Merge pull request #1404 from ZogStriP/admin-can-always-upload-a-file
staff can always upload a file
This commit is contained in:
Robin Ward
commit
360b8e32ca
|
|
@ -194,7 +194,8 @@ Discourse.Utilities = {
|
|||
|
||||
@method validateUploadedFile
|
||||
@param {File} file The file to be uploaded
|
||||
@param {string} type The type of the file
|
||||
@param {string} type The type of the upload (image, attachment)
|
||||
@returns true whenever the upload is valid
|
||||
**/
|
||||
validateUploadedFile: function(file, type) {
|
||||
// check that the uploaded file is authorized
|
||||
|
|
@ -205,7 +206,7 @@ Discourse.Utilities = {
|
|||
}
|
||||
|
||||
// ensures that new users can upload a file
|
||||
if (Discourse.User.currentProp('trust_level') === 0 && Discourse.SiteSettings['newuser_max_' + type + 's'] === 0) {
|
||||
if (!Discourse.User.current().isAllowedToUploadAFile(type)) {
|
||||
bootbox.alert(I18n.t('post.errors.' + type + '_upload_not_allowed_for_new_user'));
|
||||
return false;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -11,7 +11,7 @@ Discourse.Draft = Discourse.Model.extend({});
|
|||
Discourse.Draft.reopenClass({
|
||||
|
||||
clear: function(key, sequence) {
|
||||
return Discourse.ajax("/draft", {
|
||||
return Discourse.ajax("/draft.json", {
|
||||
type: 'DELETE',
|
||||
data: {
|
||||
draft_key: key,
|
||||
|
|
@ -21,20 +21,20 @@ Discourse.Draft.reopenClass({
|
|||
},
|
||||
|
||||
get: function(key) {
|
||||
return Discourse.ajax('/draft', {
|
||||
return Discourse.ajax('/draft.json', {
|
||||
data: { draft_key: key },
|
||||
dataType: 'json'
|
||||
});
|
||||
},
|
||||
|
||||
getLocal: function(key, current) {
|
||||
var local;
|
||||
// TODO: implement this
|
||||
return current;
|
||||
},
|
||||
|
||||
save: function(key, sequence, data) {
|
||||
data = typeof data === "string" ? data : JSON.stringify(data);
|
||||
return Discourse.ajax("/draft", {
|
||||
return Discourse.ajax("/draft.json", {
|
||||
type: 'POST',
|
||||
data: {
|
||||
draft_key: key,
|
||||
|
|
|
|||
|
|
@ -276,6 +276,19 @@ Discourse.User = Discourse.Model.extend({
|
|||
type: 'PUT',
|
||||
data: { use_uploaded_avatar: useUploadedAvatar }
|
||||
});
|
||||
},
|
||||
|
||||
/**
|
||||
Determines whether the current user is allowed to upload a file.
|
||||
|
||||
@method isAllowedToUploadAFile
|
||||
@param {string} type The type of the upload (image, attachment)
|
||||
@returns true if the current user is allowed to upload a file
|
||||
**/
|
||||
isAllowedToUploadAFile: function(type) {
|
||||
return this.get('staff') ||
|
||||
this.get('trust_level') > 0 ||
|
||||
Discourse.SiteSettings['newuser_max_' + type + 's'] > 0;
|
||||
}
|
||||
|
||||
});
|
||||
|
|
|
|||
|
|
@ -24,7 +24,6 @@ test("uploading one file", function() {
|
|||
|
||||
test("new user cannot upload images", function() {
|
||||
Discourse.SiteSettings.newuser_max_images = 0;
|
||||
this.stub(Discourse.User, 'currentProp').withArgs("trust_level").returns(0);
|
||||
this.stub(bootbox, "alert");
|
||||
|
||||
ok(!validUpload([{name: "image.png"}]));
|
||||
|
|
@ -33,7 +32,6 @@ test("new user cannot upload images", function() {
|
|||
|
||||
test("new user cannot upload attachments", function() {
|
||||
Discourse.SiteSettings.newuser_max_attachments = 0;
|
||||
this.stub(Discourse.User, 'currentProp').withArgs("trust_level").returns(0);
|
||||
this.stub(bootbox, "alert");
|
||||
|
||||
ok(!validUpload([{name: "roman.txt"}]));
|
||||
|
|
@ -52,6 +50,7 @@ test("ensures an authorized upload", function() {
|
|||
test("prevents files that are too big from being uploaded", function() {
|
||||
var image = { name: "image.png", size: 10 * 1024 };
|
||||
Discourse.SiteSettings.max_image_size_kb = 5;
|
||||
Discourse.User.currentProp("trust_level", 1);
|
||||
this.stub(bootbox, "alert");
|
||||
|
||||
ok(!validUpload([image]));
|
||||
|
|
@ -70,6 +69,7 @@ var dummyBlob = function() {
|
|||
};
|
||||
|
||||
test("allows valid uploads to go through", function() {
|
||||
Discourse.User.currentProp("trust_level", 1);
|
||||
Discourse.SiteSettings.max_image_size_kb = 15;
|
||||
this.stub(bootbox, "alert");
|
||||
|
||||
|
|
|
|||
|
|
@ -0,0 +1,2 @@
|
|||
/*jshint maxlen:10000000 */
|
||||
Discourse.URL_FIXTURES["/draft.json"] = {};
|
||||
File diff suppressed because one or more lines are too long
|
|
@ -16,4 +16,12 @@ test('searchContext', function() {
|
|||
var user = Discourse.User.create({id: 1, username: 'EvilTrout'});
|
||||
|
||||
deepEqual(user.get('searchContext'), {type: 'user', id: 'eviltrout', user: user}, "has a search context");
|
||||
});
|
||||
});
|
||||
|
||||
test("isAllowedToUploadAFile", function() {
|
||||
var user = Discourse.User.create({ trust_level: 0, admin: true });
|
||||
ok(user.isAllowedToUploadAFile("image"), "admin can always upload a file");
|
||||
|
||||
user.setProperties({ admin: false, moderator: true });
|
||||
ok(user.isAllowedToUploadAFile("image"), "moderator can always upload a file");
|
||||
});
|
||||
|
|
|
|||
Loading…
Reference in New Issue