Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of github.com:discourse/discourse

This commit is contained in:
Sam Saffron 2019-08-19 17:21:17 +10:00
parent accbbded15 24f94c40a6
commit 47638ffea4
3 changed files with 36 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
app/assets/javascripts/discourse/models/nav-item.js.es6
View File

@ -101,18 +101,8 @@ const NavItem = Discourse.Model.extend({
}); });
const ExtraNavItem = NavItem.extend({ const ExtraNavItem = NavItem.extend({
href: Ember.computed({ @computed("href")
set(key, value) { href: href => href,
let customHref;
NavItem.customNavItemHrefs.forEach(function(cb) {
customHref = cb.call(this, this);
if (customHref) {
return false;
}
}, this);
return customHref || value;
}
}),
customFilter: null customFilter: null
}); });
@ -189,6 +179,11 @@ NavItem.reopenClass({
return item.customFilter.call(this, category, args); return item.customFilter.call(this, category, args);
}); });
extraItems.forEach(item => {
if (!item.customHref) return;
item.set("href", item.customHref.call(this, category, args));
});
return items.concat(extraItems); return items.concat(extraItems);
} }
}); });

2
app/controllers/categories_controller.rb
View File

@ -117,6 +117,8 @@ class CategoriesController < ApplicationController
end end
def show def show
guardian.ensure_can_see!(@category)
if Category.topic_create_allowed(guardian).where(id: @category.id).exists? if Category.topic_create_allowed(guardian).where(id: @category.id).exists?
@category.permission = CategoryGroup.permission_types[:full] @category.permission = CategoryGroup.permission_types[:full]
end end

27
spec/requests/categories_controller_spec.rb
View File

@ -188,6 +188,33 @@ describe CategoriesController do
end end
end end
context '#show' do
before do
category.set_permissions(admins: :full)
category.save!
end
it "requires the user to be logged in" do
get "/c/#{category.id}/show.json"
expect(response.status).to eq(403)
end
describe "logged in" do
it "raises an exception if they don't have permission to see it" do
admin.update!(admin: false)
sign_in(admin)
get "/c/#{category.id}/show.json"
expect(response.status).to eq(403)
end
it "renders category for users that have permission" do
sign_in(admin)
get "/c/#{category.id}/show.json"
expect(response.status).to eq(200)
end
end
end
context '#destroy' do context '#destroy' do
it "requires the user to be logged in" do it "requires the user to be logged in" do
delete "/categories/category.json" delete "/categories/category.json"