2019-05-02 18:17:27 -04:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2014-02-13 11:42:35 -05:00
|
|
|
# mixin for all Guardian methods dealing with user permissions
|
|
|
|
module UserGuardian
|
2019-05-08 10:20:51 -04:00
|
|
|
def can_claim_reviewable_topic?(topic)
|
|
|
|
SiteSetting.reviewable_claiming != "disabled" && can_review_topic?(topic)
|
|
|
|
end
|
|
|
|
|
2018-09-20 01:33:10 -04:00
|
|
|
def can_pick_avatar?(user_avatar, upload)
|
|
|
|
return false unless self.user
|
|
|
|
return true if is_admin?
|
|
|
|
# can always pick blank avatar
|
|
|
|
return true if !upload
|
|
|
|
return true if user_avatar.contains_upload?(upload.id)
|
|
|
|
return true if upload.user_id == user_avatar.user_id || upload.user_id == user.id
|
|
|
|
|
2018-12-18 00:37:45 -05:00
|
|
|
UserUpload.exists?(upload_id: upload.id, user_id: user.id)
|
2018-09-20 01:33:10 -04:00
|
|
|
end
|
|
|
|
|
2014-02-13 11:42:35 -05:00
|
|
|
def can_edit_user?(user)
|
|
|
|
is_me?(user) || is_staff?
|
|
|
|
end
|
|
|
|
|
|
|
|
def can_edit_username?(user)
|
2021-02-08 05:04:33 -05:00
|
|
|
return false if SiteSetting.auth_overrides_username?
|
2014-02-13 11:42:35 -05:00
|
|
|
return true if is_staff?
|
|
|
|
return false if SiteSetting.username_change_period <= 0
|
2019-04-17 04:05:02 -04:00
|
|
|
return false if is_anonymous?
|
2022-07-20 19:16:15 -04:00
|
|
|
is_me?(user) && user.created_at > SiteSetting.username_change_period.days.ago
|
2014-02-13 11:42:35 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
def can_edit_email?(user)
|
2021-02-08 05:04:33 -05:00
|
|
|
return false if SiteSetting.auth_overrides_email?
|
2014-02-13 11:42:35 -05:00
|
|
|
return false unless SiteSetting.email_editable?
|
2014-08-14 22:41:01 -04:00
|
|
|
return true if is_staff?
|
2019-04-17 04:05:02 -04:00
|
|
|
return false if is_anonymous?
|
2014-02-13 11:42:35 -05:00
|
|
|
can_edit?(user)
|
|
|
|
end
|
|
|
|
|
2014-03-13 16:26:40 -04:00
|
|
|
def can_edit_name?(user)
|
2019-04-17 04:05:02 -04:00
|
|
|
return false unless SiteSetting.enable_names?
|
2021-02-08 05:04:33 -05:00
|
|
|
return false if SiteSetting.auth_overrides_name?
|
2014-03-13 16:26:40 -04:00
|
|
|
return true if is_staff?
|
2019-04-17 04:05:02 -04:00
|
|
|
return false if is_anonymous?
|
2014-03-13 16:26:40 -04:00
|
|
|
can_edit?(user)
|
|
|
|
end
|
|
|
|
|
2014-09-02 21:32:27 -04:00
|
|
|
def can_see_notifications?(user)
|
|
|
|
is_me?(user) || is_admin?
|
|
|
|
end
|
|
|
|
|
2017-11-10 12:18:08 -05:00
|
|
|
def can_silence_user?(user)
|
2014-02-13 11:42:35 -05:00
|
|
|
user && is_staff? && not(user.staff?)
|
|
|
|
end
|
|
|
|
|
2017-11-10 12:18:08 -05:00
|
|
|
def can_unsilence_user?(user)
|
2014-02-13 11:42:35 -05:00
|
|
|
user && is_staff?
|
|
|
|
end
|
|
|
|
|
|
|
|
def can_delete_user?(user)
|
2014-07-28 13:17:37 -04:00
|
|
|
return false if user.nil? || user.admin?
|
2022-02-06 22:23:34 -05:00
|
|
|
|
2014-02-13 11:42:35 -05:00
|
|
|
if is_me?(user)
|
2021-02-08 05:04:33 -05:00
|
|
|
!SiteSetting.enable_discourse_connect &&
|
2020-04-01 16:10:17 -04:00
|
|
|
!user.has_more_posts_than?(SiteSetting.delete_user_self_max_post_count)
|
2014-02-13 11:42:35 -05:00
|
|
|
else
|
2019-08-10 06:02:12 -04:00
|
|
|
is_staff? &&
|
|
|
|
(
|
|
|
|
user.first_post_created_at.nil? ||
|
|
|
|
!user.has_more_posts_than?(User::MAX_STAFF_DELETE_POST_COUNT) ||
|
|
|
|
user.first_post_created_at > SiteSetting.delete_user_max_post_age.to_i.days.ago
|
|
|
|
)
|
2014-02-13 11:42:35 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2015-03-06 16:44:54 -05:00
|
|
|
def can_anonymize_user?(user)
|
|
|
|
is_staff? && !user.nil? && !user.staff?
|
|
|
|
end
|
|
|
|
|
2020-04-22 08:12:09 -04:00
|
|
|
def can_merge_user?(user)
|
|
|
|
is_admin? && !user.nil? && !user.staff?
|
|
|
|
end
|
|
|
|
|
|
|
|
def can_merge_users?(source_user, target_user)
|
|
|
|
can_merge_user?(source_user) && !target_user.nil?
|
2020-04-22 04:37:51 -04:00
|
|
|
end
|
|
|
|
|
2021-06-14 17:01:17 -04:00
|
|
|
def can_see_warnings?(user)
|
|
|
|
user && (is_me?(user) || is_staff?)
|
|
|
|
end
|
|
|
|
|
2016-05-06 13:34:33 -04:00
|
|
|
def can_reset_bounce_score?(user)
|
|
|
|
user && is_staff?
|
|
|
|
end
|
|
|
|
|
2014-09-29 16:31:05 -04:00
|
|
|
def can_check_emails?(user)
|
2019-03-13 17:30:25 -04:00
|
|
|
is_admin? || (is_staff? && SiteSetting.moderators_view_emails)
|
2014-09-29 16:31:05 -04:00
|
|
|
end
|
|
|
|
|
2021-02-17 10:57:51 -05:00
|
|
|
def can_check_sso_details?(user)
|
2020-11-10 14:12:44 -05:00
|
|
|
user && is_admin?
|
|
|
|
end
|
|
|
|
|
2014-11-27 13:51:13 -05:00
|
|
|
def restrict_user_fields?(user)
|
2022-01-04 14:34:17 -05:00
|
|
|
(user.trust_level == TrustLevel[0] && anonymous?) || !can_see_profile?(user)
|
2014-11-27 13:51:13 -05:00
|
|
|
end
|
|
|
|
|
2015-01-05 13:49:32 -05:00
|
|
|
def can_see_staff_info?(user)
|
|
|
|
user && is_staff?
|
|
|
|
end
|
|
|
|
|
2017-09-12 16:06:01 -04:00
|
|
|
def can_see_suspension_reason?(user)
|
|
|
|
return true unless SiteSetting.hide_suspension_reasons?
|
|
|
|
user == @user || is_staff?
|
|
|
|
end
|
|
|
|
|
2017-12-21 20:18:12 -05:00
|
|
|
def can_disable_second_factor?(user)
|
|
|
|
user && can_administer_user?(user)
|
|
|
|
end
|
|
|
|
|
2018-10-10 13:00:08 -04:00
|
|
|
def can_see_profile?(user)
|
|
|
|
return false if user.blank?
|
2020-10-09 17:18:44 -04:00
|
|
|
return true if !SiteSetting.allow_users_to_hide_profile?
|
2018-10-10 13:00:08 -04:00
|
|
|
|
|
|
|
# If a user has hidden their profile, restrict it to them and staff
|
|
|
|
return is_me?(user) || is_staff? if user.user_option.try(:hide_profile_and_presence?)
|
|
|
|
|
|
|
|
true
|
|
|
|
end
|
|
|
|
|
2021-09-29 08:24:28 -04:00
|
|
|
def can_see_user_actions?(user, action_types)
|
|
|
|
return true if !@user.anonymous? && (@user.id == user.id || is_admin?)
|
|
|
|
(action_types & UserAction.private_types).empty?
|
|
|
|
end
|
|
|
|
|
2018-12-07 05:57:28 -05:00
|
|
|
def allowed_user_field_ids(user)
|
|
|
|
@allowed_user_field_ids ||= {}
|
2020-02-14 09:47:16 -05:00
|
|
|
|
|
|
|
is_staff_or_is_me = is_staff? || is_me?(user)
|
|
|
|
cache_key = is_staff_or_is_me ? :staff_or_me : :other
|
|
|
|
|
|
|
|
@allowed_user_field_ids[cache_key] ||= begin
|
|
|
|
if is_staff_or_is_me
|
2018-12-07 05:57:28 -05:00
|
|
|
UserField.pluck(:id)
|
|
|
|
else
|
|
|
|
UserField.where("show_on_profile OR show_on_user_card").pluck(:id)
|
|
|
|
end
|
2023-01-09 07:10:19 -05:00
|
|
|
end
|
2018-12-07 05:57:28 -05:00
|
|
|
end
|
2019-12-09 14:15:47 -05:00
|
|
|
|
|
|
|
def can_feature_topic?(user, topic)
|
2020-03-09 12:41:07 -04:00
|
|
|
return false if topic.nil?
|
2019-12-09 14:15:47 -05:00
|
|
|
return false if !SiteSetting.allow_featured_topic_on_user_profiles?
|
|
|
|
return false if !is_me?(user) && !is_staff?
|
2020-01-30 11:00:49 -05:00
|
|
|
return false if !topic.visible
|
2019-12-09 14:15:47 -05:00
|
|
|
return false if topic.read_restricted_category? || topic.private_message?
|
2020-01-29 11:10:23 -05:00
|
|
|
true
|
2019-12-09 14:15:47 -05:00
|
|
|
end
|
2020-04-27 13:51:25 -04:00
|
|
|
|
|
|
|
def can_see_review_queue?
|
|
|
|
is_staff? ||
|
|
|
|
(
|
2020-07-14 12:36:19 -04:00
|
|
|
SiteSetting.enable_category_group_moderation &&
|
2020-04-27 13:51:25 -04:00
|
|
|
Reviewable
|
|
|
|
.where(reviewable_by_group_id: @user.group_users.pluck(:group_id))
|
|
|
|
.where("category_id IS NULL or category_id IN (?)", allowed_category_ids)
|
|
|
|
.exists?
|
|
|
|
)
|
|
|
|
end
|
2020-05-14 12:57:35 -04:00
|
|
|
|
|
|
|
def can_see_summary_stats?(target_user)
|
|
|
|
true
|
|
|
|
end
|
2020-08-17 12:37:45 -04:00
|
|
|
|
|
|
|
def can_upload_profile_header?(user)
|
|
|
|
(
|
|
|
|
is_me?(user) &&
|
|
|
|
user.has_trust_level?(SiteSetting.min_trust_level_to_allow_profile_background.to_i)
|
|
|
|
) || is_staff?
|
|
|
|
end
|
|
|
|
|
|
|
|
def can_upload_user_card_background?(user)
|
|
|
|
(
|
|
|
|
is_me?(user) &&
|
|
|
|
user.has_trust_level?(SiteSetting.min_trust_level_to_allow_user_card_background.to_i)
|
|
|
|
) || is_staff?
|
|
|
|
end
|
|
|
|
|
FEATURE: Uppy direct S3 multipart uploads in composer (#14051)
This pull request introduces the endpoints required, and the JavaScript functionality in the `ComposerUppyUpload` mixin, for direct S3 multipart uploads. There are four new endpoints in the uploads controller:
* `create-multipart.json` - Creates the multipart upload in S3 along with an `ExternalUploadStub` record, storing information about the file in the same way as `generate-presigned-put.json` does for regular direct S3 uploads
* `batch-presign-multipart-parts.json` - Takes a list of part numbers and the unique identifier for an `ExternalUploadStub` record, and generates the presigned URLs for those parts if the multipart upload still exists and if the user has permission to access that upload
* `complete-multipart.json` - Completes the multipart upload in S3. Needs the full list of part numbers and their associated ETags which are returned when the part is uploaded to the presigned URL above. Only works if the user has permission to access the associated `ExternalUploadStub` record and the multipart upload still exists.
After we confirm the upload is complete in S3, we go through the regular `UploadCreator` flow, the same as `complete-external-upload.json`, and promote the temporary upload S3 into a full `Upload` record, moving it to its final destination.
* `abort-multipart.json` - Aborts the multipart upload on S3 and destroys the `ExternalUploadStub` record if the user has permission to access that upload.
Also added are a few new columns to `ExternalUploadStub`:
* multipart - Whether or not this is a multipart upload
* external_upload_identifier - The "upload ID" for an S3 multipart upload
* filesize - The size of the file when the `create-multipart.json` or `generate-presigned-put.json` is called. This is used for validation.
When the user completes a direct S3 upload, either regular or multipart, we take the `filesize` that was captured when the `ExternalUploadStub` was first created and compare it with the final `Content-Length` size of the file where it is stored in S3. Then, if the two do not match, we throw an error, delete the file on S3, and ban the user from uploading files for N (default 5) minutes. This would only happen if the user uploads a different file than what they first specified, or in the case of multipart uploads uploaded larger chunks than needed. This is done to prevent abuse of S3 storage by bad actors.
Also included in this PR is an update to vendor/uppy.js. This has been built locally from the latest uppy source at https://github.com/transloadit/uppy/commit/d613b849a6591083f8a0968aa8d66537e231bbcd. This must be done so that I can get my multipart upload changes into Discourse. When the Uppy team cuts a proper release, we can bump the package.json versions instead.
2021-08-24 18:46:54 -04:00
|
|
|
def can_upload_external?
|
|
|
|
!ExternalUploadManager.user_banned?(user)
|
|
|
|
end
|
|
|
|
|
2020-09-15 10:00:10 -04:00
|
|
|
def can_delete_sso_record?(user)
|
2021-02-08 05:04:33 -05:00
|
|
|
SiteSetting.enable_discourse_connect && user && is_admin?
|
2020-09-15 10:00:10 -04:00
|
|
|
end
|
2021-07-16 14:50:40 -04:00
|
|
|
|
|
|
|
def can_change_tracking_preferences?(user)
|
|
|
|
(SiteSetting.allow_changing_staged_user_tracking || !user.staged) && can_edit_user?(user)
|
|
|
|
end
|
2014-03-13 16:26:40 -04:00
|
|
|
end
|