FIX: tags can be filtered on categoryId without a q param (#8264)
This commit is contained in:
parent
7a264217f2
commit
0ba28e344b
|
@ -193,28 +193,40 @@ class TagsController < ::ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def search
|
def search
|
||||||
clean_name = DiscourseTagging.clean_tag(params[:q])
|
filter_params = {
|
||||||
category = params[:categoryId] ? Category.find_by_id(params[:categoryId]) : nil
|
for_input: params[:filterForInput],
|
||||||
|
selected_tags: params[:selected_tags]
|
||||||
|
}
|
||||||
|
|
||||||
# Prioritize exact matches when ordering
|
if params[:categoryId]
|
||||||
order_query = Tag.sanitize_sql_for_order(
|
filter_params[:category] = Category.find_by_id(params[:categoryId])
|
||||||
["lower(name) = lower(?) DESC, topic_count DESC", clean_name]
|
end
|
||||||
)
|
|
||||||
|
if params[:q]
|
||||||
|
clean_name = DiscourseTagging.clean_tag(params[:q])
|
||||||
|
filter_params[:term] = clean_name
|
||||||
|
|
||||||
|
# Prioritize exact matches when ordering
|
||||||
|
order_query = Tag.sanitize_sql_for_order(
|
||||||
|
["lower(name) = lower(?) DESC, topic_count DESC", clean_name]
|
||||||
|
)
|
||||||
|
|
||||||
|
tag_query = Tag.order(order_query).limit(params[:limit])
|
||||||
|
else
|
||||||
|
tag_query = Tag.limit(params[:limit])
|
||||||
|
end
|
||||||
|
|
||||||
tags_with_counts = DiscourseTagging.filter_allowed_tags(
|
tags_with_counts = DiscourseTagging.filter_allowed_tags(
|
||||||
Tag.order(order_query).limit(params[:limit]),
|
tag_query,
|
||||||
guardian,
|
guardian,
|
||||||
for_input: params[:filterForInput],
|
filter_params
|
||||||
term: clean_name,
|
|
||||||
category: category,
|
|
||||||
selected_tags: params[:selected_tags]
|
|
||||||
)
|
)
|
||||||
|
|
||||||
tags = self.class.tag_counts_json(tags_with_counts)
|
tags = self.class.tag_counts_json(tags_with_counts)
|
||||||
|
|
||||||
json_response = { results: tags }
|
json_response = { results: tags }
|
||||||
|
|
||||||
if !tags.find { |h| h[:id].downcase == clean_name.downcase } && tag = Tag.where_name(clean_name).first
|
if clean_name && !tags.find { |h| h[:id].downcase == clean_name.downcase } && tag = Tag.where_name(clean_name).first
|
||||||
# filter_allowed_tags determined that the tag entered is not allowed
|
# filter_allowed_tags determined that the tag entered is not allowed
|
||||||
json_response[:forbidden] = params[:q]
|
json_response[:forbidden] = params[:q]
|
||||||
|
|
||||||
|
|
|
@ -395,6 +395,14 @@ describe TagsController do
|
||||||
category_names: category.name
|
category_names: category.name
|
||||||
))
|
))
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it "can filter on category without q param" do
|
||||||
|
nope = Fabricate(:tag, name: 'nope')
|
||||||
|
get "/tags/filter/search.json", params: { categoryId: category.id }
|
||||||
|
expect(response.status).to eq(200)
|
||||||
|
json = ::JSON.parse(response.body)
|
||||||
|
expect(json["results"].map { |j| j["id"] }.sort).to eq([yup.name])
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
it "matches tags after sanitizing input" do
|
it "matches tags after sanitizing input" do
|
||||||
|
|
Loading…
Reference in New Issue