2014-01-09 18:25:14 -05:00
|
|
|
#mixin for all guardian methods dealing with topic permisions
|
|
|
|
module TopicGuardian
|
|
|
|
|
|
|
|
def can_remove_allowed_users?(topic)
|
|
|
|
is_staff?
|
|
|
|
end
|
|
|
|
|
|
|
|
# Creating Methods
|
|
|
|
def can_create_topic?(parent)
|
2014-06-09 15:21:01 -04:00
|
|
|
is_staff? ||
|
2014-06-09 11:03:10 -04:00
|
|
|
(user &&
|
|
|
|
user.trust_level >= SiteSetting.min_trust_to_create_topic.to_i &&
|
|
|
|
can_create_post?(parent))
|
2014-01-09 18:25:14 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
def can_create_topic_on_category?(category)
|
2014-01-21 09:21:38 -05:00
|
|
|
can_create_topic?(nil) &&
|
|
|
|
(!category || Category.topic_create_allowed(self).where(:id => category.id).count == 1)
|
2014-01-09 18:25:14 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
def can_create_post_on_topic?(topic)
|
|
|
|
# No users can create posts on deleted topics
|
|
|
|
return false if topic.trashed?
|
|
|
|
|
2014-03-17 14:50:28 -04:00
|
|
|
is_staff? || (authenticated? && user.has_trust_level?(:elder)) || (not(topic.closed? || topic.archived? || topic.trashed?) && can_create_post?(topic))
|
2014-01-09 18:25:14 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
# Editing Method
|
|
|
|
def can_edit_topic?(topic)
|
2014-07-29 10:40:02 -04:00
|
|
|
return false if Discourse.static_doc_topic_ids.include?(topic.id) && !is_admin?
|
2014-08-15 12:44:58 -04:00
|
|
|
return true if is_staff? || user.has_trust_level?(:leader)
|
|
|
|
return false if topic.archived
|
|
|
|
is_my_own?(topic)
|
2014-01-09 18:25:14 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
# Recovery Method
|
|
|
|
def can_recover_topic?(topic)
|
|
|
|
is_staff?
|
|
|
|
end
|
|
|
|
|
|
|
|
def can_delete_topic?(topic)
|
|
|
|
!topic.trashed? &&
|
|
|
|
is_staff? &&
|
2014-08-13 17:02:44 -04:00
|
|
|
!(Category.exists?(topic_id: topic.id)) &&
|
|
|
|
!Discourse.static_doc_topic_ids.include?(topic.id)
|
2014-01-09 18:25:14 -05:00
|
|
|
end
|
|
|
|
|
|
|
|
def can_reply_as_new_topic?(topic)
|
|
|
|
authenticated? && topic && not(topic.private_message?) && @user.has_trust_level?(:basic)
|
|
|
|
end
|
|
|
|
|
2014-07-15 17:02:43 -04:00
|
|
|
def can_see_deleted_topics?
|
|
|
|
is_staff?
|
|
|
|
end
|
|
|
|
|
2014-01-09 18:25:14 -05:00
|
|
|
def can_see_topic?(topic)
|
2014-05-12 10:30:10 -04:00
|
|
|
return false unless topic
|
2014-07-15 17:02:43 -04:00
|
|
|
# Admins can see everything
|
2014-05-12 15:26:36 -04:00
|
|
|
return true if is_admin?
|
2014-07-15 17:02:43 -04:00
|
|
|
# Deleted topics
|
|
|
|
return false if topic.deleted_at && !can_see_deleted_topics?
|
2014-01-09 18:25:14 -05:00
|
|
|
|
2014-08-05 00:37:28 -04:00
|
|
|
if topic.private_message?
|
|
|
|
return authenticated? &&
|
|
|
|
topic.all_allowed_users.where(id: @user.id).exists?
|
|
|
|
end
|
|
|
|
|
2014-05-12 10:30:10 -04:00
|
|
|
# not secure, or I can see it
|
2014-08-05 00:37:28 -04:00
|
|
|
!topic.read_restricted_category? || can_see_category?(topic.category)
|
2014-01-09 18:25:14 -05:00
|
|
|
|
|
|
|
end
|
2014-01-21 09:21:38 -05:00
|
|
|
end
|