discourse/lib/guardian/category_guardian.rb

# frozen_string_literal: true

#mixin for all guardian methods dealing with category permissions
module CategoryGuardian
  # Creating Method
  def can_create_category?(parent = nil)
    is_admin? || (SiteSetting.moderators_manage_categories_and_groups && is_moderator?)
  end

  # Editing Method
  def can_edit_category?(category)
    is_admin? ||
      (
        SiteSetting.moderators_manage_categories_and_groups && is_moderator? &&
          can_see_category?(category)
      )
  end

  def can_edit_serialized_category?(category_id:, read_restricted:)
    is_admin? ||
      (
        SiteSetting.moderators_manage_categories_and_groups && is_moderator? &&
          can_see_serialized_category?(category_id: category_id, read_restricted: read_restricted)
      )
  end

  def can_delete_category?(category)
    can_edit_category?(category) && category.topic_count <= 0 && !category.uncategorized? &&
      !category.has_children?
  end

  def can_see_serialized_category?(category_id:, read_restricted: true)
    # Guard to ensure only a boolean is passed in
    read_restricted = true unless !!read_restricted == read_restricted

    return true if !read_restricted
    secure_category_ids.include?(category_id)
  end

  def can_see_category?(category)
    return false unless category
    return true if is_admin?
    return true if !category.read_restricted
    return true if is_staged? && category.email_in.present? && category.email_in_allow_strangers
    secure_category_ids.include?(category.id)
  end

  def can_post_in_category?(category)
    return false unless category
    return false if is_anonymous?
    return true if is_admin?
    Category.post_create_allowed(self).exists?(id: category.id)
  end

  def can_edit_category_description?(category)
    can_perform_action_available_to_group_moderators?(category.topic)
  end

  def secure_category_ids
    @secure_category_ids ||= @user.secure_category_ids
  end

  # all allowed category ids
  def allowed_category_ids
    @allowed_category_ids ||=
      begin
        unrestricted = Category.where(read_restricted: false).pluck(:id)
        unrestricted.concat(secure_category_ids)
      end
  end

  def topic_featured_link_allowed_category_ids
    @topic_featured_link_allowed_category_ids =
      Category.where(topic_featured_link_allowed: true).pluck(:id)
  end
end
DEV: enable frozen string literal on all files This reduces chances of errors where consumers of strings mutate inputs and reduces memory usage of the app. Test suite passes now, but there may be some stuff left, so we will run a few sites on a branch prior to merging 2019-05-03 08:17:27 +10:00			`# frozen_string_literal: true`

DEV: Correct typos and spelling mistakes (#12812) Over the years we accrued many spelling mistakes in the code base. This PR attempts to fix spelling mistakes and typos in all areas of the code that are extremely safe to change - comments - test descriptions - other low risk areas 2021-05-20 21:43:47 -04:00			`#mixin for all guardian methods dealing with category permissions`
Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-09 17:25:14 -06:00			`module CategoryGuardian`
			`# Creating Method`
Add rubocop to our build. (#5004) 2017-07-28 10:20:09 +09:00			`def can_create_category?(parent = nil)`
DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 12:10:19 +00:00			`is_admin? \|\| (SiteSetting.moderators_manage_categories_and_groups && is_moderator?)`
Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-09 17:25:14 -06:00			`end`

			`# Editing Method`
			`def can_edit_category?(category)`
improve logic for mod category management 2014-04-15 16:49:22 +10:00			`is_admin? \|\|`
DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 12:10:19 +00:00			`(`
			`SiteSetting.moderators_manage_categories_and_groups && is_moderator? &&`
			`can_see_category?(category)`
			`)`
Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-09 17:25:14 -06:00			`end`

FIX: Missing category edit icon. Follow-up to 0e4b8c5318569ef7e7a111563709699e3b9ce219 2021-06-28 10:39:13 +08:00			`def can_edit_serialized_category?(category_id:, read_restricted:)`
			`is_admin? \|\|`
DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 12:10:19 +00:00			`(`
			`SiteSetting.moderators_manage_categories_and_groups && is_moderator? &&`
			`can_see_serialized_category?(category_id: category_id, read_restricted: read_restricted)`
			`)`
FIX: Missing category edit icon. Follow-up to 0e4b8c5318569ef7e7a111563709699e3b9ce219 2021-06-28 10:39:13 +08:00			`end`

Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-09 17:25:14 -06:00			`def can_delete_category?(category)`
DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 12:10:19 +00:00			`can_edit_category?(category) && category.topic_count <= 0 && !category.uncategorized? &&`
			`!category.has_children?`
Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-09 17:25:14 -06:00			`end`

PERF: Cache categories in Site model take 3. Previous attempt resulted in custom fields going missing in the serialized output. This reverts commit 83a6ad32ffe75ae222028feddeca169fc5be54ac. 2021-06-23 15:21:11 +08:00			`def can_see_serialized_category?(category_id:, read_restricted: true)`
			`# Guard to ensure only a boolean is passed in`
			`read_restricted = true unless !!read_restricted == read_restricted`

			`return true if !read_restricted`
			`secure_category_ids.include?(category_id)`
			`end`

Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-09 17:25:14 -06:00			`def can_see_category?(category)`
we can't see a nil category 2016-07-02 12:21:14 +02:00			`return false unless category`
small topic/category guardians refactor 2016-06-27 14:36:57 +02:00			`return true if is_admin?`
			`return true if !category.read_restricted`
			`return true if is_staged? && category.email_in.present? && category.email_in_allow_strangers`
FIX: staged user doesn't get notified for replies in topics they created in secured categories 2016-02-24 11:30:17 +01:00			`secure_category_ids.include?(category.id)`
Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-09 17:25:14 -06:00			`end`

FIX: access to category chat only when user can create post (#19488) Previously, restricted category chat channel was available for all groups - even `readonly`. From now on, only user who belong to group with `create_post` or `full` permissions can access that chat channel. 2022-12-19 11:35:28 +11:00			`def can_post_in_category?(category)`
			`return false unless category`
			`return false if is_anonymous?`
			`return true if is_admin?`
			`Category.post_create_allowed(self).exists?(id: category.id)`
			`end`

FEATURE - allow Group Moderators to edit category description (#10292) Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com> 2020-07-23 09:50:00 -04:00			`def can_edit_category_description?(category)`
			`can_perform_action_available_to_group_moderators?(category.topic)`
			`end`

Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-09 17:25:14 -06:00			`def secure_category_ids`
			`@secure_category_ids \|\|= @user.secure_category_ids`
			`end`

			`# all allowed category ids`
			`def allowed_category_ids`
PERF: improve perf of initial payload also reduce querying in topic query 2015-09-23 13:13:34 +10:00			`@allowed_category_ids \|\|=`
			`begin`
			`unrestricted = Category.where(read_restricted: false).pluck(:id)`
			`unrestricted.concat(secure_category_ids)`
			`end`
Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-09 17:25:14 -06:00			`end`

FEATURE: Allow posting a link with topics 2016-12-05 13:31:43 +01:00			`def topic_featured_link_allowed_category_ids`
DEV: Apply syntax_tree formatting to `lib/*` 2023-01-09 12:10:19 +00:00			`@topic_featured_link_allowed_category_ids =`
			`Category.where(topic_featured_link_allowed: true).pluck(:id)`
FEATURE: Allow posting a link with topics 2016-12-05 13:31:43 +01:00			`end`
SECURITY: reduce moderator rights You can now hide particular categories from certain moderators 2014-02-07 14:11:52 +11:00			`end`