discourse/lib/guardian/post_revision_guardian.rb

# frozen_string_literal: true

# mixin for all Guardian methods dealing with post_revisions permissions
module PostRevisionGuardian
  def can_see_post_revision?(post_revision)
    return false unless post_revision
    return false if post_revision.hidden && !can_view_hidden_post_revisions?

    can_view_edit_history?(post_revision.post)
  end

  def can_hide_post_revision?(post_revision)
    is_staff?
  end

  def can_permanently_delete_post_revisions?
    is_staff? && SiteSetting.can_permanently_delete
  end

  def can_show_post_revision?(post_revision)
    is_staff?
  end

  def can_view_hidden_post_revisions?
    is_staff?
  end
end
DEV: enable frozen string literal on all files This reduces chances of errors where consumers of strings mutate inputs and reduces memory usage of the app. Test suite passes now, but there may be some stuff left, so we will run a few sites on a branch prior to merging 2019-05-03 06:17:27 +08:00			`# frozen_string_literal: true`

LOTS of changes to properly handle post/topic revisions FIX: history revision can now properly be hidden FIX: PostRevision serializer is now entirely dynamic to properly handle hidden revisions FIX: default history modal to "side by side" view on mobile FIX: properly hiden which revision has been hidden UX: inline category/user/wiki/post_type changes with the revision details FEATURE: new '/posts/:post_id/revisions/latest' endpoint to retrieve latest revision UX: do not show the hide/show revision button on mobile (no room for them) UX: remove CSS transitions on the buttons in the history modal FIX: PostRevisor now handles all the changes that might create new revisions FIX: PostRevision.ensure_consistency! was wrong due to off by 1 mistake... refactored topic's callbacks for better readability extracted 'PostRevisionGuardian' 2014-10-28 05:06:43 +08:00			`# mixin for all Guardian methods dealing with post_revisions permissions`
			`module PostRevisionGuardian`
			`def can_see_post_revision?(post_revision)`
			`return false unless post_revision`
			`return false if post_revision.hidden && !can_view_hidden_post_revisions?`

			`can_view_edit_history?(post_revision.post)`
			`end`

			`def can_hide_post_revision?(post_revision)`
			`is_staff?`
			`end`

FEATURE: Allow admins to permanently delete revisions (#19913) # Context This PR introduces the ability to permanently delete revisions from a post while maintaining the changes implemented by the revisions. Additional Context: /t/90301 # Functionality In the case a staff member wants to _remove the visual cue_ that a post has been edited eg. <img width="86" alt="Screenshot 2023-01-18 at 2 59 12 PM" src="https://user-images.githubusercontent.com/50783505/213293333-9c881229-ab18-4591-b39b-e3419a67907d.png"> while maintaining the changes made in the edits, they can enable the (hidden) site setting of `can_permanently_delete`. When this is enabled, after _hiding_ the revisions <img width="149" alt="Screenshot 2023-01-19 at 1 53 35 PM" src="https://user-images.githubusercontent.com/50783505/213546080-2a9e9c55-b3ef-428e-a93d-1b6ba287dfae.png"> there will be an additional button in the history modal to <kbd>Delete revisions</kbd> on a post. <img width="997" alt="Screenshot 2023-01-19 at 1 49 51 PM" src="https://user-images.githubusercontent.com/50783505/213546333-49042558-50ab-4724-9da7-08bacc68d38d.png"> Since this action is permanent, we display a confirmation dialog prior to triggering the destroy call <img width="722" alt="Screenshot 2023-01-19 at 1 55 59 PM" src="https://user-images.githubusercontent.com/50783505/213546487-96ea6e89-ac49-4892-b4b0-28996e3c867f.png"> Once confirmed the history modal will close and the post will `rebake` to display an _unedited_ post. <img width="868" alt="Screenshot 2023-01-19 at 1 56 35 PM" src="https://user-images.githubusercontent.com/50783505/213546608-d6436717-8484-4132-a1a8-b7a348d92728.png"> see that there is not a visual que for _revision have been made on this post_ for a post that HAS been edited. In addition to this, a user history log for `purge_post_revisions` will be added for each action completed. # Limits - Admins are rate limited to 20 posts per minute 2023-01-20 05:09:01 +08:00			`def can_permanently_delete_post_revisions?`
			`is_staff? && SiteSetting.can_permanently_delete`
			`end`

LOTS of changes to properly handle post/topic revisions FIX: history revision can now properly be hidden FIX: PostRevision serializer is now entirely dynamic to properly handle hidden revisions FIX: default history modal to "side by side" view on mobile FIX: properly hiden which revision has been hidden UX: inline category/user/wiki/post_type changes with the revision details FEATURE: new '/posts/:post_id/revisions/latest' endpoint to retrieve latest revision UX: do not show the hide/show revision button on mobile (no room for them) UX: remove CSS transitions on the buttons in the history modal FIX: PostRevisor now handles all the changes that might create new revisions FIX: PostRevision.ensure_consistency! was wrong due to off by 1 mistake... refactored topic's callbacks for better readability extracted 'PostRevisionGuardian' 2014-10-28 05:06:43 +08:00			`def can_show_post_revision?(post_revision)`
			`is_staff?`
			`end`

			`def can_view_hidden_post_revisions?`
			`is_staff?`
			`end`
			`end`