FEATURE: Support disabling tag creation for non-staff users.

app/models/trust_level_and_staff_setting.rb

@@ -0,0 +1,21 @@
+require_dependency 'enum_site_setting'
+
+class TrustLevelAndStaffSetting < TrustLevelSetting
+  def self.valid_value?(val)
+    special_group?(val) ||
+    (val.to_i.to_s == val.to_s &&
+     valid_values.any? { |v| v == val.to_i })
+  end
+
+  def self.valid_values
+    TrustLevel.valid_range.to_a + special_groups
+  end
+
+  def self.special_group?(val)
+    special_groups.include?(val.to_s)
+  end
+
+  def self.special_groups
+    ['staff', 'admin']
+  end
+end

config/site_settings.yml

@@ -1647,11 +1647,11 @@ tags:
     default: 20
     client: true
   min_trust_to_create_tag:
-    default: 3
-    enum: 'TrustLevelSetting'
+    default: '3'
+    enum: 'TrustLevelAndStaffSetting'
   min_trust_level_to_tag_topics:
-    default: 0
-    enum: 'TrustLevelSetting'
+    default: '0'
+    enum: 'TrustLevelAndStaffSetting'
     client: true
   max_tag_search_results:
     client: true

lib/guardian/tag_guardian.rb

@@ -1,10 +1,14 @@
 #mixin for all guardian methods dealing with tagging permisions
 module TagGuardian
   def can_create_tag?
+    return is_admin? if SiteSetting.min_trust_to_create_tag.to_s == 'admin'
+    return is_staff? if SiteSetting.min_trust_to_create_tag.to_s == 'staff'
     user && SiteSetting.tagging_enabled && user.has_trust_level?(SiteSetting.min_trust_to_create_tag.to_i)
   end
 
   def can_tag_topics?
+    return is_admin? if SiteSetting.min_trust_level_to_tag_topics.to_s == 'admin'
+    return is_staff? if SiteSetting.min_trust_level_to_tag_topics.to_s == 'staff'
     user && SiteSetting.tagging_enabled && user.has_trust_level?(SiteSetting.min_trust_level_to_tag_topics.to_i)
   end