From 6bcdc3ba4b67bb9c33496889e1c2aee6cfff36f0 Mon Sep 17 00:00:00 2001 From: Arpit Jalan Date: Tue, 26 Jun 2018 21:15:50 +0530 Subject: [PATCH] FEATURE: allow author to delete posts irrespective of post_edit_time_limit --- app/controllers/posts_controller.rb | 11 +--------- lib/guardian/post_guardian.rb | 3 --- spec/components/guardian_spec.rb | 28 -------------------------- spec/requests/posts_controller_spec.rb | 12 ----------- 4 files changed, 1 insertion(+), 53 deletions(-) diff --git a/app/controllers/posts_controller.rb b/app/controllers/posts_controller.rb index 410a00b80f2..be2eb391450 100644 --- a/app/controllers/posts_controller.rb +++ b/app/controllers/posts_controller.rb @@ -185,7 +185,7 @@ class PostsController < ApplicationController post.image_sizes = params[:image_sizes] if params[:image_sizes].present? - if too_late_to(:edit, post) + if !guardian.send("can_edit?", post) && post.user_id == current_user.id && post.edit_time_limit_expired? return render json: { errors: [I18n.t('too_late_to_edit')] }, status: 422 end @@ -268,11 +268,6 @@ class PostsController < ApplicationController post = find_post_from_params RateLimiter.new(current_user, "delete_post", 3, 1.minute).performed! unless current_user.staff? - if too_late_to(:delete_post, post) - render json: { errors: [I18n.t('too_late_to_edit')] }, status: 422 - return - end - guardian.ensure_can_delete!(post) destroyer = PostDestroyer.new(current_user, post, context: params[:context]) @@ -691,10 +686,6 @@ class PostsController < ApplicationController end) end - def too_late_to(action, post) - !guardian.send("can_#{action}?", post) && post.user_id == current_user.id && post.edit_time_limit_expired? - end - def display_post(post) post.revert_to(params[:version].to_i) if params[:version].present? render_post_json(post) diff --git a/lib/guardian/post_guardian.rb b/lib/guardian/post_guardian.rb index ff7dbf2f15d..49a9688c9f8 100644 --- a/lib/guardian/post_guardian.rb +++ b/lib/guardian/post_guardian.rb @@ -164,9 +164,6 @@ module PostGuardian # Can't delete the first post return false if post.is_first_post? - # Can't delete after post_edit_time_limit minutes have passed - return false if !is_staff? && post.edit_time_limit_expired? - # Can't delete posts in archived topics unless you are staff return false if !is_staff? && post.topic.archived? diff --git a/spec/components/guardian_spec.rb b/spec/components/guardian_spec.rb index f0d2b03ec20..80e2e5c97dc 100644 --- a/spec/components/guardian_spec.rb +++ b/spec/components/guardian_spec.rb @@ -1707,34 +1707,6 @@ describe Guardian do expect(Guardian.new(admin).can_delete?(post)).to be_falsey end - context 'post is older than post_edit_time_limit' do - let(:old_post) { build(:post, topic: topic, user: topic.user, post_number: 2, created_at: 6.minutes.ago) } - before do - SiteSetting.post_edit_time_limit = 5 - end - - it 'returns false to the author of the post' do - expect(Guardian.new(old_post.user).can_delete?(old_post)).to eq(false) - end - - it 'returns true as a moderator' do - expect(Guardian.new(moderator).can_delete?(old_post)).to eq(true) - end - - it 'returns true as an admin' do - expect(Guardian.new(admin).can_delete?(old_post)).to eq(true) - end - - it "returns false when it's the OP, even as a moderator" do - old_post.post_number = 1 - expect(Guardian.new(moderator).can_delete?(old_post)).to eq(false) - end - - it 'returns false for another regular user trying to delete your post' do - expect(Guardian.new(coding_horror).can_delete?(old_post)).to eq(false) - end - end - context 'the topic is archived' do before do post.topic.archived = true diff --git a/spec/requests/posts_controller_spec.rb b/spec/requests/posts_controller_spec.rb index 7f6620bd05a..90090937248 100644 --- a/spec/requests/posts_controller_spec.rb +++ b/spec/requests/posts_controller_spec.rb @@ -124,18 +124,6 @@ describe PostsController do let(:user) { Fabricate(:user) } let(:moderator) { Fabricate(:moderator) } - it 'does not allow to destroy when edit time limit expired' do - SiteSetting.post_edit_time_limit = 5 - - post = Fabricate(:post, topic: topic, created_at: 10.minutes.ago, user: user, post_number: 3) - sign_in(user) - - delete "/posts/#{post.id}.json" - - expect(response.status).to eq(422) - expect(JSON.parse(response.body)['errors']).to include(I18n.t('too_late_to_edit')) - end - it "raises an error when the user doesn't have permission to see the post" do pm = Fabricate(:private_message_topic) post = Fabricate(:post, topic: pm, post_number: 3)