Disable editing of hidden posts within a timeframe from when the post

was initially hidden.
2025-02-06 03:18:23 +00:00 · 2014-06-20 15:38:03 -04:00 · 2014-06-20 15:38:03 -04:00 · a2fec165d5
commit a2fec165d5
parent 3811efa5e2
3 changed files with 25 additions and 3 deletions
--- a/app/models/post_action.rb
+++ b/app/models/post_action.rb
@ -309,7 +309,7 @@ class PostAction < ActiveRecord::Base

    Post.where(id: post.id).update_all(["hidden = true, hidden_at = CURRENT_TIMESTAMP, hidden_reason_id = COALESCE(hidden_reason_id, ?)", reason])
    Topic.where(["id = :topic_id AND NOT EXISTS(SELECT 1 FROM POSTS WHERE topic_id = :topic_id AND NOT hidden)",
-                      topic_id: post.topic_id]).update_all({ visible: false })
+                      topic_id: post.topic_id]).update_all(visible: false)

    # inform user
    if post.user
--- a/lib/guardian/post_guardian.rb
+++ b/lib/guardian/post_guardian.rb
@ -80,8 +80,12 @@ module PostGuardian
      return true
    end

-    if is_my_own?(post) && !post.edit_time_limit_expired?
-      return true
+    if is_my_own?(post)
+      return false if post.hidden? &&
+                      post.hidden_at.present? &&
+                      post.hidden_at >= SiteSetting.cooldown_minutes_after_hiding_posts.minutes.ago
+
+      return !post.edit_time_limit_expired?
    end

    false
--- a/spec/components/guardian_spec.rb
+++ b/spec/components/guardian_spec.rb
@ -640,6 +640,24 @@ describe Guardian do
        Guardian.new(post.user).can_edit?(post).should be_true
      end

+      it "returns false if the post is hidden due to flagging and it's too soon" do
+        post.hidden = true
+        post.hidden_at = Time.now
+        Guardian.new(post.user).can_edit?(post).should be_false
+      end
+
+      it "returns true if the post is hidden due to flagging and it been enough time" do
+        post.hidden = true
+        post.hidden_at = (SiteSetting.cooldown_minutes_after_hiding_posts + 1).minutes.ago
+        Guardian.new(post.user).can_edit?(post).should be_true
+      end
+
+      it "returns true if the post is hidden due to flagging and it's got a nil `hidden_at`" do
+        post.hidden = true
+        post.hidden_at = nil
+        Guardian.new(post.user).can_edit?(post).should be_true
+      end
+
      it 'returns false if you are trying to edit a post you soft deleted' do
        post.user_deleted = true
        Guardian.new(post.user).can_edit?(post).should be_false