FIX: Don't allow editing seeded category security settings

This commit is contained in:
Kane York 2015-09-10 14:04:21 -07:00
parent ad481b3427
commit d86d4752cb
5 changed files with 30 additions and 10 deletions

View File

@ -7,16 +7,24 @@ export default buildCategoryPanel('security', {
actions: {
editPermissions() {
this.set('editingPermissions', true);
if (!this.get('category.is_special')) {
this.set('editingPermissions', true);
}
},
addPermission(group, id) {
this.get('category').addPermission({group_name: group + "",
permission: Discourse.PermissionType.create({id})});
if (!this.get('category.is_special')) {
this.get('category').addPermission({
group_name: group + "",
permission: Discourse.PermissionType.create({id})
});
}
},
removePermission(permission) {
this.get('category').removePermission(permission);
if (!this.get('category.is_special')) {
this.get('category').removePermission(permission);
}
},
}
});

View File

@ -1,4 +1,9 @@
<section class='field'>
{{#if category.is_special}}
<p class="warning">{{i18n 'category.special_warning'}}</p>
{{else}}
{{/if}}
<ul class='permission-list'>
{{#each category.permissions as |p|}}
<li>
@ -16,6 +21,8 @@
{{view 'select' class="permission-selector" optionValuePath="content.id" optionLabelPath="content.description" content=category.availablePermissions value=selectedPermission}}
<button {{action "addPermission" selectedGroup selectedPermission}} class="btn btn-small">{{i18n 'category.add_permission'}}</button>
{{else}}
<button {{action "editPermissions"}} class="btn btn-small">{{i18n 'category.edit_permissions'}}</button>
{{#unless category.is_special}}
<button {{action "editPermissions"}} class="btn btn-small">{{i18n 'category.edit_permissions'}}</button>
{{/unless}}
{{/if}}
</section>

View File

@ -11,6 +11,7 @@ class CategorySerializer < BasicCategorySerializer
:suppress_from_homepage,
:can_delete,
:cannot_delete_reason,
:is_special,
:allow_badges,
:custom_fields
@ -37,6 +38,11 @@ class CategorySerializer < BasicCategorySerializer
true
end
def is_special
[SiteSetting.lounge_category_id, SiteSetting.meta_category_id, SiteSetting.staff_category_id, SiteSetting.uncategorized_category_id]
.include? object.id
end
def include_can_delete?
scope && scope.can_delete?(object)
end

View File

@ -1539,6 +1539,7 @@ en:
change_in_category_topic: "Edit Description"
already_used: 'This color has been used by another category'
security: "Security"
special_warning: "Warning: This category is a pre-seeded category and the security settings cannot be edited. If you do not wish to use this category, delete it instead of repurposing it."
images: "Images"
auto_close_label: "Auto-close topics after:"
auto_close_units: "hours"

View File

@ -418,9 +418,6 @@ posting:
newuser_max_attachments:
client: true
default: 0
uncategorized_category_id:
default: -1
hidden: true
post_excerpt_maxlength: 300
display_name_on_posts:
client: true
@ -922,14 +919,15 @@ uncategorized:
lounge_category_id:
default: -1
hidden: true
meta_category_id:
default: -1
hidden: true
staff_category_id:
default: -1
hidden: true
uncategorized_category_id:
default: -1
hidden: true
performance_report_topic_id:
default: -1