From 5a00d1964fc622f92219d8c11c8cdd00a643695c Mon Sep 17 00:00:00 2001
From: marstall <marstall@users.noreply.github.com>
Date: Mon, 29 Jan 2024 12:44:32 -0500
Subject: [PATCH] DEV: add site setting to disable watched word checking in
 user fields (#25411)

adding a hidden sitesetting, `disable_watched_word_checking_in_user_fields` - false by default. if set to true, you can use any word at all in user profile fields.

meta: https://meta.discourse.org/t/watched-words-scope/282699/20
---
 app/models/user.rb           | 11 +++++++++--
 config/locales/server.en.yml |  1 +
 config/site_settings.yml     |  3 +++
 spec/models/user_spec.rb     | 22 ++++++++++++++++++++++
 4 files changed, 35 insertions(+), 2 deletions(-)

diff --git a/app/models/user.rb b/app/models/user.rb
index 6f38448089f..0326df16c34 100644
--- a/app/models/user.rb
+++ b/app/models/user.rb
@@ -151,7 +151,10 @@ class User < ActiveRecord::Base
   validates :name, user_full_name: true, if: :will_save_change_to_name?, length: { maximum: 255 }
   validates :ip_address, allowed_ip_address: { on: :create }
   validates :primary_email, presence: true, unless: :skip_email_validation
-  validates :validatable_user_fields_values, watched_words: true, unless: :custom_fields_clean?
+  validates :validatable_user_fields_values,
+            watched_words: true,
+            unless: :should_skip_user_fields_validation?
+
   validates_associated :primary_email,
                        message: ->(_, user_email) { user_email[:value]&.errors&.[](:email)&.first }
 
@@ -180,7 +183,7 @@ class User < ActiveRecord::Base
   before_save :ensure_password_is_hashed
   before_save :match_primary_group_changes
   before_save :check_if_title_is_badged_granted
-  before_save :apply_watched_words, unless: :custom_fields_clean?
+  before_save :apply_watched_words, unless: :should_skip_user_fields_validation?
 
   after_save :expire_tokens_if_password_changed
   after_save :clear_global_notice_if_needed
@@ -354,6 +357,10 @@ class User < ActiveRecord::Base
       )
   end
 
+  def should_skip_user_fields_validation?
+    custom_fields_clean? || SiteSetting.disable_watched_word_checking_in_user_fields
+  end
+
   def secured_sidebar_category_ids(user_guardian = nil)
     user_guardian ||= guardian
 
diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml
index 800406f9c7f..e2a09c53cad 100644
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@@ -2355,6 +2355,7 @@ en:
     code_formatting_style: "Code button in composer will default to this code formatting style"
 
     max_allowed_message_recipients: "Maximum recipients allowed in a message."
+    disable_watched_word_checking_in_user_fields: "disable watched word checking in user fields"
     watched_words_regular_expressions: "Watched words are regular expressions."
 
     enable_diffhtml_preview: "Experimental feature which uses diffHTML to sync preview instead of full re-render"
diff --git a/config/site_settings.yml b/config/site_settings.yml
index c115ab839fb..a91412d285c 100644
--- a/config/site_settings.yml
+++ b/config/site_settings.yml
@@ -1122,6 +1122,9 @@ posting:
   max_allowed_message_recipients:
     default: 30
     min: 1
+  disable_watched_word_checking_in_user_fields:
+    hidden: true
+    default: false
   watched_words_regular_expressions:
     client: true
     default: false
diff --git a/spec/models/user_spec.rb b/spec/models/user_spec.rb
index 5f051a5b568..354242c722c 100644
--- a/spec/models/user_spec.rb
+++ b/spec/models/user_spec.rb
@@ -281,6 +281,11 @@ RSpec.describe User do
           context "when user field is private" do
             before { user_field.update(show_on_profile: false) }
 
+            it { is_expected.to be_valid }
+          end
+          context "when SiteSetting.disable_watched_word_checking_in_user_fields is true" do
+            before { SiteSetting.disable_watched_word_checking_in_user_fields = true }
+
             it { is_expected.to be_valid }
           end
         end
@@ -296,6 +301,15 @@ RSpec.describe User do
               user.save!
               expect(user_field_value).to eq "■■■■■■■■ word"
             end
+
+            context "when SiteSetting.disable_watched_word_checking_in_user_fields is true" do
+              before { SiteSetting.disable_watched_word_checking_in_user_fields = true }
+
+              it "does not censor the words upon saving" do
+                user.save!
+                expect(user_field_value).to eq "censored word"
+              end
+            end
           end
 
           context "when user field is private" do
@@ -324,6 +338,14 @@ RSpec.describe User do
               user.save!
               expect(user_field_value).to eq "word replaced"
             end
+            context "when SiteSetting.disable_watched_word_checking_in_user_fields is true" do
+              before { SiteSetting.disable_watched_word_checking_in_user_fields = true }
+
+              it "does not replace anything" do
+                user.save!
+                expect(user_field_value).to eq "word to replace"
+              end
+            end
           end
 
           context "when user field is private" do