics && user.has_trust_level?(TrustLevel[4])) ) && !topic.is_category_topic? && !Discourse.static_doc_topic_ids.include?(topic.id) end |
#can_edit_featured_link?(category_id) ⇒ Boolean
310 311 312 313 314 315 316 317 |
# File 'lib/guardian/topic_guardian.rb', line 310 def can_edit_featured_link?(category_id) return false unless SiteSetting.topic_featured_link_enabled return false if @user.trust_level == TrustLevel.levels[:newuser] Category.where( id: category_id || SiteSetting.uncategorized_category_id, topic_featured_link_allowed: true, ).exists? end |
#can_edit_tags?(topic) ⇒ Boolean
327 328 329 330 331 332 333 334 335 336 337 338 |
# File 'lib/guardian/topic_guardian.rb', line 327 def (topic) return false unless can_tag_topics? return false if topic. && !can_tag_pms? return true if can_edit_topic?(topic) if topic&.first_post&.wiki && (@user.trust_level >= SiteSetting.min_trust_to_edit_wiki_post.to_i) return can_create_post?(topic) end false end |
#can_edit_topic?(topic) ⇒ Boolean
Editing Method
91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 |
# File 'lib/guardian/topic_guardian.rb', line 91 def can_edit_topic?(topic) return false if Discourse.static_doc_topic_ids.include?(topic.id) && !is_admin? return false unless can_see?(topic) first_post = topic.first_post return false if first_post&.locked? && !is_staff? return true if is_admin? return true if is_moderator? && can_create_post?(topic) return true if is_category_group_moderator?(topic.category) # can't edit topics in secured categories where you don't have permission to create topics # except for a tiny edge case where the topic is uncategorized and you are trying # to fix it but uncategorized is disabled if ( SiteSetting.allow_uncategorized_topics || topic.category_id != SiteSetting.uncategorized_category_id ) return false if !can_create_topic_on_category?(topic.category) end # Editing a shared draft. if ( !topic.archived && !topic. && topic.category_id == SiteSetting.shared_drafts_category.to_i && can_see_category?(topic.category) && can_see_shared_draft? && can_create_post?(topic) ) return true end if ( is_in_edit_post_groups? && topic.archived && !topic. && can_create_post?(topic) ) return true end if ( is_in_edit_topic_groups? && !topic.archived && !topic. && can_create_post?(topic) ) return true end return false if topic.archived is_my_own?(topic) && !topic.edit_time_limit_expired?(user) && !first_post&.locked? && (!first_post&.hidden? || can_edit_hidden_post?(first_post)) end |
#can_get_access_to_topic?(topic) ⇒ Boolean
290 291 292 |
# File 'lib/guardian/topic_guardian.rb', line 290 def can_get_access_to_topic?(topic) topic&.access_topic_via_group.present? && authenticated? end |
#can_moderate_topic?(topic) ⇒ Boolean
20 21 22 23 24 25 |
# File 'lib/guardian/topic_guardian.rb', line 20 def can_moderate_topic?(topic) return false if anonymous? || topic.nil? return true if is_staff? can_perform_action_available_to_group_moderators?(topic) end |
#can_move_posts?(topic) ⇒ Boolean
354 355 356 357 |
# File 'lib/guardian/topic_guardian.rb', line 354 def can_move_posts?(topic) return false if is_silenced? can_perform_action_available_to_group_moderators?(topic) end |
#can_move_topic_to_category?(category) ⇒ Boolean
64 65 66 67 68 69 70 71 72 73 74 75 |
# File 'lib/guardian/topic_guardian.rb', line 64 def can_move_topic_to_category?(category) category = ( if Category === category category else Category.find(category || SiteSetting.uncategorized_category_id) end ) is_staff? || (can_create_topic_on_category?(category) && !category.require_topic_approval?) end |
#can_perform_action_available_to_group_moderators?(topic) ⇒ Boolean Also known as: can_archive_topic?, can_close_topic?, can_open_topic?, can_split_merge_topic?, can_edit_staff_notes?, can_pin_unpin_topic?
340 341 342 343 344 345 346 |
# File 'lib/guardian/topic_guardian.rb', line 340 def can_perform_action_available_to_group_moderators?(topic) return false if anonymous? || topic.nil? return true if is_staff? return true if @user.has_trust_level?(TrustLevel[4]) is_category_group_moderator?(topic.category) end |
#can_permanently_delete_topic?(topic) ⇒ Boolean
168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 |
# File 'lib/guardian/topic_guardian.rb', line 168 def can_permanently_delete_topic?(topic) return false if !SiteSetting.can_permanently_delete return false if !topic # Ensure that all posts (including small actions) are at least soft # deleted. return false if topic.posts_count > 0 # All other posts that were deleted still must be permanently deleted # before the topic can be deleted with the exception of small action # posts that will be deleted right before the topic is. all_posts_count = Post .with_deleted .where(topic_id: topic.id) .where( post_type: [Post.types[:regular], Post.types[:moderator_action], Post.types[:whisper]], ) .count return false if all_posts_count > 1 return false if !is_admin? || !can_see_topic?(topic) return false if !topic.deleted_at if topic.deleted_by_id == @user.id && topic.deleted_at >= Post::PERMANENT_DELETE_TIMER.ago return false end true end |
#can_publish_topic?(topic, category) ⇒ Boolean
43 44 45 |
# File 'lib/guardian/topic_guardian.rb', line 43 def can_publish_topic?(topic, category) can_see_shared_draft? && can_see?(topic) && can_create_topic_on_category?(category) end |
#can_recover_topic?(topic) ⇒ Boolean
147 148 149 150 151 152 153 154 |
# File 'lib/guardian/topic_guardian.rb', line 147 def can_recover_topic?(topic) if is_staff? || (topic&.category && is_category_group_moderator?(topic.category)) || (SiteSetting.tl4_delete_posts_and_topics && user&.has_trust_level?(TrustLevel[4])) !!(topic && topic.deleted_at) else topic && can_recover_post?(topic.ordered_posts.first) end end |
#can_remove_allowed_users?(topic, target_user = nil) ⇒ Boolean
5 6 7 8 9 10 11 |
# File 'lib/guardian/topic_guardian.rb', line 5 def can_remove_allowed_users?(topic, target_user = nil) is_staff? || (topic.user == @user && @user.has_trust_level?(TrustLevel[2])) || ( topic.allowed_users.count > 1 && topic.user != target_user && !!(target_user && user == target_user) ) end |
#can_reply_as_new_topic?(topic) ⇒ Boolean
212 213 214 |
# File 'lib/guardian/topic_guardian.rb', line 212 def can_reply_as_new_topic?(topic) authenticated? && topic && @user.has_trust_level?(TrustLevel[1]) end |
#can_review_topic?(topic) ⇒ Boolean
13 14 15 16 17 18 |
# File 'lib/guardian/topic_guardian.rb', line 13 def can_review_topic?(topic) return false if anonymous? || topic.nil? return true if is_staff? is_category_group_moderator?(topic.category) end |
#can_see_deleted_topics?(category) ⇒ Boolean
216 217 218 219 |
# File 'lib/guardian/topic_guardian.rb', line 216 def can_see_deleted_topics?(category) is_staff? || is_category_group_moderator?(category) || (SiteSetting.tl4_delete_posts_and_topics && user&.has_trust_level?(TrustLevel[4])) end |
#can_see_shared_draft? ⇒ Boolean
31 32 33 |
# File 'lib/guardian/topic_guardian.rb', line 31 def can_see_shared_draft? @user.has_trust_level_or_staff?(SiteSetting.shared_drafts_min_trust_level) end |
#can_see_topic?(topic, hide_deleted = true) ⇒ Boolean
267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 |
# File 'lib/guardian/topic_guardian.rb', line 267 def can_see_topic?(topic, hide_deleted = true) return false unless topic return true if is_admin? return false if hide_deleted && topic.deleted_at && !can_see_deleted_topics?(topic.category) if topic. return authenticated? && topic.all_allowed_users.where(id: @user.id).exists? end return false if topic.shared_draft && !can_see_shared_draft? category = topic.category can_see_category?(category) && ( !category.read_restricted || !is_staged? || secure_category_ids.include?(category.id) || topic.user == user ) end |
#can_see_topic_ids(topic_ids: [], hide_deleted: true) ⇒ Object
Accepts an array of ‘Topic#id` and returns an array of `Topic#id` which the user can see.
222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 |
# File 'lib/guardian/topic_guardian.rb', line 222 def can_see_topic_ids(topic_ids: [], hide_deleted: true) topic_ids = topic_ids.compact return topic_ids if is_admin? return [] if topic_ids.blank? default_scope = Topic.unscoped.where(id: topic_ids) # When `hide_deleted` is `true`, hide deleted topics if user is not staff or category moderator if hide_deleted && !is_staff? if category_group_moderation_allowed? default_scope = default_scope.where(<<~SQL) ( deleted_at IS NULL OR ( deleted_at IS NOT NULL AND topics.category_id IN (#{category_group_moderator_scope.select(:id).to_sql}) ) ) SQL else default_scope = default_scope.where("deleted_at IS NULL") end end # Filter out topics with shared drafts if user cannot see shared drafts if !can_see_shared_draft? default_scope = default_scope.left_outer_joins(:shared_draft).where("shared_drafts.id IS NULL") end all_topics_scope = if authenticated? Topic.unscoped.merge( secured_regular_topic_scope(default_scope, topic_ids: topic_ids).or( (default_scope), ), ) else Topic.unscoped.merge(secured_regular_topic_scope(default_scope, topic_ids: topic_ids)) end all_topics_scope.pluck(:id) end |
#can_see_unlisted_topics? ⇒ Boolean
286 287 288 |
# File 'lib/guardian/topic_guardian.rb', line 286 def can_see_unlisted_topics? is_staff? || @user.has_trust_level?(TrustLevel[4]) end |
#can_see_whispers?(_topic = nil) ⇒ Boolean
39 40 41 |
# File 'lib/guardian/topic_guardian.rb', line 39 def can_see_whispers?(_topic = nil) @user.whisperer? end |
#can_toggle_topic_visibility?(topic) ⇒ Boolean Also known as: can_create_unlisted_topic?
197 198 199 |
# File 'lib/guardian/topic_guardian.rb', line 197 def can_toggle_topic_visibility?(topic) can_moderate?(topic) || can_perform_action_available_to_group_moderators?(topic) end |
#can_update_bumped_at? ⇒ Boolean
319 320 321 |
# File 'lib/guardian/topic_guardian.rb', line 319 def can_update_bumped_at? is_staff? || @user.has_trust_level?(TrustLevel[4]) end |
#filter_allowed_categories(records, category_id_column: "topics.category_id") ⇒ Object
294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 |
# File 'lib/guardian/topic_guardian.rb', line 294 def filter_allowed_categories(records, category_id_column: "topics.category_id") return records if is_admin? && !SiteSetting.suppress_secured_categories_from_admin records = if allowed_category_ids.size == 0 records.where("#{category_id_column} IS NULL") else records.where( "#{category_id_column} IS NULL or #{category_id_column} IN (?)", allowed_category_ids, ) end records.references(:categories) end |
#is_in_edit_topic_groups? ⇒ Boolean
142 143 144 145 |
# File 'lib/guardian/topic_guardian.rb', line 142 def is_in_edit_topic_groups? SiteSetting.edit_all_topic_groups.present? && user.in_any_groups?(SiteSetting.edit_all_topic_groups.to_s.split("|").map(&:to_i)) end |