FIX: self-onebox in read protected categories
This commit is contained in:
parent
bc2c6b0918
commit
9ef724a065
|
@ -26,7 +26,7 @@ module Onebox
|
|||
|
||||
case route[:controller]
|
||||
when "uploads" then upload_html(path)
|
||||
when "topics" then topic_html(path, route)
|
||||
when "topics" then topic_html(route)
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -41,13 +41,14 @@ module Onebox
|
|||
end
|
||||
end
|
||||
|
||||
def topic_html(path, route)
|
||||
def topic_html(route)
|
||||
link = "<a href='#{@url}'>#{@url}</a>"
|
||||
source_topic_id = @url[/[&?]source_topic_id=(\d+)/, 1].to_i
|
||||
source_topic = Topic.find_by(id: source_topic_id) if source_topic_id > 0
|
||||
|
||||
if route[:post_number].present? && route[:post_number].to_i > 1
|
||||
post = Post.find_by(topic_id: route[:topic_id], post_number: route[:post_number])
|
||||
return link if post.nil? || post.hidden || !Guardian.new.can_see?(post)
|
||||
return link unless can_see_post?(post, source_topic)
|
||||
|
||||
topic = post.topic
|
||||
slug = Slug.for(topic.title)
|
||||
|
@ -63,7 +64,7 @@ module Onebox
|
|||
PrettyText.cook(quote, args)
|
||||
else
|
||||
topic = Topic.find_by(id: route[:topic_id])
|
||||
return link if topic.nil? || !Guardian.new.can_see?(topic)
|
||||
return link unless can_see_topic?(topic, source_topic)
|
||||
|
||||
first_post = topic.ordered_posts.first
|
||||
|
||||
|
@ -81,6 +82,20 @@ module Onebox
|
|||
end
|
||||
end
|
||||
|
||||
def can_see_post?(post, source_topic)
|
||||
return false if post.nil? || post.hidden || post.trashed? || post.topic.nil?
|
||||
Guardian.new.can_see_post?(post) || same_category?(post.topic.category, source_topic)
|
||||
end
|
||||
|
||||
def can_see_topic?(topic, source_topic)
|
||||
return false if topic.nil? || topic.trashed? || topic.private_message?
|
||||
Guardian.new.can_see_topic?(topic) || same_category?(topic.category, source_topic)
|
||||
end
|
||||
|
||||
def same_category?(category, source_topic)
|
||||
source_topic.try(:category_id) == category.try(:id)
|
||||
end
|
||||
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
@ -15,7 +15,7 @@ describe Onebox::Engine::DiscourseLocalOnebox do
|
|||
|
||||
it "returns a link if not allowed to see the post" do
|
||||
url = "#{Discourse.base_url}#{post2.url}"
|
||||
Guardian.any_instance.stubs(:can_see?).returns(false)
|
||||
Guardian.any_instance.expects(:can_see_post?).returns(false)
|
||||
expect(Onebox.preview(url).to_s).to eq("<a href='#{url}'>#{url}</a>")
|
||||
end
|
||||
|
||||
|
@ -46,9 +46,9 @@ describe Onebox::Engine::DiscourseLocalOnebox do
|
|||
expect(Onebox.preview(url).to_s).to eq("<a href='#{url}'>#{url}</a>")
|
||||
end
|
||||
|
||||
it "returns a link if not allowed to see the post" do
|
||||
it "returns a link if not allowed to see the topic" do
|
||||
url = topic.url
|
||||
Guardian.any_instance.stubs(:can_see?).returns(false)
|
||||
Guardian.any_instance.expects(:can_see_topic?).returns(false)
|
||||
expect(Onebox.preview(url).to_s).to eq("<a href='#{url}'>#{url}</a>")
|
||||
end
|
||||
|
||||
|
@ -57,8 +57,7 @@ describe Onebox::Engine::DiscourseLocalOnebox do
|
|||
expect(Onebox.preview(topic.url).to_s).to match(/hamburger\.png/)
|
||||
end
|
||||
|
||||
it "returns some onebox goodness if post exists and can be seen" do
|
||||
Guardian.any_instance.stubs(:can_see?).returns(true)
|
||||
it "returns some onebox goodness if topic exists and can be seen" do
|
||||
html = Onebox.preview(topic.url).to_s
|
||||
expect(html).to include(topic.ordered_posts.first.user.username)
|
||||
expect(html).to include("<blockquote>")
|
||||
|
@ -101,7 +100,6 @@ describe Onebox::Engine::DiscourseLocalOnebox do
|
|||
|
||||
it "returns some onebox goodness if post exists and can be seen" do
|
||||
url = "#{Discourse.base_url}#{post2.url}?source_topic_id=#{post2.topic_id+1}"
|
||||
Guardian.any_instance.stubs(:can_see?).returns(true)
|
||||
html = Onebox.preview(url).to_s
|
||||
expect(html).to include(post2.excerpt)
|
||||
expect(html).to include(post2.topic.title)
|
||||
|
|
Loading…
Reference in New Issue