Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

DEV: Users must be able to see a topic to moderate it. (#10906) 

Follows-up a8c47e7c. It makes more sense to check if the user can see the topic inside the `can_moderate?` method instead of doing it separately.
This commit is contained in:
Roman Rizzi 2020-10-13 13:03:14 -03:00 committed by GitHub
parent b19e8ea206
commit 108414e47c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
app/controllers/topics_controller.rb
View File

@ -453,7 +453,6 @@ class TopicsController < ApplicationController
params.require(:duration) if based_on_last_post
topic = Topic.find_by(id: params[:topic_id])
guardian.ensure_can_see!(topic)
guardian.ensure_can_moderate!(topic)
options = {

5
lib/guardian.rb
View File

@ -170,7 +170,10 @@ class Guardian
end
def can_moderate?(obj)
obj && authenticated? && !is_silenced? && (is_staff? || (obj.is_a?(Topic) && @user.has_trust_level?(TrustLevel[4])))
obj && authenticated? && !is_silenced? && (
is_staff? ||
(obj.is_a?(Topic) && @user.has_trust_level?(TrustLevel[4]) && can_see_topic?(obj))
)
end
alias :can_see_flags? :can_moderate?