FIX: staged user doesn't get notified for replies in topics they created in secured categories

2016-02-24 11:30:17 +01:00 · 2016-02-24 11:30:17 +01:00 · 415efd0f5b
parent 0097dc55b5
commit 415efd0f5b
3 changed files with 56 additions and 1 deletions
--- a/lib/guardian.rb
+++ b/lib/guardian.rb
@ -22,6 +22,7 @@ class Guardian
    def staff?; false; end
    def moderator?; false; end
    def approved?; false; end
+    def staged?; false; end
    def secure_category_ids; []; end
    def topic_create_allowed_category_ids; []; end
    def has_trust_level?(level); false; end
--- a/lib/guardian/category_guardian.rb
+++ b/lib/guardian/category_guardian.rb
@ -45,7 +45,10 @@ module CategoryGuardian
  end

  def can_see_category?(category)
-    not(category.read_restricted) || secure_category_ids.include?(category.id)
+    is_admin? ||
+    !category.read_restricted ||
+    (@user.staged? && category.email_in.present? && category.email_in_allow_strangers) ||
+    secure_category_ids.include?(category.id)
  end

  def secure_category_ids
--- a/spec/components/guardian_spec.rb
+++ b/spec/components/guardian_spec.rb
@ -370,6 +370,57 @@ describe Guardian do
      end
    end

+    describe 'a Category' do
+
+      it 'allows public categories' do
+        public_category = build(:category, read_restricted: false)
+        expect(Guardian.new.can_see?(public_category)).to be_truthy
+      end
+
+      it 'correctly handles secure categories' do
+        normal_user = build(:user)
+        staged_user = build(:user, staged: true)
+        admin_user  = build(:user, admin: true)
+
+        secure_category = build(:category, read_restricted: true)
+        expect(Guardian.new(normal_user).can_see?(secure_category)).to be_falsey
+        expect(Guardian.new(staged_user).can_see?(secure_category)).to be_falsey
+        expect(Guardian.new(admin_user).can_see?(secure_category)).to be_truthy
+
+        secure_category = build(:category, read_restricted: true, email_in: "foo@bar.com")
+        expect(Guardian.new(normal_user).can_see?(secure_category)).to be_falsey
+        expect(Guardian.new(staged_user).can_see?(secure_category)).to be_falsey
+        expect(Guardian.new(admin_user).can_see?(secure_category)).to be_truthy
+
+        secure_category = build(:category, read_restricted: true, email_in_allow_strangers: true)
+        expect(Guardian.new(normal_user).can_see?(secure_category)).to be_falsey
+        expect(Guardian.new(staged_user).can_see?(secure_category)).to be_falsey
+        expect(Guardian.new(admin_user).can_see?(secure_category)).to be_truthy
+
+        secure_category = build(:category, read_restricted: true, email_in: "foo@bar.com", email_in_allow_strangers: true)
+        expect(Guardian.new(normal_user).can_see?(secure_category)).to be_falsey
+        expect(Guardian.new(staged_user).can_see?(secure_category)).to be_truthy
+        expect(Guardian.new(admin_user).can_see?(secure_category)).to be_truthy
+      end
+
+      it 'allows members of an authorized group' do
+        user = Fabricate(:user)
+        group = Fabricate(:group)
+
+        secure_category = Fabricate(:category)
+        secure_category.set_permissions(group => :readonly)
+        secure_category.save
+
+        expect(Guardian.new(user).can_see?(secure_category)).to be_falsey
+
+        group.add(user)
+        group.save
+
+        expect(Guardian.new(user).can_see?(secure_category)).to be_truthy
+      end
+
+    end
+
    describe 'a Topic' do
      it 'allows non logged in users to view topics' do
        expect(Guardian.new.can_see?(topic)).to be_truthy