FIX: allow local oneboxes to public topics/posts in PM
This commit is contained in:
parent
991dfadad7
commit
8e0da35857
|
@ -165,14 +165,16 @@ module Oneboxer
|
|||
|
||||
def self.local_topic_html(url, route, opts)
|
||||
return unless current_user = User.find_by(id: opts[:user_id])
|
||||
return unless current_category = Category.find_by(id: opts[:category_id])
|
||||
return unless Guardian.new(current_user).can_see_category?(current_category)
|
||||
|
||||
if current_category = Category.find_by(id: opts[:category_id])
|
||||
return unless Guardian.new(current_user).can_see_category?(current_category)
|
||||
end
|
||||
|
||||
if route[:post_number].to_i > 1
|
||||
post = Post.find_by(topic_id: route[:topic_id], post_number: route[:post_number])
|
||||
|
||||
return unless post.present? && !post.hidden
|
||||
return unless current_category.id == post.topic.category_id || Guardian.new.can_see_post?(post)
|
||||
return unless current_category&.id == post.topic.category_id || Guardian.new.can_see_post?(post)
|
||||
|
||||
topic = post.topic
|
||||
excerpt = post.excerpt(SiteSetting.post_onebox_maxlength)
|
||||
|
@ -184,7 +186,7 @@ module Oneboxer
|
|||
PrettyText.cook(quote)
|
||||
else
|
||||
return unless topic = Topic.find_by(id: route[:topic_id])
|
||||
return unless current_category.id == topic.category_id || Guardian.new.can_see_topic?(topic)
|
||||
return unless current_category&.id == topic.category_id || Guardian.new.can_see_topic?(topic)
|
||||
|
||||
first_post = topic.ordered_posts.first
|
||||
|
||||
|
|
|
@ -100,35 +100,45 @@ describe OneboxController do
|
|||
describe "local onebox" do
|
||||
|
||||
it 'does not cache local oneboxes' do
|
||||
post1 = create_post
|
||||
url = Discourse.base_url + post1.url
|
||||
post = create_post
|
||||
url = Discourse.base_url + post.url
|
||||
|
||||
get :show, params: { url: url, category_id: post1.topic.category_id }, format: :json
|
||||
get :show, params: { url: url, category_id: post.topic.category_id }, format: :json
|
||||
expect(response.body).to include('blockquote')
|
||||
|
||||
post1.trash!
|
||||
post.trash!
|
||||
|
||||
get :show, params: { url: url, category_id: post1.topic.category_id }, format: :json
|
||||
get :show, params: { url: url, category_id: post.topic.category_id }, format: :json
|
||||
expect(response.body).not_to include('blockquote')
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
it 'does not onebox when you have no permission on category' do
|
||||
log_in
|
||||
|
||||
it 'does not onebox when you have no permission on category' do
|
||||
log_in
|
||||
post = create_post
|
||||
url = Discourse.base_url + post.url
|
||||
|
||||
post1 = create_post
|
||||
url = Discourse.base_url + post1.url
|
||||
get :show, params: { url: url, category_id: post.topic.category_id }, format: :json
|
||||
expect(response.body).to include('blockquote')
|
||||
|
||||
get :show, params: { url: url, category_id: post1.topic.category_id }, format: :json
|
||||
expect(response.body).to include('blockquote')
|
||||
post.topic.category.set_permissions(staff: :full)
|
||||
post.topic.category.save
|
||||
|
||||
post1.topic.category.set_permissions(staff: :full)
|
||||
post1.topic.category.save
|
||||
get :show, params: { url: url, category_id: post.topic.category_id }, format: :json
|
||||
expect(response.body).not_to include('blockquote')
|
||||
end
|
||||
|
||||
it 'allows onebox to public topics/posts in PM' do
|
||||
log_in
|
||||
|
||||
post = create_post
|
||||
url = Discourse.base_url + post.url
|
||||
|
||||
get :show, params: { url: url }, format: :json
|
||||
expect(response.body).to include('blockquote')
|
||||
end
|
||||
|
||||
get :show, params: { url: url, category_id: post1.topic.category_id }, format: :json
|
||||
expect(response.body).not_to include('blockquote')
|
||||
end
|
||||
|
||||
end
|
||||
|
|
Loading…
Reference in New Issue