From d9c026bec547c0c86de7ea310ef2768e9c11f066 Mon Sep 17 00:00:00 2001
From: Autumn Perrault <autumn@denocte.net>
Date: Tue, 19 Nov 2013 05:09:58 -0700
Subject: [PATCH] Fixing neglect to determine whether a user has the permission
 to create a topic on a category (besides being able to create a post) in
 ListController, TopicList, and TopicListSerializer causing the "Create Topic"
 button to appear even if a user cannot actually create a topic in that
 category but can reply to a topic therein.

---
 app/controllers/list_controller.rb       | 4 ++++
 app/models/topic_list.rb                 | 6 +++++-
 app/serializers/topic_list_serializer.rb | 6 +++++-
 lib/guardian.rb                          | 4 +++-
 4 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/app/controllers/list_controller.rb b/app/controllers/list_controller.rb
index 3b56132a737..10116539651 100644
--- a/app/controllers/list_controller.rb
+++ b/app/controllers/list_controller.rb
@@ -11,6 +11,9 @@ class ListController < ApplicationController
       user = list_target_user
       list = TopicQuery.new(user, list_opts).public_send("list_#{filter}")
       list.more_topics_url = construct_url_with(filter, list_opts)
+      if list_opts.include?(:category)
+        list.category = Category.where(name: list_opts[:category]).first
+      end
       if [:latest, :hot].include?(filter)
         @description = SiteSetting.site_description
         @rss = filter
@@ -51,6 +54,7 @@ class ListController < ApplicationController
     query = TopicQuery.new(current_user, list_opts)
     list = query.list_latest
     list.more_topics_url = construct_url_with(:latest, list_opts)
+    list.category = @category if @category
     respond(list)
   end
 
diff --git a/app/models/topic_list.rb b/app/models/topic_list.rb
index 0d8ed9ca085..f782ed6507c 100644
--- a/app/models/topic_list.rb
+++ b/app/models/topic_list.rb
@@ -47,7 +47,11 @@ class TopicList
   end
 
   def attributes
-    {'more_topics_url' => page}
+    hash = {'more_topics_url' => page}
+    if @category.present?
+      hash['category'] = @category
+    end
+    hash
   end
 
   def has_rank_details?
diff --git a/app/serializers/topic_list_serializer.rb b/app/serializers/topic_list_serializer.rb
index 282786cc508..9c81c445c43 100644
--- a/app/serializers/topic_list_serializer.rb
+++ b/app/serializers/topic_list_serializer.rb
@@ -18,7 +18,11 @@ class TopicListSerializer < ApplicationSerializer
   end
 
   def can_create_topic
-    scope.can_create?(Topic)
+    if object.category.present?
+      scope.can_create?(Topic, object.category)
+    else
+      scope.can_create?(Topic)
+    end
   end
 
   def include_more_topics_url?
diff --git a/lib/guardian.rb b/lib/guardian.rb
index 0d1806ebe45..10fc2333751 100644
--- a/lib/guardian.rb
+++ b/lib/guardian.rb
@@ -244,7 +244,9 @@ class Guardian
   end
 
   def can_create_topic?(parent)
-    user && user.trust_level >= SiteSetting.min_trust_to_create_topic.to_i && can_create_post?(parent)
+    user &&
+    user.trust_level >= SiteSetting.min_trust_to_create_topic.to_i &&
+    can_create_post?(parent)
   end
 
   def can_create_topic_on_category?(category)