work in progress, add fidelity to category group permissions (full, create posts, readonly)
This commit is contained in:
parent
8d947535a8
commit
ecf17cfebb
|
@ -101,14 +101,12 @@ Discourse.EditCategoryController = Discourse.ObjectController.extend(Discourse.M
|
||||||
return false;
|
return false;
|
||||||
},
|
},
|
||||||
|
|
||||||
addGroup: function(){
|
addPermission: function(group, permission_id){
|
||||||
this.get('model').addGroup(this.get("selectedGroup"));
|
this.get('model').addPermission({group_name: group + "", permission: Discourse.PermissionType.create({id: permission_id})});
|
||||||
},
|
},
|
||||||
|
|
||||||
removeGroup: function(group){
|
removePermission: function(permission){
|
||||||
// OBVIOUS, Ember treats this as Ember.String, we need a real string here
|
this.get('model').removePermission(permission);
|
||||||
group = group + "";
|
|
||||||
this.get('model').removeGroup(group);
|
|
||||||
},
|
},
|
||||||
|
|
||||||
saveCategory: function() {
|
saveCategory: function() {
|
||||||
|
|
|
@ -11,9 +11,21 @@ Discourse.Category = Discourse.Model.extend({
|
||||||
init: function() {
|
init: function() {
|
||||||
this._super();
|
this._super();
|
||||||
this.set("availableGroups", Em.A(this.get("available_groups")));
|
this.set("availableGroups", Em.A(this.get("available_groups")));
|
||||||
this.set("groups", Em.A(this.groups));
|
this.set("permissions", Em.A(_.map(this.group_permissions, function(elem){
|
||||||
|
return {
|
||||||
|
group_name: elem.group_name,
|
||||||
|
permission: Discourse.PermissionType.create({id: elem.permission_type})
|
||||||
|
};
|
||||||
|
})));
|
||||||
},
|
},
|
||||||
|
|
||||||
|
availablePermissions: function(){
|
||||||
|
return [ Discourse.PermissionType.create({id: Discourse.PermissionType.FULL}),
|
||||||
|
Discourse.PermissionType.create({id: Discourse.PermissionType.CREATE_POST}),
|
||||||
|
Discourse.PermissionType.create({id: Discourse.PermissionType.READONLY})
|
||||||
|
];
|
||||||
|
}.property(),
|
||||||
|
|
||||||
searchContext: function() {
|
searchContext: function() {
|
||||||
return ({ type: 'category', id: this.get('id'), category: this });
|
return ({ type: 'category', id: this.get('id'), category: this });
|
||||||
}.property('id'),
|
}.property('id'),
|
||||||
|
@ -37,15 +49,20 @@ Discourse.Category = Discourse.Model.extend({
|
||||||
}
|
}
|
||||||
|
|
||||||
return Discourse.ajax(url, {
|
return Discourse.ajax(url, {
|
||||||
data: {
|
contentType: 'application/json',
|
||||||
|
dataType: 'json',
|
||||||
|
data: JSON.stringify({
|
||||||
name: this.get('name'),
|
name: this.get('name'),
|
||||||
color: this.get('color'),
|
color: this.get('color'),
|
||||||
text_color: this.get('text_color'),
|
text_color: this.get('text_color'),
|
||||||
hotness: this.get('hotness'),
|
hotness: this.get('hotness'),
|
||||||
secure: this.get('secure'),
|
secure: this.get('secure'),
|
||||||
group_names: this.get('groups').join(","),
|
permissions: _.map(
|
||||||
|
this.get('permissions'), function(p){
|
||||||
|
return { group_name: p.group_name, permission_type: p.permission.id};
|
||||||
|
}),
|
||||||
auto_close_days: this.get('auto_close_days')
|
auto_close_days: this.get('auto_close_days')
|
||||||
},
|
}),
|
||||||
type: this.get('id') ? 'PUT' : 'POST'
|
type: this.get('id') ? 'PUT' : 'POST'
|
||||||
});
|
});
|
||||||
},
|
},
|
||||||
|
@ -54,22 +71,30 @@ Discourse.Category = Discourse.Model.extend({
|
||||||
return Discourse.ajax("/categories/" + (this.get('slug') || this.get('id')), { type: 'DELETE' });
|
return Discourse.ajax("/categories/" + (this.get('slug') || this.get('id')), { type: 'DELETE' });
|
||||||
},
|
},
|
||||||
|
|
||||||
addGroup: function(group){
|
addPermission: function(permission){
|
||||||
this.get("groups").addObject(group);
|
this.get("permissions").addObject(permission);
|
||||||
this.get("availableGroups").removeObject(group);
|
this.get("availableGroups").removeObject(permission.group_name);
|
||||||
},
|
},
|
||||||
|
|
||||||
|
|
||||||
removeGroup: function(group){
|
removePermission: function(permission){
|
||||||
this.get("groups").removeObject(group);
|
this.get("permissions").removeObject(permission);
|
||||||
this.get("availableGroups").addObject(group);
|
this.get("availableGroups").addObject(permission.group_name);
|
||||||
},
|
},
|
||||||
|
|
||||||
// note, this is used in a data attribute, data attributes get downcased
|
// note, this is used in a data attribute, data attributes get downcased
|
||||||
// to avoid confusion later on using this naming here.
|
// to avoid confusion later on using this naming here.
|
||||||
description_text: function(){
|
description_text: function(){
|
||||||
return $("<div>" + this.get("description") + "</div>").text();
|
return $("<div>" + this.get("description") + "</div>").text();
|
||||||
}.property("description")
|
}.property("description"),
|
||||||
|
|
||||||
|
permissions: function(){
|
||||||
|
return Em.A([
|
||||||
|
{group_name: "everyone", permission: Discourse.PermissionType.create({id: 1})},
|
||||||
|
{group_name: "admins", permission: Discourse.PermissionType.create({id: 2}) },
|
||||||
|
{group_name: "crap", permission: Discourse.PermissionType.create({id: 3}) }
|
||||||
|
]);
|
||||||
|
}.property()
|
||||||
|
|
||||||
});
|
});
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,23 @@
|
||||||
|
|
||||||
|
Discourse.PermissionType = Discourse.Model.extend({
|
||||||
|
description: function(){
|
||||||
|
var key = "";
|
||||||
|
|
||||||
|
switch(this.get("id")){
|
||||||
|
case 1:
|
||||||
|
key = "full";
|
||||||
|
break;
|
||||||
|
case 2:
|
||||||
|
key = "create_post";
|
||||||
|
break;
|
||||||
|
case 3:
|
||||||
|
key = "readonly";
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
return I18n.t("permission_types." + key);
|
||||||
|
}.property("id")
|
||||||
|
});
|
||||||
|
|
||||||
|
Discourse.PermissionType.FULL = 1;
|
||||||
|
Discourse.PermissionType.CREATE_POST = 2;
|
||||||
|
Discourse.PermissionType.READONLY = 3;
|
|
@ -60,25 +60,18 @@
|
||||||
{{#unless isUncategorized}}
|
{{#unless isUncategorized}}
|
||||||
<div {{bindAttr class=":modal-tab :options-tab securitySelected::invisible"}}>
|
<div {{bindAttr class=":modal-tab :options-tab securitySelected::invisible"}}>
|
||||||
<section class='field'>
|
<section class='field'>
|
||||||
<label>
|
<ul>
|
||||||
{{input type="checkbox" checked=secure}}
|
{{#each permissions}}
|
||||||
{{i18n category.is_secure}}
|
<li>
|
||||||
</label>
|
<span class="badge-group">{{group_name}}</span>
|
||||||
{{#if secure}}
|
<span class="permission">{{permission.description}}</span>
|
||||||
<div class="secure-category-options">
|
<a {{action removePermission this}}><i class="icon icon-remove-sign"></i></a>
|
||||||
<label>{{i18n category.allowed_groups}}</label>
|
</li>
|
||||||
<ul class="badge-list">
|
{{/each}}
|
||||||
{{#each groups}}
|
</ul>
|
||||||
<li class="badge-group">
|
{{view Ember.Select contentBinding="availableGroups" valueBinding="selectedGroup"}}
|
||||||
{{this}}
|
{{view Ember.Select optionValuePath="content.id" optionLabelPath="content.description" contentBinding="availablePermissions" valueBinding="selectedPermission"}}
|
||||||
<a {{action removeGroup this}}><i class="icon icon-remove-sign"></i></a>
|
<button {{action addPermission selectedGroup selectedPermission}} class="btn btn-small">{{i18n category.add_group}}</button>
|
||||||
</li>
|
|
||||||
{{/each}}
|
|
||||||
</ul>
|
|
||||||
{{view Ember.Select contentBinding="availableGroups" valueBinding="selectedGroup"}}
|
|
||||||
<button {{action addGroup}} class="btn btn-small">{{i18n category.add_group}}</button>
|
|
||||||
</div>
|
|
||||||
{{/if}}
|
|
||||||
</section>
|
</section>
|
||||||
</div>
|
</div>
|
||||||
<div {{bindAttr class=":modal-tab :options-tab settingsSelected::invisible"}}>
|
<div {{bindAttr class=":modal-tab :options-tab settingsSelected::invisible"}}>
|
||||||
|
|
|
@ -102,7 +102,7 @@ class ApplicationController < ActionController::Base
|
||||||
guardian.current_user.sync_notification_channel_position
|
guardian.current_user.sync_notification_channel_position
|
||||||
end
|
end
|
||||||
|
|
||||||
store_preloaded("site", Site.cached_json(current_user))
|
store_preloaded("site", Site.cached_json(guardian))
|
||||||
|
|
||||||
if current_user.present?
|
if current_user.present?
|
||||||
store_preloaded("currentUser", MultiJson.dump(CurrentUserSerializer.new(current_user, root: false)))
|
store_preloaded("currentUser", MultiJson.dump(CurrentUserSerializer.new(current_user, root: false)))
|
||||||
|
|
|
@ -53,7 +53,7 @@ class CategoriesController < ApplicationController
|
||||||
end
|
end
|
||||||
|
|
||||||
def category_param_keys
|
def category_param_keys
|
||||||
[required_param_keys, :hotness, :secure, :group_names, :auto_close_days].flatten!
|
[required_param_keys, :hotness, :read_restricted, :permissions, :auto_close_days].flatten!
|
||||||
end
|
end
|
||||||
|
|
||||||
def category_params
|
def category_params
|
||||||
|
|
|
@ -22,6 +22,7 @@ class Category < ActiveRecord::Base
|
||||||
|
|
||||||
before_validation :ensure_slug
|
before_validation :ensure_slug
|
||||||
after_save :invalidate_site_cache
|
after_save :invalidate_site_cache
|
||||||
|
before_save :apply_permissions
|
||||||
after_create :create_category_definition
|
after_create :create_category_definition
|
||||||
after_create :publish_categories_list
|
after_create :publish_categories_list
|
||||||
after_destroy :invalidate_site_cache
|
after_destroy :invalidate_site_cache
|
||||||
|
@ -34,16 +35,49 @@ class Category < ActiveRecord::Base
|
||||||
scope :secured, ->(guardian = nil) {
|
scope :secured, ->(guardian = nil) {
|
||||||
ids = guardian.secure_category_ids if guardian
|
ids = guardian.secure_category_ids if guardian
|
||||||
if ids.present?
|
if ids.present?
|
||||||
where("NOT categories.secure or categories.id in (:cats)", cats: ids)
|
where("NOT categories.read_restricted or categories.id in (:cats)", cats: ids)
|
||||||
else
|
else
|
||||||
where("NOT categories.secure")
|
where("NOT categories.read_restricted")
|
||||||
end
|
end
|
||||||
}
|
}
|
||||||
|
|
||||||
|
scope :topic_create_allowed, ->(guardian) {
|
||||||
|
scoped_to_permissions(guardian, [:full])
|
||||||
|
}
|
||||||
|
|
||||||
|
scope :post_create_allowed, ->(guardian) {
|
||||||
|
scoped_to_permissions(guardian, [:create_post, :full])
|
||||||
|
}
|
||||||
delegate :post_template, to: 'self.class'
|
delegate :post_template, to: 'self.class'
|
||||||
|
|
||||||
attr_accessor :displayable_topics
|
attr_accessor :displayable_topics
|
||||||
|
|
||||||
|
|
||||||
|
def self.scoped_to_permissions(guardian, permission_types)
|
||||||
|
if guardian && guardian.is_staff?
|
||||||
|
scoped
|
||||||
|
else
|
||||||
|
permission_types = permission_types.map{ |permission_type|
|
||||||
|
CategoryGroup.permission_types[permission_type]
|
||||||
|
}
|
||||||
|
where("categories.id in (
|
||||||
|
SELECT c.id FROM categories c
|
||||||
|
WHERE (
|
||||||
|
NOT c.read_restricted AND
|
||||||
|
NOT EXISTS(
|
||||||
|
SELECT 1 FROM category_groups cg WHERE cg.category_id = categories.id )
|
||||||
|
) OR EXISTS(
|
||||||
|
SELECT 1 FROM category_groups cg
|
||||||
|
WHERE permission_type in (?) AND
|
||||||
|
cg.category_id = categories.id AND
|
||||||
|
group_id IN (
|
||||||
|
SELECT g.group_id FROM group_users g where g.user_id = ?
|
||||||
|
)
|
||||||
|
)
|
||||||
|
)", permission_types,(!guardian || guardian.user.blank?) ? -1 : guardian.user.id)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
# Internal: Update category stats: # of topics in past year, month, week for
|
# Internal: Update category stats: # of topics in past year, month, week for
|
||||||
# all categories.
|
# all categories.
|
||||||
def self.update_stats
|
def self.update_stats
|
||||||
|
@ -119,28 +153,65 @@ class Category < ActiveRecord::Base
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def deny(group)
|
# will reset permission on a topic to a particular
|
||||||
if group == :all
|
# set.
|
||||||
self.secure = true
|
#
|
||||||
end
|
# Available permissions are, :full, :create_post, :readonly
|
||||||
|
# hash can be:
|
||||||
|
#
|
||||||
|
# :everyone => :full - everyone has everything
|
||||||
|
# :everyone => :readonly, :staff => :full
|
||||||
|
# 7 => 1 # you can pass a group_id and permission id
|
||||||
|
def set_permissions(permissions)
|
||||||
|
self.read_restricted, @permissions = Category.resolve_permissions(permissions)
|
||||||
|
|
||||||
|
# Ideally we can just call .clear here, but it runs SQL, we only want to run it
|
||||||
|
# on save.
|
||||||
end
|
end
|
||||||
|
|
||||||
def allow(group)
|
def apply_permissions
|
||||||
if group == :all
|
if @permissions
|
||||||
self.secure = false
|
category_groups.destroy_all
|
||||||
# this is kind of annoying, there should be a clean way of queuing this stuff
|
@permissions.each do |group_id, permission_type|
|
||||||
category_groups.destroy_all unless new_record?
|
category_groups.build(group_id: group_id, permission_type: permission_type)
|
||||||
else
|
end
|
||||||
groups.push(group)
|
@permissions = nil
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def secure_group_ids
|
def secure_group_ids
|
||||||
if self.secure
|
if self.read_restricted?
|
||||||
groups.pluck("groups.id")
|
groups.pluck("groups.id")
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
||||||
|
def self.resolve_permissions(permissions)
|
||||||
|
read_restricted = true
|
||||||
|
|
||||||
|
everyone = Group::AUTO_GROUPS[:everyone]
|
||||||
|
full = CategoryGroup.permission_types[:full]
|
||||||
|
|
||||||
|
mapped = permissions.map do |group,permission|
|
||||||
|
group = group.id if Group === group
|
||||||
|
|
||||||
|
# subtle, using Group[] ensures the group exists in the DB
|
||||||
|
group = Group[group].id unless Fixnum === group
|
||||||
|
permission = CategoryGroup.permission_types[permission] unless Fixnum === permission
|
||||||
|
|
||||||
|
[group, permission]
|
||||||
|
end
|
||||||
|
|
||||||
|
mapped.each do |group, permission|
|
||||||
|
if group == everyone && permission == full
|
||||||
|
return [false, []]
|
||||||
|
end
|
||||||
|
|
||||||
|
read_restricted = false if group == everyone
|
||||||
|
end
|
||||||
|
|
||||||
|
[read_restricted, mapped]
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
# == Schema Information
|
# == Schema Information
|
||||||
|
@ -162,7 +233,7 @@ end
|
||||||
# description :text
|
# description :text
|
||||||
# text_color :string(6) default("FFFFFF"), not null
|
# text_color :string(6) default("FFFFFF"), not null
|
||||||
# hotness :float default(5.0), not null
|
# hotness :float default(5.0), not null
|
||||||
# secure :boolean default(FALSE), not null
|
# read_restricted :boolean default(FALSE), not null
|
||||||
# auto_close_days :float
|
# auto_close_days :float
|
||||||
#
|
#
|
||||||
# Indexes
|
# Indexes
|
||||||
|
|
|
@ -1,16 +1,22 @@
|
||||||
class CategoryGroup < ActiveRecord::Base
|
class CategoryGroup < ActiveRecord::Base
|
||||||
belongs_to :category
|
belongs_to :category
|
||||||
belongs_to :group
|
belongs_to :group
|
||||||
|
|
||||||
|
def self.permission_types
|
||||||
|
@permission_types ||= Enum.new(:full, :create_post, :readonly)
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
||||||
# == Schema Information
|
# == Schema Information
|
||||||
#
|
#
|
||||||
# Table name: category_groups
|
# Table name: category_groups
|
||||||
#
|
#
|
||||||
# id :integer not null, primary key
|
# id :integer not null, primary key
|
||||||
# category_id :integer not null
|
# category_id :integer not null
|
||||||
# group_id :integer not null
|
# group_id :integer not null
|
||||||
# created_at :datetime not null
|
# created_at :datetime not null
|
||||||
# updated_at :datetime not null
|
# updated_at :datetime not null
|
||||||
|
# permission_type :integer default(1)
|
||||||
#
|
#
|
||||||
|
|
||||||
|
|
|
@ -10,6 +10,7 @@ class Group < ActiveRecord::Base
|
||||||
validate :name_format_validator
|
validate :name_format_validator
|
||||||
|
|
||||||
AUTO_GROUPS = {
|
AUTO_GROUPS = {
|
||||||
|
:everyone => 0,
|
||||||
:admins => 1,
|
:admins => 1,
|
||||||
:moderators => 2,
|
:moderators => 2,
|
||||||
:staff => 3,
|
:staff => 3,
|
||||||
|
@ -34,6 +35,10 @@ class Group < ActiveRecord::Base
|
||||||
group.save!
|
group.save!
|
||||||
end
|
end
|
||||||
|
|
||||||
|
# the everyone group is special, it can include non-users so there is no
|
||||||
|
# way to have the membership in a table
|
||||||
|
return group if name == :everyone
|
||||||
|
|
||||||
group.name = I18n.t("groups.default_names.#{name}")
|
group.name = I18n.t("groups.default_names.#{name}")
|
||||||
|
|
||||||
# don't allow shoddy localization to break this
|
# don't allow shoddy localization to break this
|
||||||
|
|
|
@ -59,6 +59,7 @@ end
|
||||||
# created_at :datetime not null
|
# created_at :datetime not null
|
||||||
# updated_at :datetime not null
|
# updated_at :datetime not null
|
||||||
# deleted_at :datetime
|
# deleted_at :datetime
|
||||||
|
# deleted_by_id :integer
|
||||||
#
|
#
|
||||||
# Indexes
|
# Indexes
|
||||||
#
|
#
|
||||||
|
|
|
@ -412,6 +412,8 @@ end
|
||||||
# percent_rank :float default(1.0)
|
# percent_rank :float default(1.0)
|
||||||
# notify_user_count :integer default(0), not null
|
# notify_user_count :integer default(0), not null
|
||||||
# like_score :integer default(0), not null
|
# like_score :integer default(0), not null
|
||||||
|
# deleted_by_id :integer
|
||||||
|
# nuked_user :boolean default(FALSE)
|
||||||
#
|
#
|
||||||
# Indexes
|
# Indexes
|
||||||
#
|
#
|
||||||
|
|
|
@ -27,7 +27,7 @@ class Site
|
||||||
|
|
||||||
def categories
|
def categories
|
||||||
Category
|
Category
|
||||||
.secured(@guardian)
|
.topic_create_allowed(@guardian)
|
||||||
.latest
|
.latest
|
||||||
.includes(:topic_only_relative_url)
|
.includes(:topic_only_relative_url)
|
||||||
end
|
end
|
||||||
|
|
|
@ -103,9 +103,9 @@ class Topic < ActiveRecord::Base
|
||||||
# Query conditions
|
# Query conditions
|
||||||
condition =
|
condition =
|
||||||
if ids.present?
|
if ids.present?
|
||||||
["NOT c.secure or c.id in (:cats)", cats: ids]
|
["NOT c.read_restricted or c.id in (:cats)", cats: ids]
|
||||||
else
|
else
|
||||||
["NOT c.secure"]
|
["NOT c.read_restricted"]
|
||||||
end
|
end
|
||||||
|
|
||||||
where("category_id IS NULL OR category_id IN (
|
where("category_id IS NULL OR category_id IN (
|
||||||
|
@ -629,8 +629,8 @@ class Topic < ActiveRecord::Base
|
||||||
self
|
self
|
||||||
end
|
end
|
||||||
|
|
||||||
def secure_category?
|
def read_restricted_category?
|
||||||
category && category.secure
|
category && category.read_restricted
|
||||||
end
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
@ -692,6 +692,7 @@ end
|
||||||
# auto_close_at :datetime
|
# auto_close_at :datetime
|
||||||
# auto_close_user_id :integer
|
# auto_close_user_id :integer
|
||||||
# auto_close_started_at :datetime
|
# auto_close_started_at :datetime
|
||||||
|
# deleted_by_id :integer
|
||||||
#
|
#
|
||||||
# Indexes
|
# Indexes
|
||||||
#
|
#
|
||||||
|
|
|
@ -113,11 +113,11 @@ class TopicTrackingState
|
||||||
((#{unread}) OR (#{new})) AND
|
((#{unread}) OR (#{new})) AND
|
||||||
(topics.visible OR u.admin OR u.moderator) AND
|
(topics.visible OR u.admin OR u.moderator) AND
|
||||||
topics.deleted_at IS NULL AND
|
topics.deleted_at IS NULL AND
|
||||||
( category_id IS NULL OR NOT c.secure OR category_id IN (
|
( category_id IS NULL OR NOT c.read_restricted OR category_id IN (
|
||||||
SELECT c2.id FROM categories c2
|
SELECT c2.id FROM categories c2
|
||||||
JOIN category_groups cg ON cg.category_id = c2.id
|
JOIN category_groups cg ON cg.category_id = c2.id
|
||||||
JOIN group_users gu ON gu.user_id = u.id AND cg.group_id = gu.group_id
|
JOIN group_users gu ON gu.user_id = u.id AND cg.group_id = gu.group_id
|
||||||
WHERE c2.secure )
|
WHERE c2.read_restricted )
|
||||||
)
|
)
|
||||||
|
|
||||||
SQL
|
SQL
|
||||||
|
|
|
@ -486,10 +486,14 @@ class User < ActiveRecord::Base
|
||||||
end
|
end
|
||||||
|
|
||||||
def secure_category_ids
|
def secure_category_ids
|
||||||
cats = self.staff? ? Category.select(:id).where(secure: true) : secure_categories.select('categories.id')
|
cats = self.staff? ? Category.select(:id).where(read_restricted: true) : secure_categories.select('categories.id')
|
||||||
cats.map { |c| c.id }.sort
|
cats.map { |c| c.id }.sort
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def topic_create_allowed_category_ids
|
||||||
|
Category.topic_create_allowed(self.id).select(:id)
|
||||||
|
end
|
||||||
|
|
||||||
# Flag all posts from a user as spam
|
# Flag all posts from a user as spam
|
||||||
def flag_linked_posts_as_spam
|
def flag_linked_posts_as_spam
|
||||||
admin = Discourse.system_user
|
admin = Discourse.system_user
|
||||||
|
@ -660,6 +664,7 @@ end
|
||||||
# topic_reply_count :integer default(0), not null
|
# topic_reply_count :integer default(0), not null
|
||||||
# blocked :boolean default(FALSE)
|
# blocked :boolean default(FALSE)
|
||||||
# dynamic_favicon :boolean default(FALSE), not null
|
# dynamic_favicon :boolean default(FALSE), not null
|
||||||
|
# title :string(255)
|
||||||
#
|
#
|
||||||
# Indexes
|
# Indexes
|
||||||
#
|
#
|
||||||
|
|
|
@ -179,7 +179,7 @@ ORDER BY p.created_at desc
|
||||||
|
|
||||||
# move into Topic perhaps
|
# move into Topic perhaps
|
||||||
group_ids = nil
|
group_ids = nil
|
||||||
if topic && topic.category && topic.category.secure
|
if topic && topic.category && topic.category.read_restricted
|
||||||
group_ids = topic.category.groups.pluck("groups.id")
|
group_ids = topic.category.groups.pluck("groups.id")
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -232,11 +232,11 @@ ORDER BY p.created_at desc
|
||||||
unless guardian.is_staff?
|
unless guardian.is_staff?
|
||||||
allowed = guardian.secure_category_ids
|
allowed = guardian.secure_category_ids
|
||||||
if allowed.present?
|
if allowed.present?
|
||||||
builder.where("( c.secure IS NULL OR
|
builder.where("( c.read_restricted IS NULL OR
|
||||||
c.secure = 'f' OR
|
NOT c.read_restricted OR
|
||||||
(c.secure = 't' and c.id in (:cats)) )", cats: guardian.secure_category_ids )
|
(c.read_restricted and c.id in (:cats)) )", cats: guardian.secure_category_ids )
|
||||||
else
|
else
|
||||||
builder.where("(c.secure IS NULL OR c.secure = 'f')")
|
builder.where("(c.read_restricted IS NULL OR NOT c.read_restricted)")
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -9,6 +9,6 @@ class BasicCategorySerializer < ApplicationSerializer
|
||||||
:description,
|
:description,
|
||||||
:topic_url,
|
:topic_url,
|
||||||
:hotness,
|
:hotness,
|
||||||
:secure
|
:read_restricted
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -1,13 +1,24 @@
|
||||||
class CategorySerializer < BasicCategorySerializer
|
class CategorySerializer < BasicCategorySerializer
|
||||||
|
|
||||||
attributes :secure, :groups, :available_groups, :auto_close_days
|
attributes :read_restricted, :groups, :available_groups, :auto_close_days, :group_permissions
|
||||||
|
|
||||||
def groups
|
def group_permissions
|
||||||
@groups ||= object.groups.order("name").all.map(&:name)
|
@group_permissions ||= begin
|
||||||
|
perms = object.category_groups.joins(:group).order("groups.name").map do |cg|
|
||||||
|
{
|
||||||
|
permission_type: cg.permission_type,
|
||||||
|
group_name: cg.group.name
|
||||||
|
}
|
||||||
|
end
|
||||||
|
if perms.length == 0 && !object.read_restricted
|
||||||
|
perms << {permission_type: CategoryGroup.permission_types[:full], group_name: :everyone}
|
||||||
|
end
|
||||||
|
perms
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def available_groups
|
def available_groups
|
||||||
Group.order("name").map(&:name) - groups
|
Group.order("name").pluck(:name) - group_permissions.map{|g| g[:group_name]}
|
||||||
end
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -999,6 +999,11 @@ en:
|
||||||
|
|
||||||
browser_update: 'Unfortunately, <a href="http://www.discourse.org/faq/#browser">your browser is too old to work on this Discourse forum</a>. Please <a href="http://browsehappy.com">upgrade your browser</a>.'
|
browser_update: 'Unfortunately, <a href="http://www.discourse.org/faq/#browser">your browser is too old to work on this Discourse forum</a>. Please <a href="http://browsehappy.com">upgrade your browser</a>.'
|
||||||
|
|
||||||
|
permission_types:
|
||||||
|
full: "Create Topics, Create Posts and Read"
|
||||||
|
create_post: "Create Posts and Read"
|
||||||
|
readonly: "Read Only"
|
||||||
|
|
||||||
# This section is exported to the javascript for i18n in the admin section
|
# This section is exported to the javascript for i18n in the admin section
|
||||||
admin_js:
|
admin_js:
|
||||||
type_to_filter: "type to filter..."
|
type_to_filter: "type to filter..."
|
||||||
|
@ -1245,3 +1250,4 @@ en:
|
||||||
title: 'Settings'
|
title: 'Settings'
|
||||||
reset: 'reset to default'
|
reset: 'reset to default'
|
||||||
none: 'none'
|
none: 'none'
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,9 @@
|
||||||
|
class AddPermissionTypeToCategoryGroups < ActiveRecord::Migration
|
||||||
|
def change
|
||||||
|
# 1 is full permissions
|
||||||
|
add_column :category_groups, :permission_type, :integer, default: 1
|
||||||
|
|
||||||
|
# secure is ambiguous after this change, it should be read_restricted
|
||||||
|
rename_column :categories, :secure, :read_restricted
|
||||||
|
end
|
||||||
|
end
|
|
@ -7,6 +7,7 @@ class Guardian
|
||||||
def staff?; false; end
|
def staff?; false; end
|
||||||
def approved?; false; end
|
def approved?; false; end
|
||||||
def secure_category_ids; []; end
|
def secure_category_ids; []; end
|
||||||
|
def topic_create_allowed_category_ids; []; end
|
||||||
def has_trust_level?(level); false; end
|
def has_trust_level?(level); false; end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -328,7 +329,7 @@ class Guardian
|
||||||
topic.deleted_at.nil? &&
|
topic.deleted_at.nil? &&
|
||||||
|
|
||||||
# not secure, or I can see it
|
# not secure, or I can see it
|
||||||
(not(topic.secure_category?) || can_see_category?(topic.category)) &&
|
(not(topic.read_restricted_category?) || can_see_category?(topic.category)) &&
|
||||||
|
|
||||||
# not private, or I am allowed (or an admin)
|
# not private, or I am allowed (or an admin)
|
||||||
(not(topic.private_message?) || authenticated? && (topic.all_allowed_users.where(id: @user.id).exists? || is_admin?))
|
(not(topic.private_message?) || authenticated? && (topic.all_allowed_users.where(id: @user.id).exists? || is_admin?))
|
||||||
|
@ -340,7 +341,7 @@ class Guardian
|
||||||
end
|
end
|
||||||
|
|
||||||
def can_see_category?(category)
|
def can_see_category?(category)
|
||||||
not(category.secure) || secure_category_ids.include?(category.id)
|
not(category.read_restricted) || secure_category_ids.include?(category.id)
|
||||||
end
|
end
|
||||||
|
|
||||||
def can_vote?(post, opts={})
|
def can_vote?(post, opts={})
|
||||||
|
@ -378,6 +379,10 @@ class Guardian
|
||||||
@secure_category_ids ||= @user.secure_category_ids
|
@secure_category_ids ||= @user.secure_category_ids
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def topic_create_allowed_category_ids
|
||||||
|
@topic_create_allowed_category_ids ||= @user.topic_create_allowed_category_ids
|
||||||
|
end
|
||||||
|
|
||||||
private
|
private
|
||||||
|
|
||||||
def is_my_own?(obj)
|
def is_my_own?(obj)
|
||||||
|
|
|
@ -116,7 +116,7 @@ class PostCreator
|
||||||
protected
|
protected
|
||||||
|
|
||||||
def secure_group_ids(topic)
|
def secure_group_ids(topic)
|
||||||
@secure_group_ids ||= if topic.category && topic.category.secure?
|
@secure_group_ids ||= if topic.category && topic.category.read_restricted?
|
||||||
topic.category.secure_group_ids
|
topic.category.secure_group_ids
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -160,9 +160,9 @@ class Search
|
||||||
.order("topics.bumped_at DESC")
|
.order("topics.bumped_at DESC")
|
||||||
|
|
||||||
if secure_category_ids.present?
|
if secure_category_ids.present?
|
||||||
posts = posts.where("(categories.id IS NULL) OR (NOT categories.secure) OR (categories.id IN (?))", secure_category_ids)
|
posts = posts.where("(categories.id IS NULL) OR (NOT categories.read_restricted) OR (categories.id IN (?))", secure_category_ids)
|
||||||
else
|
else
|
||||||
posts = posts.where("(categories.id IS NULL) OR (NOT categories.secure)")
|
posts = posts.where("(categories.id IS NULL) OR (NOT categories.read_restricted)")
|
||||||
end
|
end
|
||||||
posts.limit(limit)
|
posts.limit(limit)
|
||||||
end
|
end
|
||||||
|
|
|
@ -18,9 +18,9 @@ class SqlBuilder
|
||||||
|
|
||||||
def secure_category(secure_category_ids, category_alias = 'c')
|
def secure_category(secure_category_ids, category_alias = 'c')
|
||||||
if secure_category_ids.present?
|
if secure_category_ids.present?
|
||||||
where("NOT COALESCE(" << category_alias << ".secure, false) OR " << category_alias << ".id IN (:secure_category_ids)", secure_category_ids: secure_category_ids)
|
where("NOT COALESCE(" << category_alias << ".read_restricted, false) OR " << category_alias << ".id IN (:secure_category_ids)", secure_category_ids: secure_category_ids)
|
||||||
else
|
else
|
||||||
where("NOT COALESCE(" << category_alias << ".secure, false)")
|
where("NOT COALESCE(" << category_alias << ".read_restricted, false)")
|
||||||
end
|
end
|
||||||
self
|
self
|
||||||
end
|
end
|
||||||
|
|
|
@ -239,9 +239,9 @@ class TopicQuery
|
||||||
unless @user && @user.moderator?
|
unless @user && @user.moderator?
|
||||||
category_ids = @user.secure_category_ids if @user
|
category_ids = @user.secure_category_ids if @user
|
||||||
if category_ids.present?
|
if category_ids.present?
|
||||||
result = result.where('categories.secure IS NULL OR categories.secure = ? OR categories.id IN (?)', false, category_ids)
|
result = result.where('categories.read_restricted IS NULL OR categories.read_restricted = ? OR categories.id IN (?)', false, category_ids)
|
||||||
else
|
else
|
||||||
result = result.where('categories.secure IS NULL OR categories.secure = ?', false)
|
result = result.where('categories.read_restricted IS NULL OR categories.read_restricted = ?', false)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -41,8 +41,7 @@ describe CategoryList do
|
||||||
|
|
||||||
cat = Fabricate(:category)
|
cat = Fabricate(:category)
|
||||||
topic = Fabricate(:topic, category: cat)
|
topic = Fabricate(:topic, category: cat)
|
||||||
cat.deny(:all)
|
cat.set_permissions(:admins => :full)
|
||||||
cat.allow(Group[:admins])
|
|
||||||
cat.save
|
cat.save
|
||||||
|
|
||||||
CategoryList.new(Guardian.new admin).categories.count.should == 1
|
CategoryList.new(Guardian.new admin).categories.count.should == 1
|
||||||
|
|
|
@ -215,8 +215,9 @@ describe Guardian do
|
||||||
|
|
||||||
it 'correctly handles groups' do
|
it 'correctly handles groups' do
|
||||||
group = Fabricate(:group)
|
group = Fabricate(:group)
|
||||||
category = Fabricate(:category, secure: true)
|
category = Fabricate(:category, read_restricted: true)
|
||||||
category.allow(group)
|
category.set_permissions(group => :full)
|
||||||
|
category.save
|
||||||
|
|
||||||
topic = Fabricate(:topic, category: category)
|
topic = Fabricate(:topic, category: category)
|
||||||
|
|
||||||
|
|
|
@ -62,8 +62,7 @@ describe PostCreator do
|
||||||
admin = Fabricate(:admin)
|
admin = Fabricate(:admin)
|
||||||
|
|
||||||
cat = Fabricate(:category)
|
cat = Fabricate(:category)
|
||||||
cat.deny(:all)
|
cat.set_permissions(:admins => :full)
|
||||||
cat.allow(Group[:admins])
|
|
||||||
cat.save
|
cat.save
|
||||||
|
|
||||||
created_post = nil
|
created_post = nil
|
||||||
|
|
|
@ -171,8 +171,7 @@ describe Search do
|
||||||
topic.category_id = category.id
|
topic.category_id = category.id
|
||||||
topic.save
|
topic.save
|
||||||
|
|
||||||
category.deny(:all)
|
category.set_permissions(:staff => :full)
|
||||||
category.allow(Group[:staff])
|
|
||||||
category.save
|
category.save
|
||||||
|
|
||||||
result(nil).should_not be_present
|
result(nil).should_not be_present
|
||||||
|
@ -211,7 +210,7 @@ describe Search do
|
||||||
r[:title].should == category.name
|
r[:title].should == category.name
|
||||||
r[:url].should == "/category/#{category.slug}"
|
r[:url].should == "/category/#{category.slug}"
|
||||||
|
|
||||||
category.deny(:all)
|
category.set_permissions({})
|
||||||
category.save
|
category.save
|
||||||
|
|
||||||
result.should_not be_present
|
result.should_not be_present
|
||||||
|
|
|
@ -14,9 +14,8 @@ describe TopicQuery do
|
||||||
context 'secure category' do
|
context 'secure category' do
|
||||||
it "filters categories out correctly" do
|
it "filters categories out correctly" do
|
||||||
category = Fabricate(:category)
|
category = Fabricate(:category)
|
||||||
category.deny(:all)
|
|
||||||
group = Fabricate(:group)
|
group = Fabricate(:group)
|
||||||
category.allow(group)
|
category.set_permissions(group => :full)
|
||||||
category.save
|
category.save
|
||||||
|
|
||||||
topic = Fabricate(:topic, category: category)
|
topic = Fabricate(:topic, category: category)
|
||||||
|
|
|
@ -134,11 +134,11 @@ describe CategoriesController do
|
||||||
|
|
||||||
describe 'success' do
|
describe 'success' do
|
||||||
before do
|
before do
|
||||||
# might as well test this as well
|
# might as well test this while at it
|
||||||
@category.allow(Group[:admins])
|
@category.set_permissions(:admins => :full)
|
||||||
@category.save
|
@category.save
|
||||||
|
|
||||||
xhr :put, :update, id: @category.id, name: 'science', color: '000', text_color: '0ff', group_names: Group[:staff].name, secure: 'true'
|
xhr :put, :update, id: @category.id, name: 'science', color: '000', text_color: '0ff', group_names: Group[:staff].name, read_restricted: 'true'
|
||||||
@category.reload
|
@category.reload
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -146,7 +146,7 @@ describe CategoriesController do
|
||||||
@category.name.should == 'science'
|
@category.name.should == 'science'
|
||||||
@category.color.should == '000'
|
@category.color.should == '000'
|
||||||
@category.text_color.should == '0ff'
|
@category.text_color.should == '0ff'
|
||||||
@category.secure?.should be_true
|
@category.read_restricted?.should be_true
|
||||||
@category.groups.count.should == 1
|
@category.groups.count.should == 1
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -15,8 +15,7 @@ describe CategoryFeaturedTopic do
|
||||||
# so much dancing, I am thinking fixures make sense here.
|
# so much dancing, I am thinking fixures make sense here.
|
||||||
user.change_trust_level!(:basic)
|
user.change_trust_level!(:basic)
|
||||||
|
|
||||||
category.deny(:all)
|
category.set_permissions(:trust_level_1 => :full)
|
||||||
category.allow(Group[:trust_level_1])
|
|
||||||
category.save
|
category.save
|
||||||
|
|
||||||
uncategorized_post = PostCreator.create(user, raw: "this is my new post 123 post", title: "hello world")
|
uncategorized_post = PostCreator.create(user, raw: "this is my new post 123 post", title: "hello world")
|
||||||
|
|
|
@ -18,6 +18,57 @@ describe Category do
|
||||||
it { should have_many :category_featured_topics }
|
it { should have_many :category_featured_topics }
|
||||||
it { should have_many :featured_topics }
|
it { should have_many :featured_topics }
|
||||||
|
|
||||||
|
|
||||||
|
describe "resolve_permissions" do
|
||||||
|
it "can determine read_restricted" do
|
||||||
|
read_restricted, resolved = Category.resolve_permissions(:everyone => :full)
|
||||||
|
|
||||||
|
read_restricted.should be_false
|
||||||
|
resolved.should == []
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
describe "topic_create_allowed and post_create_allowed" do
|
||||||
|
it "works" do
|
||||||
|
default_category = Fabricate(:category)
|
||||||
|
full_category = Fabricate(:category)
|
||||||
|
can_post_category = Fabricate(:category)
|
||||||
|
can_read_category = Fabricate(:category)
|
||||||
|
|
||||||
|
|
||||||
|
user = Fabricate(:user)
|
||||||
|
group = Fabricate(:group)
|
||||||
|
group.add(user)
|
||||||
|
group.save
|
||||||
|
|
||||||
|
admin = Fabricate(:admin)
|
||||||
|
|
||||||
|
full_category.set_permissions(group => :full)
|
||||||
|
full_category.save
|
||||||
|
|
||||||
|
can_post_category.set_permissions(group => :create_post)
|
||||||
|
can_post_category.save
|
||||||
|
|
||||||
|
can_read_category.set_permissions(group => :readonly)
|
||||||
|
can_read_category.save
|
||||||
|
|
||||||
|
guardian = Guardian.new(admin)
|
||||||
|
Category.topic_create_allowed(guardian).count.should == 4
|
||||||
|
Category.post_create_allowed(guardian).count.should == 4
|
||||||
|
Category.secured(guardian).count.should == 4
|
||||||
|
|
||||||
|
guardian = Guardian.new(user)
|
||||||
|
Category.secured(guardian).count.should == 4
|
||||||
|
Category.post_create_allowed(guardian).count.should == 3
|
||||||
|
Category.topic_create_allowed(guardian).count.should == 2 # explicitly allowed once, default allowed once
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
|
describe "post_create_allowed" do
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
describe "security" do
|
describe "security" do
|
||||||
let(:category) { Fabricate(:category) }
|
let(:category) { Fabricate(:category) }
|
||||||
let(:category_2) { Fabricate(:category) }
|
let(:category_2) { Fabricate(:category) }
|
||||||
|
@ -25,20 +76,20 @@ describe Category do
|
||||||
let(:group) { Fabricate(:group) }
|
let(:group) { Fabricate(:group) }
|
||||||
|
|
||||||
it "secures categories correctly" do
|
it "secures categories correctly" do
|
||||||
category.secure?.should be_false
|
category.read_restricted?.should be_false
|
||||||
|
|
||||||
category.deny(:all)
|
category.set_permissions({})
|
||||||
category.secure?.should be_true
|
category.read_restricted?.should be_true
|
||||||
|
|
||||||
category.allow(:all)
|
category.set_permissions(:everyone => :full)
|
||||||
category.secure?.should be_false
|
category.read_restricted?.should be_false
|
||||||
|
|
||||||
user.secure_categories.should be_empty
|
user.secure_categories.should be_empty
|
||||||
|
|
||||||
group.add(user)
|
group.add(user)
|
||||||
group.save
|
group.save
|
||||||
|
|
||||||
category.allow(group)
|
category.set_permissions(group.id => :full)
|
||||||
category.save
|
category.save
|
||||||
|
|
||||||
user.reload
|
user.reload
|
||||||
|
@ -47,13 +98,13 @@ describe Category do
|
||||||
|
|
||||||
it "lists all secured categories correctly" do
|
it "lists all secured categories correctly" do
|
||||||
group.add(user)
|
group.add(user)
|
||||||
category.allow(group)
|
category.set_permissions(group.id => :full)
|
||||||
|
category.save
|
||||||
|
category_2.set_permissions(group.id => :full)
|
||||||
|
category_2.save
|
||||||
|
|
||||||
Category.secured.should == [category]
|
Category.secured.should =~ []
|
||||||
|
Category.secured(Guardian.new(user)).should =~ [category, category_2]
|
||||||
category_2.allow(group)
|
|
||||||
|
|
||||||
Category.secured.should =~ [category, category_2]
|
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,16 @@
|
||||||
|
require 'spec_helper'
|
||||||
|
require_dependency 'site'
|
||||||
|
|
||||||
|
describe Site do
|
||||||
|
it "omits categories users can not write to from the category list" do
|
||||||
|
category = Fabricate(:category)
|
||||||
|
user = Fabricate(:user)
|
||||||
|
|
||||||
|
Site.new(Guardian.new(user)).categories.count.should == 1
|
||||||
|
|
||||||
|
category.set_permissions(:everyone => :create_post)
|
||||||
|
category.save
|
||||||
|
|
||||||
|
Site.new(Guardian.new(user)).categories.count.should == 0
|
||||||
|
end
|
||||||
|
end
|
|
@ -258,8 +258,7 @@ describe TopicLink do
|
||||||
TopicLink.topic_summary(Guardian.new, post.topic_id).count.should == 1
|
TopicLink.topic_summary(Guardian.new, post.topic_id).count.should == 1
|
||||||
TopicLink.counts_for(Guardian.new, post.topic, [post]).length.should == 1
|
TopicLink.counts_for(Guardian.new, post.topic, [post]).length.should == 1
|
||||||
|
|
||||||
category.deny(:all)
|
category.set_permissions(:staff => :full)
|
||||||
category.allow(Group[:staff])
|
|
||||||
category.save
|
category.save
|
||||||
|
|
||||||
admin = Fabricate(:admin)
|
admin = Fabricate(:admin)
|
||||||
|
|
|
@ -192,7 +192,7 @@ describe Topic do
|
||||||
context "secure categories" do
|
context "secure categories" do
|
||||||
|
|
||||||
let(:user) { Fabricate(:user) }
|
let(:user) { Fabricate(:user) }
|
||||||
let(:category) { Fabricate(:category, secure: true) }
|
let(:category) { Fabricate(:category, read_restricted: true) }
|
||||||
|
|
||||||
before do
|
before do
|
||||||
topic.category = category
|
topic.category = category
|
||||||
|
@ -1263,7 +1263,7 @@ describe Topic do
|
||||||
|
|
||||||
describe 'secured' do
|
describe 'secured' do
|
||||||
it 'can remove secure groups' do
|
it 'can remove secure groups' do
|
||||||
category = Fabricate(:category, secure: true)
|
category = Fabricate(:category, read_restricted: true)
|
||||||
topic = Fabricate(:topic, category: category)
|
topic = Fabricate(:topic, category: category)
|
||||||
|
|
||||||
Topic.secured(Guardian.new(nil)).count.should == 0
|
Topic.secured(Guardian.new(nil)).count.should == 0
|
||||||
|
@ -1280,17 +1280,17 @@ describe Topic do
|
||||||
let(:category){ Category.new }
|
let(:category){ Category.new }
|
||||||
|
|
||||||
it "is true if the category is secure" do
|
it "is true if the category is secure" do
|
||||||
category.stubs(:secure).returns(true)
|
category.stubs(:read_restricted).returns(true)
|
||||||
Topic.new(:category => category).should be_secure_category
|
Topic.new(:category => category).should be_read_restricted_category
|
||||||
end
|
end
|
||||||
|
|
||||||
it "is false if the category is not secure" do
|
it "is false if the category is not secure" do
|
||||||
category.stubs(:secure).returns(false)
|
category.stubs(:read_restricted).returns(false)
|
||||||
Topic.new(:category => category).should_not be_secure_category
|
Topic.new(:category => category).should_not be_read_restricted_category
|
||||||
end
|
end
|
||||||
|
|
||||||
it "is false if there is no category" do
|
it "is false if there is no category" do
|
||||||
Topic.new(:category => nil).should_not be_secure_category
|
Topic.new(:category => nil).should_not be_read_restricted_category
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -51,7 +51,7 @@ describe TopicTrackingState do
|
||||||
row.user_id.should == post.user_id
|
row.user_id.should == post.user_id
|
||||||
|
|
||||||
# when we have no permission to see a category, don't show its stats
|
# when we have no permission to see a category, don't show its stats
|
||||||
category = Fabricate(:category, secure: true)
|
category = Fabricate(:category, read_restricted: true)
|
||||||
|
|
||||||
post.topic.category_id = category.id
|
post.topic.category_id = category.id
|
||||||
post.topic.save
|
post.topic.save
|
||||||
|
|
|
@ -68,7 +68,7 @@ describe UserAction do
|
||||||
|
|
||||||
# groups
|
# groups
|
||||||
|
|
||||||
category = Fabricate(:category, secure: true)
|
category = Fabricate(:category, read_restricted: true)
|
||||||
|
|
||||||
public_topic.recover!
|
public_topic.recover!
|
||||||
public_topic.category = category
|
public_topic.category = category
|
||||||
|
@ -82,7 +82,7 @@ describe UserAction do
|
||||||
group.add(u)
|
group.add(u)
|
||||||
group.save
|
group.save
|
||||||
|
|
||||||
category.allow(group)
|
category.set_permissions(group => :full)
|
||||||
category.save
|
category.save
|
||||||
|
|
||||||
stats_for_user(u).should == [UserAction::NEW_TOPIC]
|
stats_for_user(u).should == [UserAction::NEW_TOPIC]
|
||||||
|
|
Loading…
Reference in New Issue