Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

FIX: Filter out secured categories first (#29916) 

The hierarchical search for categories is composed of several complex
nested queries. This change ensures that the secured categories are
filtered out as soon as possible to ensure that the default limit of 5
categories is reached.

Without this fix, the search can return less than 5 categories if any
of the first 5 categories cannot be displayed due to permissions.
This commit is contained in:
Bianca Nenciu 2024-11-28 17:09:16 +02:00 committed by GitHub
parent 3c884e693c
commit 5b19e2ca0f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 25 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
app/controllers/categories_controller.rb
View File

@ -316,7 +316,12 @@ class CategoriesController < ApplicationController
page = [1, params[:page].to_i].max
offset = params[:offset].to_i
parent_category_id = params[:parent_category_id].to_i if params[:parent_category_id].present?
only = Category.where(id: params[:only].to_a.map(&:to_i)) if params[:only].present?
only =
if params[:only].present?
Category.secured(guardian).where(id: params[:only].to_a.map(&:to_i))
else
Category.secured(guardian)
end
except_ids = params[:except].to_a.map(&:to_i)
include_uncategorized =
(

19
spec/requests/categories_controller_spec.rb
View File

@ -1564,6 +1564,25 @@ RSpec.describe CategoriesController do
expect(response.parsed_body["categories"].length).not_to eq(0)
end
it "produces exactly 5 subcategories" do
subcategories = Fabricate.times(6, :category, parent_category: category)
subcategories[3].update!(read_restricted: true)
get "/categories/hierarchical_search.json"
expect(response.status).to eq(200)
expect(response.parsed_body["categories"].length).to eq(7)
expect(response.parsed_body["categories"].map { |c| c["id"] }).to contain_exactly(
category.id,
subcategories[0].id,
subcategories[1].id,
subcategories[2].id,
subcategories[4].id,
subcategories[5].id,
SiteSetting.uncategorized_category_id,
)
end
it "doesn't produce categories with a very specific term" do
get "/categories/hierarchical_search.json", params: { term: "acategorythatdoesnotexist" }