FIX: staff should always be allowed to create polls if they are enabled

plugins/poll/assets/javascripts/initializers/add-poll-ui-builder.js.es6

@@ -4,15 +4,12 @@ import showModal from 'discourse/lib/show-modal';
 
 function initializePollUIBuilder(api) {
   api.modifyClass('controller:composer', {
-    @computed('siteSettings.poll_enabled',
-              'siteSettings.poll_minimum_trust_level_to_create',
-              'siteSettings.poll_allow_staff_to_create')
-    canBuildPoll(pollEnabled, minimumTrustLevel, allowStaff) {
+    @computed('siteSettings.poll_enabled', 'siteSettings.poll_minimum_trust_level_to_create')
+    canBuildPoll(pollEnabled, minimumTrustLevel) {
       return pollEnabled &&
              this.currentUser &&
              (
-               this.currentUser.admin ||
-               (this.currentUser.staff && allowStaff) ||
+               this.currentUser.staff ||
                this.currentUser.trust_level >= minimumTrustLevel
              );
     },

plugins/poll/config/locales/server.en.yml

@@ -20,7 +20,6 @@ en:
     poll_maximum_options: "Maximum number of options allowed in a poll."
     poll_edit_window_mins: "Number of minutes after post creation during which polls can be edited."
     poll_minimum_trust_level_to_create: "Define the minimum trust level needed to create polls."
-    poll_allow_staff_to_create: "Allow staff to create polls, regardless of their trust level."
 
   poll:
     multiple_polls_without_name: "There are multiple polls without a name. Use the '<code>name</code>' attribute to uniquely identify your polls."

plugins/poll/config/settings.yml

@@ -11,6 +11,3 @@ plugins:
     default: 1
     client: true
     enum: 'TrustLevelSetting'
-  poll_allow_staff_to_create:
-    default: true
-    client: true

plugins/poll/lib/post_validator.rb

@@ -6,9 +6,7 @@ module DiscoursePoll
 
     def validate_post
       min_trust_level = SiteSetting.poll_minimum_trust_level_to_create
-      staff_allowed = SiteSetting.poll_allow_staff_to_create
-      trusted = @post&.user&.admin ||
-                (@post&.user&.staff? && staff_allowed) ||
+      trusted = @post&.user&.staff? ||
                 @post&.user&.trust_level >= TrustLevel[min_trust_level]
 
       if !trusted

plugins/poll/spec/controllers/posts_controller_spec.rb

@@ -342,6 +342,8 @@ describe PostsController do
     end
 
     it "doesn’t cook the poll" do
+      log_in_user(Fabricate(:user, admin: true, trust_level: 4))
+
       post :create, params: {
         title: title, raw: "[poll]\n- A\n- B\n[/poll]"
       }, format: :json
@@ -408,13 +410,13 @@ describe PostsController do
     end
   end
 
-  describe "admin with insufficient trust level" do
+  describe "staff with insufficient trust level" do
     before do
       SiteSetting.poll_minimum_trust_level_to_create = 2
     end
 
     it "validates the post" do
-      log_in_user(Fabricate(:user, admin: true, trust_level: 1))
+      log_in_user(Fabricate(:user, moderator: true, trust_level: 1))
 
       post :create, params: {
         title: title, raw: "[poll]\n- A\n- B\n[/poll]"
@@ -426,47 +428,4 @@ describe PostsController do
       expect(json["polls"]["poll"]).to be
     end
   end
-
-  describe "staff" do
-    before do
-      SiteSetting.poll_minimum_trust_level_to_create = 4
-    end
-
-    describe "allow staff enabled" do
-      before do
-        SiteSetting.poll_allow_staff_to_create = true
-      end
-
-      it "validates the post" do
-        log_in_user(Fabricate(:user, moderator: true, trust_level: 1))
-
-        post :create, params: {
-          title: title, raw: "[poll]\n- A\n- B\n[/poll]"
-        }, format: :json
-
-        expect(response).to be_success
-        json = ::JSON.parse(response.body)
-        expect(json["cooked"]).to match("data-poll-")
-        expect(json["polls"]["poll"]).to be
-      end
-    end
-
-    describe "allow staff disabled" do
-      before do
-        SiteSetting.poll_allow_staff_to_create = false
-      end
-
-      it "invalidates the post" do
-        log_in_user(Fabricate(:user, moderator: true, trust_level: 1))
-
-        post :create, params: {
-          title: title, raw: "[poll]\n- A\n- B\n[/poll]"
-        }, format: :json
-
-        expect(response).not_to be_success
-        json = ::JSON.parse(response.body)
-        expect(json["errors"][0]).to eq(I18n.t("poll.insufficient_rights_to_create"))
-      end
-    end
-  end
 end

plugins/poll/test/javascripts/acceptance/poll-builder-allow-staff-test.js.es6

@@ -1,22 +0,0 @@
-import { acceptance } from "helpers/qunit-helpers";
-import { displayPollBuilderButton } from "discourse/plugins/poll/helpers/display-poll-builder-button";
-import { replaceCurrentUser } from "discourse/plugins/poll/helpers/replace-current-user";
-
-acceptance("Poll Builder - allow staff", {
-  loggedIn: true,
-  settings: {
-    poll_enabled: true,
-    poll_allow_staff_to_create: true,
-    poll_minimum_trust_level_to_create: 4
-  }
-});
-
-test("staff", (assert) => {
-  replaceCurrentUser({ staff: true, trust_level: 3 });
-
-  displayPollBuilderButton();
-
-  andThen(() => {
-    assert.ok(exists("button[title='Build Poll']"), "it shows the builder button");
-  });
-});

plugins/poll/test/javascripts/acceptance/poll-builder-disabled-test.js.es6

@@ -10,8 +10,8 @@ acceptance("Poll Builder - polls are disabled", {
   }
 });
 
-test("sufficient trust level", (assert) => {
-  replaceCurrentUser({ admin: false, trust_level: 3 });
+test("regular user - sufficient trust level", (assert) => {
+  replaceCurrentUser({ staff: false, trust_level: 3 });
 
   displayPollBuilderButton();
 
@@ -20,8 +20,8 @@ test("sufficient trust level", (assert) => {
   });
 });
 
-test("insufficient trust level", (assert) => {
-  replaceCurrentUser({ admin: false, trust_level: 1 });
+test("regular user - insufficient trust level", (assert) => {
+  replaceCurrentUser({ staff: false, trust_level: 1 });
 
   displayPollBuilderButton();
 
@@ -30,8 +30,8 @@ test("insufficient trust level", (assert) => {
   });
 });
 
-test("admin", (assert) => {
-  replaceCurrentUser({ admin: true });
+test("staff", (assert) => {
+  replaceCurrentUser({ staff: true });
 
   displayPollBuilderButton();
 

plugins/poll/test/javascripts/acceptance/poll-builder-enabled-test.js.es6

@@ -6,13 +6,12 @@ acceptance("Poll Builder - polls are enabled", {
   loggedIn: true,
   settings: {
     poll_enabled: true,
-    poll_allow_staff_to_create: false,
     poll_minimum_trust_level_to_create: 1
   }
 });
 
-test("sufficient trust level", (assert) => {
-  replaceCurrentUser({ admin: false, trust_level: 1 });
+test("regular user - sufficient trust level", (assert) => {
+  replaceCurrentUser({ staff: false, trust_level: 1 });
 
   displayPollBuilderButton();
 
@@ -21,8 +20,8 @@ test("sufficient trust level", (assert) => {
   });
 });
 
-test("insufficient trust level", (assert) => {
-  replaceCurrentUser({ admin: false, trust_level: 0 });
+test("regular user - insufficient trust level", (assert) => {
+  replaceCurrentUser({ staff: false, trust_level: 0 });
 
   displayPollBuilderButton();
 
@@ -31,19 +30,8 @@ test("insufficient trust level", (assert) => {
   });
 });
 
-test("staff with insufficient trust level", (assert) => {
-  replaceCurrentUser({ admin: false, staff: true, trust_level: 0 });
-
-  displayPollBuilderButton();
-
-  andThen(() => {
-    assert.ok(!exists("button[title='Build Poll']"), "it hides the builder button");
-  });
-});
-
-
-test("admin with insufficient trust level", (assert) => {
-  replaceCurrentUser({ admin: true, trust_level: 0 });
+test("staff - with insufficient trust level", (assert) => {
+  replaceCurrentUser({ staff: true, trust_level: 0 });
 
   displayPollBuilderButton();