2019-08-27 20:09:00 +08:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
class PostReadersController < ApplicationController
|
|
|
|
requires_login
|
|
|
|
|
|
|
|
def index
|
2019-09-14 04:14:31 +08:00
|
|
|
post = Post.includes(topic: %i[topic_allowed_groups topic_allowed_users]).find(params[:id])
|
|
|
|
ensure_can_see_readers!(post)
|
2019-08-27 20:09:00 +08:00
|
|
|
|
|
|
|
readers =
|
|
|
|
User
|
2019-11-15 04:53:52 +08:00
|
|
|
.real
|
2019-09-11 01:21:34 +08:00
|
|
|
.where(staged: false)
|
2019-09-14 04:14:31 +08:00
|
|
|
.where.not(id: post.user_id)
|
|
|
|
.joins(:topic_users)
|
2019-08-27 23:13:38 +08:00
|
|
|
.where.not(topic_users: { last_read_post_number: nil })
|
|
|
|
.where(
|
|
|
|
"topic_users.topic_id = ? AND topic_users.last_read_post_number >= ?",
|
|
|
|
post.topic_id,
|
|
|
|
post.post_number,
|
|
|
|
)
|
2023-01-09 20:20:10 +08:00
|
|
|
|
2019-12-03 22:31:58 +08:00
|
|
|
readers = readers.where("admin OR moderator") if post.whisper?
|
2023-01-09 20:20:10 +08:00
|
|
|
|
2019-08-27 20:09:00 +08:00
|
|
|
readers =
|
|
|
|
readers.map do |r|
|
|
|
|
{
|
|
|
|
id: r.id,
|
|
|
|
avatar_template: r.avatar_template,
|
|
|
|
username: r.username,
|
|
|
|
username_lower: r.username_lower,
|
|
|
|
}
|
|
|
|
end
|
|
|
|
|
|
|
|
render_json_dump(post_readers: readers)
|
|
|
|
end
|
2019-09-14 04:14:31 +08:00
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def ensure_can_see_readers!(post)
|
|
|
|
show_readers =
|
|
|
|
GroupUser
|
|
|
|
.where(user: current_user)
|
|
|
|
.joins(:group)
|
|
|
|
.where(
|
|
|
|
groups: {
|
|
|
|
id: post.topic.topic_allowed_groups.map(&:group_id),
|
|
|
|
publish_read_state: true,
|
|
|
|
},
|
2023-01-09 20:20:10 +08:00
|
|
|
)
|
2019-09-14 04:14:31 +08:00
|
|
|
.exists?
|
|
|
|
|
|
|
|
raise Discourse::InvalidAccess unless show_readers
|
|
|
|
end
|
2019-08-27 20:09:00 +08:00
|
|
|
end
|