discourse/lib/guardian/category_guardian.rb

# frozen_string_literal: true

#mixin for all guardian methods dealing with category permissions
module CategoryGuardian

  # Creating Method
  def can_create_category?(parent = nil)
    is_admin? ||
    (
      SiteSetting.moderators_manage_categories_and_groups &&
      is_moderator?
    )
  end

  # Editing Method
  def can_edit_category?(category)
    is_admin? ||
    (
      SiteSetting.moderators_manage_categories_and_groups &&
      is_moderator? &&
      can_see_category?(category)
    )
  end

  def can_edit_serialized_category?(category_id:, read_restricted:)
    is_admin? ||
    (
      SiteSetting.moderators_manage_categories_and_groups &&
      is_moderator? &&
      can_see_serialized_category?(category_id: category_id, read_restricted: read_restricted)
    )
  end

  def can_delete_category?(category)
    can_edit_category?(category) &&
    category.topic_count <= 0 &&
    !category.uncategorized? &&
    !category.has_children?
  end

  def can_see_serialized_category?(category_id:, read_restricted: true)
    # Guard to ensure only a boolean is passed in
    read_restricted = true unless !!read_restricted == read_restricted

    return true if !read_restricted
    secure_category_ids.include?(category_id)
  end

  def can_see_category?(category)
    return false unless category
    return true if is_admin?
    return true if !category.read_restricted
    return true if is_staged? && category.email_in.present? && category.email_in_allow_strangers
    secure_category_ids.include?(category.id)
  end

  def can_edit_category_description?(category)
    can_perform_action_available_to_group_moderators?(category.topic)
  end

  def secure_category_ids
    @secure_category_ids ||= @user.secure_category_ids
  end

  # all allowed category ids
  def allowed_category_ids
    @allowed_category_ids ||=
      begin
        unrestricted = Category.where(read_restricted: false).pluck(:id)
        unrestricted.concat(secure_category_ids)
      end
  end

  def topic_create_allowed_category_ids
    @topic_create_allowed_category_ids ||= @user.topic_create_allowed_category_ids
  end

  def topic_featured_link_allowed_category_ids
    @topic_featured_link_allowed_category_ids = Category.where(topic_featured_link_allowed: true).pluck(:id)
  end
end
DEV: enable frozen string literal on all files This reduces chances of errors where consumers of strings mutate inputs and reduces memory usage of the app. Test suite passes now, but there may be some stuff left, so we will run a few sites on a branch prior to merging 2019-05-03 06:17:27 +08:00			`# frozen_string_literal: true`

DEV: Correct typos and spelling mistakes (#12812) Over the years we accrued many spelling mistakes in the code base. This PR attempts to fix spelling mistakes and typos in all areas of the code that are extremely safe to change - comments - test descriptions - other low risk areas 2021-05-21 09:43:47 +08:00			`#mixin for all guardian methods dealing with category permissions`
Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-10 07:25:14 +08:00			`module CategoryGuardian`
improve logic for mod category management 2014-04-15 14:49:22 +08:00
Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-10 07:25:14 +08:00			`# Creating Method`
improve logic for mod category management 2014-04-15 14:49:22 +08:00			`def can_create_category?(parent = nil)`
			`is_admin? \|\|`
			`(`
FEATURE - Moderators can create and manage groups (#10432) Enabling the moderators_manage_categories_and_groups site setting will allow moderator users to create/manage groups. * show New Group form to moderators * Allow moderators to update groups and read logs, where appropriate * Rename site setting from create -> manage * improved tests * Migration should rename old log entries * Log group changes, even if those changes mean you can no longer see the group * Slight reshuffle * RouteTo /g if they no longer have permissions to view group 2020-08-19 22:41:40 +08:00			`SiteSetting.moderators_manage_categories_and_groups &&`
improve logic for mod category management 2014-04-15 14:49:22 +08:00			`is_moderator?`
			`)`
Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-10 07:25:14 +08:00			`end`

			`# Editing Method`
			`def can_edit_category?(category)`
improve logic for mod category management 2014-04-15 14:49:22 +08:00			`is_admin? \|\|`
			`(`
FEATURE - Moderators can create and manage groups (#10432) Enabling the moderators_manage_categories_and_groups site setting will allow moderator users to create/manage groups. * show New Group form to moderators * Allow moderators to update groups and read logs, where appropriate * Rename site setting from create -> manage * improved tests * Migration should rename old log entries * Log group changes, even if those changes mean you can no longer see the group * Slight reshuffle * RouteTo /g if they no longer have permissions to view group 2020-08-19 22:41:40 +08:00			`SiteSetting.moderators_manage_categories_and_groups &&`
improve logic for mod category management 2014-04-15 14:49:22 +08:00			`is_moderator? &&`
			`can_see_category?(category)`
			`)`
Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-10 07:25:14 +08:00			`end`

FIX: Missing category edit icon. Follow-up to 0e4b8c5318569ef7e7a111563709699e3b9ce219 2021-06-28 10:39:13 +08:00			`def can_edit_serialized_category?(category_id:, read_restricted:)`
			`is_admin? \|\|`
			`(`
			`SiteSetting.moderators_manage_categories_and_groups &&`
			`is_moderator? &&`
			`can_see_serialized_category?(category_id: category_id, read_restricted: read_restricted)`
			`)`
			`end`

Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-10 07:25:14 +08:00			`def can_delete_category?(category)`
improve logic for mod category management 2014-04-15 14:49:22 +08:00			`can_edit_category?(category) &&`
FIX: can delete category if topic_count < 0 2014-08-23 00:25:22 +08:00			`category.topic_count <= 0 &&`
FIX: Don't allow parent categories to be deleted. Also, remove duplicated logic and rely on the server response for `can_delete` status. 2014-02-13 06:24:25 +08:00			`!category.uncategorized? &&`
			`!category.has_children?`
Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-10 07:25:14 +08:00			`end`

PERF: Cache categories in Site model take 3. Previous attempt resulted in custom fields going missing in the serialized output. This reverts commit 83a6ad32ffe75ae222028feddeca169fc5be54ac. 2021-06-23 15:21:11 +08:00			`def can_see_serialized_category?(category_id:, read_restricted: true)`
			`# Guard to ensure only a boolean is passed in`
			`read_restricted = true unless !!read_restricted == read_restricted`

			`return true if !read_restricted`
			`secure_category_ids.include?(category_id)`
			`end`

Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-10 07:25:14 +08:00			`def can_see_category?(category)`
we can't see a nil category 2016-07-02 18:21:14 +08:00			`return false unless category`
small topic/category guardians refactor 2016-06-27 20:36:57 +08:00			`return true if is_admin?`
			`return true if !category.read_restricted`
			`return true if is_staged? && category.email_in.present? && category.email_in_allow_strangers`
FIX: staged user doesn't get notified for replies in topics they created in secured categories 2016-02-24 18:30:17 +08:00			`secure_category_ids.include?(category.id)`
Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-10 07:25:14 +08:00			`end`

FEATURE - allow Group Moderators to edit category description (#10292) Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com> 2020-07-23 21:50:00 +08:00			`def can_edit_category_description?(category)`
			`can_perform_action_available_to_group_moderators?(category.topic)`
			`end`

Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-10 07:25:14 +08:00			`def secure_category_ids`
			`@secure_category_ids \|\|= @user.secure_category_ids`
			`end`

			`# all allowed category ids`
			`def allowed_category_ids`
PERF: improve perf of initial payload also reduce querying in topic query 2015-09-23 11:13:34 +08:00			`@allowed_category_ids \|\|=`
			`begin`
			`unrestricted = Category.where(read_restricted: false).pluck(:id)`
			`unrestricted.concat(secure_category_ids)`
			`end`
Refactor guardian as dissused in this topic https://meta.discourse.org/t/so-you-want-to-help-out-with-discourse/3823/41?u=hunter Creates a mixin for the ensure_* functions and creates seperate mixins for functions dealing with posts, categories, and topics. 2014-01-10 07:25:14 +08:00			`end`

			`def topic_create_allowed_category_ids`
			`@topic_create_allowed_category_ids \|\|= @user.topic_create_allowed_category_ids`
			`end`
FEATURE: Allow posting a link with topics 2016-12-05 20:31:43 +08:00
			`def topic_featured_link_allowed_category_ids`
Topic Featured Links: move data from custom fields to topics and categories tables. Invert behaviour of topic_featured_link_allowed checkbox. Fix a bug with invalid topic records due to changing that category checkbox. 2016-12-16 06:46:43 +08:00			`@topic_featured_link_allowed_category_ids = Category.where(topic_featured_link_allowed: true).pluck(:id)`
FEATURE: Allow posting a link with topics 2016-12-05 20:31:43 +08:00			`end`
SECURITY: reduce moderator rights You can now hide particular categories from certain moderators 2014-02-07 11:11:52 +08:00			`end`