From 95be7f494012e47c8281be969693e88919d933f9 Mon Sep 17 00:00:00 2001
From: Amanda Alves Branquinho <amanda@discourse.org>
Date: Thu, 11 Jul 2024 22:16:15 -0300
Subject: [PATCH] Backport changes from PR #27811 (#27874)

---
 config/routes.rb                       |  2 +-
 spec/requests/posts_controller_spec.rb | 18 ++++++++++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/config/routes.rb b/config/routes.rb
index 51ee33f4428..c176e7df81e 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -1094,7 +1094,7 @@ Discourse::Application.routes.draw do
     delete "admin/groups/:id/members" => "groups#remove_member", :constraints => AdminConstraint.new
     put "admin/groups/:id/members" => "groups#add_members", :constraints => AdminConstraint.new
 
-    resources :posts, only: %i[show update create destroy] do
+    resources :posts, only: %i[show update create destroy], defaults: { format: "json" } do
       delete "bookmark", to: "posts#destroy_bookmark"
       put "wiki"
       put "post_type"
diff --git a/spec/requests/posts_controller_spec.rb b/spec/requests/posts_controller_spec.rb
index 1c228be1360..4baa793ec30 100644
--- a/spec/requests/posts_controller_spec.rb
+++ b/spec/requests/posts_controller_spec.rb
@@ -643,6 +643,24 @@ RSpec.describe PostsController do
       expect(post.topic.reload.category_id).not_to eq(category.id)
     end
 
+    describe "trying to add a link without permission" do
+      it "returns an error message if links are added to posts when not allowed" do
+        post = create_post
+        sign_in(post.user)
+        SiteSetting.post_links_allowed_groups = Group::AUTO_GROUPS[:admins]
+
+        put "/posts/#{post.id}",
+            params: {
+              post: {
+                raw: "I'm editing this post to add www.linkhere.com",
+              },
+            }
+
+        expect(response.status).to eq(422)
+        expect(response.body).to include("Sorry, you can't include links in your posts.")
+      end
+    end
+
     describe "with Post.plugin_permitted_update_params" do
       before do
         plugin = Plugin::Instance.new