FIX: Handle separately invite to topic and forum (#14562)
Invite is used in two contexts, when inviting a new user to the forum and when inviting an existent user to a topic. The first case is more complex and it involves permission checks to ensure that new users can be created. In the second case, it is enough to ensure that the topic is visible for both users and that all preconditions are met. One edge case is the invite to topic via email functionality which checks for both conditions because first the user must be invited to create an account first and then to the topic. A side effect of these changes is that all site settings related to invites refer to inviting new users only now.
This commit is contained in:
parent
f5cf647e57
commit
d0bd96e19c
|
@ -365,7 +365,7 @@ class Guardian
|
||||||
end
|
end
|
||||||
|
|
||||||
def can_invite_to?(object, groups = nil)
|
def can_invite_to?(object, groups = nil)
|
||||||
return false if !can_invite_to_forum?(groups)
|
return false if !authenticated?
|
||||||
return false if !object.is_a?(Topic) || !can_see?(object)
|
return false if !object.is_a?(Topic) || !can_see?(object)
|
||||||
return false if groups.present?
|
return false if groups.present?
|
||||||
|
|
||||||
|
@ -385,6 +385,7 @@ class Guardian
|
||||||
end
|
end
|
||||||
|
|
||||||
def can_invite_via_email?(object)
|
def can_invite_via_email?(object)
|
||||||
|
return false if !can_invite_to_forum?
|
||||||
return false if !can_invite_to?(object)
|
return false if !can_invite_to?(object)
|
||||||
|
|
||||||
(SiteSetting.enable_local_logins || SiteSetting.enable_discourse_connect) &&
|
(SiteSetting.enable_local_logins || SiteSetting.enable_discourse_connect) &&
|
||||||
|
|
|
@ -548,11 +548,11 @@ describe Guardian do
|
||||||
expect(Guardian.new(nil).can_invite_to?(topic)).to be_falsey
|
expect(Guardian.new(nil).can_invite_to?(topic)).to be_falsey
|
||||||
expect(Guardian.new(moderator).can_invite_to?(nil)).to be_falsey
|
expect(Guardian.new(moderator).can_invite_to?(nil)).to be_falsey
|
||||||
expect(Guardian.new(moderator).can_invite_to?(topic)).to be_truthy
|
expect(Guardian.new(moderator).can_invite_to?(topic)).to be_truthy
|
||||||
expect(Guardian.new(trust_level_1).can_invite_to?(topic)).to be_falsey
|
expect(Guardian.new(trust_level_1).can_invite_to?(topic)).to be_truthy
|
||||||
|
|
||||||
SiteSetting.max_invites_per_day = 0
|
SiteSetting.max_invites_per_day = 0
|
||||||
|
|
||||||
expect(Guardian.new(user).can_invite_to?(topic)).to be_falsey
|
expect(Guardian.new(user).can_invite_to?(topic)).to be_truthy
|
||||||
# staff should be immune to max_invites_per_day setting
|
# staff should be immune to max_invites_per_day setting
|
||||||
expect(Guardian.new(moderator).can_invite_to?(topic)).to be_truthy
|
expect(Guardian.new(moderator).can_invite_to?(topic)).to be_truthy
|
||||||
end
|
end
|
||||||
|
@ -575,9 +575,9 @@ describe Guardian do
|
||||||
expect(Guardian.new(trust_level_2).can_invite_to?(topic)).to be_truthy
|
expect(Guardian.new(trust_level_2).can_invite_to?(topic)).to be_truthy
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'fails for normal users if must_approve_users' do
|
it 'return true for normal users even if must_approve_users' do
|
||||||
SiteSetting.must_approve_users = true
|
SiteSetting.must_approve_users = true
|
||||||
expect(Guardian.new(user).can_invite_to?(topic)).to be_falsey
|
expect(Guardian.new(user).can_invite_to?(topic)).to be_truthy
|
||||||
expect(Guardian.new(admin).can_invite_to?(topic)).to be_truthy
|
expect(Guardian.new(admin).can_invite_to?(topic)).to be_truthy
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -644,23 +644,6 @@ describe Guardian do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
context "when private messages are enabled" do
|
|
||||||
before do
|
|
||||||
SiteSetting.enable_personal_messages = true
|
|
||||||
SiteSetting.min_trust_level_to_allow_invite = 2
|
|
||||||
end
|
|
||||||
|
|
||||||
it "returns true if user has sufficient trust level" do
|
|
||||||
user.trust_level = 2
|
|
||||||
expect(Guardian.new(user).can_invite_to?(pm)).to be_truthy
|
|
||||||
end
|
|
||||||
|
|
||||||
it "returns false if user has sufficient trust level" do
|
|
||||||
user.trust_level = 1
|
|
||||||
expect(Guardian.new(user).can_invite_to?(pm)).to be_falsey
|
|
||||||
end
|
|
||||||
end
|
|
||||||
|
|
||||||
context "when PM has reached the maximum number of recipients" do
|
context "when PM has reached the maximum number of recipients" do
|
||||||
before do
|
before do
|
||||||
SiteSetting.max_allowed_message_recipients = 2
|
SiteSetting.max_allowed_message_recipients = 2
|
||||||
|
|
Loading…
Reference in New Issue