Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Revert "FEATURE: moderators allowed to view groups which members can see." 

Build is broken.

This reverts commit 2bf0c4188b.
This commit is contained in:
Guo Xiang Tan 2020-09-11 10:04:52 +08:00
parent e0a0928420
commit 7fc70900d2
No known key found for this signature in database
GPG Key ID: FBD110179AAC1F20
3 changed files with 68 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
app/models/group.rb
View File

@ -121,18 +121,18 @@ class Group < ActiveRecord::Base
end end
if !user&.admin if !user&.admin
is_staff = !!user&.staff?
if user.blank?
sql = "groups.visibility_level = :public"
elsif is_staff
sql = "groups.visibility_level IN (:public, :logged_on_users, :members, :staff)"
else
sql = <<~SQL sql = <<~SQL
groups.id IN ( groups.id IN (
SELECT id SELECT id
FROM groups FROM groups
WHERE visibility_level IN (:public, :logged_on_users) WHERE visibility_level = :public
UNION ALL
SELECT id
FROM groups
WHERE visibility_level = :logged_on_users
AND :user_id IS NOT NULL
UNION ALL UNION ALL
@ -143,15 +143,22 @@ class Group < ActiveRecord::Base
UNION ALL UNION ALL
SELECT g.id
FROM groups g
LEFT JOIN group_users gu ON gu.group_id = g.id AND gu.user_id = :user_id AND gu.owner
WHERE g.visibility_level = :staff
AND (gu.id IS NOT NULL OR :is_staff)
UNION ALL
SELECT g.id SELECT g.id
FROM groups g FROM groups g
JOIN group_users gu ON gu.group_id = g.id AND gu.user_id = :user_id AND gu.owner JOIN group_users gu ON gu.group_id = g.id AND gu.user_id = :user_id AND gu.owner
WHERE g.visibility_level IN (:staff, :owners) WHERE g.visibility_level = :owners
) )
SQL SQL
end
params = Group.visibility_levels.to_h.merge(user_id: user&.id, is_staff: is_staff) params = Group.visibility_levels.to_h.merge(user_id: user&.id, is_staff: !!user&.staff?)
groups = groups.where(sql, params) groups = groups.where(sql, params)
end end
@ -166,18 +173,18 @@ class Group < ActiveRecord::Base
end end
if !user&.admin if !user&.admin
is_staff = !!user&.staff?
if user.blank?
sql = "groups.members_visibility_level = :public"
elsif is_staff
sql = "groups.members_visibility_level IN (:public, :logged_on_users, :members, :staff)"
else
sql = <<~SQL sql = <<~SQL
groups.id IN ( groups.id IN (
SELECT id SELECT id
FROM groups FROM groups
WHERE members_visibility_level IN (:public, :logged_on_users) WHERE members_visibility_level = :public
UNION ALL
SELECT id
FROM groups
WHERE members_visibility_level = :logged_on_users
AND :user_id IS NOT NULL
UNION ALL UNION ALL
@ -188,15 +195,22 @@ class Group < ActiveRecord::Base
UNION ALL UNION ALL
SELECT g.id
FROM groups g
LEFT JOIN group_users gu ON gu.group_id = g.id AND gu.user_id = :user_id AND gu.owner
WHERE g.members_visibility_level = :staff
AND (gu.id IS NOT NULL OR :is_staff)
UNION ALL
SELECT g.id SELECT g.id
FROM groups g FROM groups g
JOIN group_users gu ON gu.group_id = g.id AND gu.user_id = :user_id AND gu.owner JOIN group_users gu ON gu.group_id = g.id AND gu.user_id = :user_id AND gu.owner
WHERE g.members_visibility_level IN (:staff, :owners) WHERE g.members_visibility_level = :owners
) )
SQL SQL
end
params = Group.visibility_levels.to_h.merge(user_id: user&.id, is_staff: is_staff) params = Group.visibility_levels.to_h.merge(user_id: user&.id, is_staff: !!user&.staff?)
groups = groups.where(sql, params) groups = groups.where(sql, params)
end end

4
config/locales/client.en.yml
View File

@ -3588,8 +3588,8 @@ en:
title: "Who can see this group?" title: "Who can see this group?"
public: "Everyone" public: "Everyone"
logged_on_users: "Logged on users" logged_on_users: "Logged on users"
members: "Group owners, members and moderators" members: "Group owners, members"
staff: "Group owners and moderators" staff: "Group owners and staff"
owners: "Group owners" owners: "Group owners"
description: "Admins can see all groups." description: "Admins can see all groups."
members_visibility_levels: members_visibility_levels:

4
spec/models/group_spec.rb
View File

@ -698,7 +698,7 @@ describe Group do
expect(can_view?(admin, group)).to eq(true) expect(can_view?(admin, group)).to eq(true)
expect(can_view?(owner, group)).to eq(true) expect(can_view?(owner, group)).to eq(true)
expect(can_view?(moderator, group)).to eq(true) expect(can_view?(moderator, group)).to eq(false)
expect(can_view?(member, group)).to eq(true) expect(can_view?(member, group)).to eq(true)
expect(can_view?(logged_on_user, group)).to eq(false) expect(can_view?(logged_on_user, group)).to eq(false)
expect(can_view?(nil, group)).to eq(false) expect(can_view?(nil, group)).to eq(false)
@ -763,7 +763,7 @@ describe Group do
expect(can_view?(admin, group)).to eq(true) expect(can_view?(admin, group)).to eq(true)
expect(can_view?(owner, group)).to eq(true) expect(can_view?(owner, group)).to eq(true)
expect(can_view?(moderator, group)).to eq(true) expect(can_view?(moderator, group)).to eq(false)
expect(can_view?(member, group)).to eq(true) expect(can_view?(member, group)).to eq(true)
expect(can_view?(logged_on_user, group)).to eq(false) expect(can_view?(logged_on_user, group)).to eq(false)
expect(can_view?(nil, group)).to eq(false) expect(can_view?(nil, group)).to eq(false)