From fab67fafc17181cc3100c3b9117c0b83addb7019 Mon Sep 17 00:00:00 2001
From: Jahan Gagan <jahanggn9@gmail.com>
Date: Wed, 21 Oct 2020 14:39:44 +0530
Subject: [PATCH] FIX: invite users with sufficient trust level

---
 config/locales/server.en.yml     |  1 +
 config/site_settings.yml         |  4 ++++
 lib/guardian.rb                  |  4 ++--
 spec/components/guardian_spec.rb | 35 ++++++++++++++++++++++++++++++--
 4 files changed, 40 insertions(+), 4 deletions(-)

diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml
index af99227a883..c3b878df36e 100644
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@@ -1815,6 +1815,7 @@ en:
     min_trust_to_post_embedded_media: "The minimum trust level required to embed media items in a post"
     min_trust_level_to_allow_profile_background: "The minimum trust level required to upload a profile background"
     min_trust_level_to_allow_user_card_background: "The minimum trust level required to upload a user card background"
+    min_trust_level_to_allow_invite: "The minimum trust level required to allow invite"
     allowed_link_domains: "Domains that users may link to even if they don't have the appropriate trust level to post links"
 
     newuser_max_links: "How many links a new user can add to a post."
diff --git a/config/site_settings.yml b/config/site_settings.yml
index e48a269f93f..3e2b79c049e 100644
--- a/config/site_settings.yml
+++ b/config/site_settings.yml
@@ -1403,6 +1403,10 @@ trust:
     default: 0
     client: true
     enum: "TrustLevelSetting"
+  min_trust_level_to_allow_invite:
+    default: 2
+    client: true
+    enum: "TrustLevelSetting"
   allow_flagging_staff: true
   send_tl1_welcome_message: true
   send_tl2_promotion_message: true
diff --git a/lib/guardian.rb b/lib/guardian.rb
index b67e34e29c5..e4d34fa086d 100644
--- a/lib/guardian.rb
+++ b/lib/guardian.rb
@@ -353,7 +353,7 @@ class Guardian
     !SiteSetting.enable_sso &&
     SiteSetting.enable_local_logins &&
     (
-      (!SiteSetting.must_approve_users? && @user.has_trust_level?(TrustLevel[2])) ||
+      (!SiteSetting.must_approve_users? && @user.has_trust_level?(SiteSetting.min_trust_level_to_allow_invite.to_i)) ||
       is_staff?
     ) &&
     (groups.blank? || is_admin? || groups.all? { |g| can_edit_group?(g) })
@@ -383,7 +383,7 @@ class Guardian
       end
     end
 
-    user.has_trust_level?(TrustLevel[2])
+    user.has_trust_level?(SiteSetting.min_trust_level_to_allow_invite.to_i)
   end
 
   def can_invite_via_email?(object)
diff --git a/spec/components/guardian_spec.rb b/spec/components/guardian_spec.rb
index b43eed507a4..2b5afbc4b8f 100644
--- a/spec/components/guardian_spec.rb
+++ b/spec/components/guardian_spec.rb
@@ -477,6 +477,17 @@ describe Guardian do
     let(:user) { Fabricate.build(:user) }
     let(:moderator) { Fabricate.build(:moderator) }
 
+    it 'returns true if user has sufficient trust level' do
+      SiteSetting.min_trust_level_to_allow_invite = 2
+      expect(Guardian.new(trust_level_2).can_invite_to_forum?).to be_truthy
+      expect(Guardian.new(moderator).can_invite_to_forum?).to be_truthy
+    end
+
+    it 'returns false if user trust level does not have sufficient trust level' do
+      SiteSetting.min_trust_level_to_allow_invite = 2
+      expect(Guardian.new(trust_level_1).can_invite_to_forum?).to be_falsey
+    end
+
     it "doesn't allow anonymous users to invite" do
       expect(Guardian.new.can_invite_to_forum?).to be_falsey
     end
@@ -532,6 +543,10 @@ describe Guardian do
   describe 'can_invite_to?' do
 
     describe "regular topics" do
+      before do
+        SiteSetting.min_trust_level_to_allow_invite = 2
+        user.update!(trust_level: SiteSetting.min_trust_level_to_allow_invite)
+      end
       fab!(:category) { Fabricate(:category, read_restricted: true) }
       fab!(:topic) { Fabricate(:topic) }
       fab!(:private_topic) { Fabricate(:topic, category: category) }
@@ -544,7 +559,7 @@ describe Guardian do
         expect(Guardian.new(nil).can_invite_to?(topic)).to be_falsey
         expect(Guardian.new(moderator).can_invite_to?(nil)).to be_falsey
         expect(Guardian.new(moderator).can_invite_to?(topic)).to be_truthy
-        expect(Guardian.new(user).can_invite_to?(topic)).to be_falsey
+        expect(Guardian.new(trust_level_1).can_invite_to?(topic)).to be_falsey
 
         SiteSetting.max_invites_per_day = 0
 
@@ -610,7 +625,8 @@ describe Guardian do
     end
 
     describe "private messages" do
-      fab!(:user) { Fabricate(:user, trust_level: TrustLevel[2]) }
+      SiteSetting.min_trust_level_to_allow_invite = 2
+      fab!(:user) { Fabricate(:user, trust_level: SiteSetting.min_trust_level_to_allow_invite) }
       fab!(:pm) { Fabricate(:private_message_topic, user: user) }
 
       context "when private messages are disabled" do
@@ -631,6 +647,21 @@ describe Guardian do
         end
       end
 
+      context "when private messages are enabled" do
+        before do
+          SiteSetting.enable_personal_messages = true
+        end
+
+        it "returns true if user has sufficient trust level" do
+          expect(Guardian.new(user).can_invite_to?(pm)).to be_truthy
+        end
+
+        it "returns false if user has sufficient trust level" do
+          user.trust_level = 1
+          expect(Guardian.new(user).can_invite_to?(pm)).to be_falsey
+        end
+      end
+
       context "when PM has receached the maximum number of recipients" do
         before do
           SiteSetting.max_allowed_message_recipients = 2