2019-05-03 06:17:27 +08:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
2021-05-21 09:43:47 +08:00
|
|
|
#mixin for all guardian methods dealing with topic permissions
|
2014-01-10 07:25:14 +08:00
|
|
|
module TopicGuardian
|
2017-10-10 16:26:56 +08:00
|
|
|
def can_remove_allowed_users?(topic, target_user = nil)
|
2020-06-19 17:04:05 +08:00
|
|
|
is_staff? || (topic.user == @user && @user.has_trust_level?(TrustLevel[2])) ||
|
2017-10-10 16:26:56 +08:00
|
|
|
(
|
|
|
|
topic.allowed_users.count > 1 && topic.user != target_user &&
|
|
|
|
!!(target_user && user == target_user)
|
|
|
|
)
|
2014-01-10 07:25:14 +08:00
|
|
|
end
|
|
|
|
|
2019-05-04 02:26:37 +08:00
|
|
|
def can_review_topic?(topic)
|
|
|
|
return false if anonymous? || topic.nil?
|
|
|
|
return true if is_staff?
|
|
|
|
|
2021-05-26 10:58:00 +08:00
|
|
|
is_category_group_moderator?(topic.category)
|
|
|
|
end
|
|
|
|
|
|
|
|
def can_moderate_topic?(topic)
|
|
|
|
return false if anonymous? || topic.nil?
|
|
|
|
return true if is_staff?
|
|
|
|
|
2021-04-28 00:24:27 +08:00
|
|
|
can_perform_action_available_to_group_moderators?(topic)
|
2019-05-04 02:26:37 +08:00
|
|
|
end
|
|
|
|
|
2018-03-14 03:59:12 +08:00
|
|
|
def can_create_shared_draft?
|
2021-02-01 22:16:34 +08:00
|
|
|
SiteSetting.shared_drafts_enabled? && can_see_shared_draft?
|
|
|
|
end
|
2020-12-03 22:07:57 +08:00
|
|
|
|
2021-02-01 22:16:34 +08:00
|
|
|
def can_see_shared_draft?
|
2023-11-07 12:03:25 +08:00
|
|
|
@user.in_any_groups?(SiteSetting.shared_drafts_allowed_groups_map)
|
2018-03-14 03:59:12 +08:00
|
|
|
end
|
|
|
|
|
2019-05-08 01:34:15 +08:00
|
|
|
def can_create_whisper?
|
2022-06-30 08:18:12 +08:00
|
|
|
@user.whisperer?
|
2019-05-08 01:34:15 +08:00
|
|
|
end
|
|
|
|
|
2022-06-30 08:18:12 +08:00
|
|
|
def can_see_whispers?(_topic = nil)
|
|
|
|
@user.whisperer?
|
2020-07-14 09:42:09 +08:00
|
|
|
end
|
|
|
|
|
2018-03-14 03:59:12 +08:00
|
|
|
def can_publish_topic?(topic, category)
|
2021-02-01 22:16:34 +08:00
|
|
|
can_see_shared_draft? && can_see?(topic) && can_create_topic_on_category?(category)
|
2018-03-14 03:59:12 +08:00
|
|
|
end
|
|
|
|
|
2014-01-10 07:25:14 +08:00
|
|
|
# Creating Methods
|
|
|
|
def can_create_topic?(parent)
|
2014-06-10 03:21:01 +08:00
|
|
|
is_staff? ||
|
2014-06-09 23:03:10 +08:00
|
|
|
(
|
|
|
|
user && user.trust_level >= SiteSetting.min_trust_to_create_topic.to_i &&
|
2019-06-26 19:02:53 +08:00
|
|
|
can_create_post?(parent) && Category.topic_create_allowed(self).limit(1).count == 1
|
2023-01-09 20:10:19 +08:00
|
|
|
)
|
2014-01-10 07:25:14 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
def can_create_topic_on_category?(category)
|
2018-03-02 09:13:04 +08:00
|
|
|
# allow for category to be a number as well
|
2018-03-13 10:20:47 +08:00
|
|
|
category_id = Category === category ? category.id : category
|
2018-03-02 09:13:04 +08:00
|
|
|
|
2014-01-21 22:21:38 +08:00
|
|
|
can_create_topic?(nil) &&
|
2018-03-02 09:13:04 +08:00
|
|
|
(!category || Category.topic_create_allowed(self).where(id: category_id).count == 1)
|
2014-01-10 07:25:14 +08:00
|
|
|
end
|
|
|
|
|
2018-07-13 10:51:08 +08:00
|
|
|
def can_move_topic_to_category?(category)
|
|
|
|
category =
|
2023-01-09 20:10:19 +08:00
|
|
|
(
|
2018-07-13 10:51:08 +08:00
|
|
|
if Category === category
|
|
|
|
category
|
2023-01-09 20:10:19 +08:00
|
|
|
else
|
2018-07-13 10:51:08 +08:00
|
|
|
Category.find(category || SiteSetting.uncategorized_category_id)
|
2023-01-09 20:10:19 +08:00
|
|
|
end
|
|
|
|
)
|
2023-10-06 09:00:22 +08:00
|
|
|
|
|
|
|
is_staff? || (can_create_topic_on_category?(category) && !category.require_topic_approval?)
|
2018-07-13 10:51:08 +08:00
|
|
|
end
|
|
|
|
|
2014-01-10 07:25:14 +08:00
|
|
|
def can_create_post_on_topic?(topic)
|
|
|
|
# No users can create posts on deleted topics
|
2016-09-10 00:15:56 +08:00
|
|
|
return false if topic.blank?
|
2014-01-10 07:25:14 +08:00
|
|
|
return false if topic.trashed?
|
2016-04-13 13:59:38 +08:00
|
|
|
return true if is_admin?
|
2014-01-10 07:25:14 +08:00
|
|
|
|
2020-08-11 03:21:01 +08:00
|
|
|
trusted =
|
|
|
|
(authenticated? && user.has_trust_level?(TrustLevel[4])) || is_moderator? ||
|
|
|
|
can_perform_action_available_to_group_moderators?(topic)
|
2016-04-13 13:59:38 +08:00
|
|
|
|
|
|
|
(!(topic.closed? || topic.archived?) || trusted) && can_create_post?(topic)
|
2014-01-10 07:25:14 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
# Editing Method
|
|
|
|
def can_edit_topic?(topic)
|
2014-07-29 22:40:02 +08:00
|
|
|
return false if Discourse.static_doc_topic_ids.include?(topic.id) && !is_admin?
|
2015-02-26 13:08:52 +08:00
|
|
|
return false unless can_see?(topic)
|
2022-02-25 22:09:31 +08:00
|
|
|
|
|
|
|
first_post = topic.first_post
|
|
|
|
|
|
|
|
return false if first_post&.locked? && !is_staff?
|
2016-04-13 13:59:38 +08:00
|
|
|
|
|
|
|
return true if is_admin?
|
|
|
|
return true if is_moderator? && can_create_post?(topic)
|
2020-12-03 06:21:59 +08:00
|
|
|
return true if is_category_group_moderator?(topic.category)
|
2016-04-13 13:59:38 +08:00
|
|
|
|
2016-06-02 03:41:56 +08:00
|
|
|
# can't edit topics in secured categories where you don't have permission to create topics
|
2019-06-26 15:53:29 +08:00
|
|
|
# except for a tiny edge case where the topic is uncategorized and you are trying
|
|
|
|
# to fix it but uncategorized is disabled
|
|
|
|
if (
|
|
|
|
SiteSetting.allow_uncategorized_topics ||
|
|
|
|
topic.category_id != SiteSetting.uncategorized_category_id
|
|
|
|
)
|
|
|
|
return false if !can_create_topic_on_category?(topic.category)
|
|
|
|
end
|
2016-06-02 03:41:56 +08:00
|
|
|
|
2020-12-03 22:07:57 +08:00
|
|
|
# Editing a shared draft.
|
|
|
|
if (
|
|
|
|
!topic.archived && !topic.private_message? &&
|
|
|
|
topic.category_id == SiteSetting.shared_drafts_category.to_i &&
|
|
|
|
can_see_category?(topic.category) && can_see_shared_draft? && can_create_post?(topic)
|
|
|
|
)
|
2018-02-23 09:39:24 +08:00
|
|
|
return true
|
2023-01-09 20:10:19 +08:00
|
|
|
end
|
2020-12-03 22:07:57 +08:00
|
|
|
|
2018-02-23 09:39:24 +08:00
|
|
|
if (
|
2023-07-07 23:48:14 +08:00
|
|
|
is_in_edit_post_groups? && topic.archived && !topic.private_message? &&
|
|
|
|
can_create_post?(topic)
|
2018-02-23 09:39:24 +08:00
|
|
|
)
|
|
|
|
return true
|
2023-01-09 20:10:19 +08:00
|
|
|
end
|
2016-04-13 13:59:38 +08:00
|
|
|
|
2018-02-23 09:39:24 +08:00
|
|
|
if (
|
2023-07-07 23:48:14 +08:00
|
|
|
is_in_edit_topic_groups? && !topic.archived && !topic.private_message? &&
|
|
|
|
can_create_post?(topic)
|
2018-02-23 09:39:24 +08:00
|
|
|
)
|
|
|
|
return true
|
2023-01-09 20:10:19 +08:00
|
|
|
end
|
2015-05-01 05:03:51 +08:00
|
|
|
|
2014-08-16 00:44:58 +08:00
|
|
|
return false if topic.archived
|
2022-02-25 22:09:31 +08:00
|
|
|
|
2019-09-06 19:44:12 +08:00
|
|
|
is_my_own?(topic) && !topic.edit_time_limit_expired?(user) && !first_post&.locked? &&
|
2022-02-25 22:09:31 +08:00
|
|
|
(!first_post&.hidden? || can_edit_hidden_post?(first_post))
|
2014-01-10 07:25:14 +08:00
|
|
|
end
|
|
|
|
|
2023-07-07 23:48:14 +08:00
|
|
|
def is_in_edit_topic_groups?
|
|
|
|
SiteSetting.edit_all_topic_groups.present? &&
|
|
|
|
user.in_any_groups?(SiteSetting.edit_all_topic_groups.to_s.split("|").map(&:to_i))
|
|
|
|
end
|
|
|
|
|
2014-01-10 07:25:14 +08:00
|
|
|
def can_recover_topic?(topic)
|
2023-01-20 10:31:51 +08:00
|
|
|
if is_staff? || (topic&.category && is_category_group_moderator?(topic.category)) ||
|
2023-02-13 12:34:04 +08:00
|
|
|
(SiteSetting.tl4_delete_posts_and_topics && user&.has_trust_level?(TrustLevel[4]))
|
2020-02-06 16:19:04 +08:00
|
|
|
!!(topic && topic.deleted_at)
|
2019-03-30 00:10:05 +08:00
|
|
|
else
|
|
|
|
topic && can_recover_post?(topic.ordered_posts.first)
|
|
|
|
end
|
2014-01-10 07:25:14 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
def can_delete_topic?(topic)
|
|
|
|
!topic.trashed? &&
|
2020-11-06 01:18:26 +08:00
|
|
|
(
|
|
|
|
is_staff? ||
|
|
|
|
(
|
|
|
|
is_my_own?(topic) && topic.posts_count <= 1 && topic.created_at &&
|
|
|
|
topic.created_at > 24.hours.ago
|
2023-01-20 10:31:51 +08:00
|
|
|
) || is_category_group_moderator?(topic.category) ||
|
|
|
|
(SiteSetting.tl4_delete_posts_and_topics && user.has_trust_level?(TrustLevel[4]))
|
2014-08-14 05:02:44 +08:00
|
|
|
) && !topic.is_category_topic? && !Discourse.static_doc_topic_ids.include?(topic.id)
|
2014-01-10 07:25:14 +08:00
|
|
|
end
|
|
|
|
|
2021-10-13 17:53:23 +08:00
|
|
|
def can_permanently_delete_topic?(topic)
|
|
|
|
return false if !SiteSetting.can_permanently_delete
|
|
|
|
return false if !topic
|
2022-08-10 17:11:50 +08:00
|
|
|
|
|
|
|
# Ensure that all posts (including small actions) are at least soft
|
|
|
|
# deleted.
|
2021-10-26 23:31:15 +08:00
|
|
|
return false if topic.posts_count > 0
|
2022-08-10 17:11:50 +08:00
|
|
|
|
|
|
|
# All other posts that were deleted still must be permanently deleted
|
|
|
|
# before the topic can be deleted with the exception of small action
|
|
|
|
# posts that will be deleted right before the topic is.
|
|
|
|
all_posts_count =
|
|
|
|
Post
|
|
|
|
.with_deleted
|
|
|
|
.where(topic_id: topic.id)
|
|
|
|
.where(
|
|
|
|
post_type: [Post.types[:regular], Post.types[:moderator_action], Post.types[:whisper]],
|
|
|
|
)
|
|
|
|
.count
|
|
|
|
return false if all_posts_count > 1
|
|
|
|
|
2021-10-13 17:53:23 +08:00
|
|
|
return false if !is_admin? || !can_see_topic?(topic)
|
|
|
|
return false if !topic.deleted_at
|
|
|
|
if topic.deleted_by_id == @user.id && topic.deleted_at >= Post::PERMANENT_DELETE_TIMER.ago
|
|
|
|
return false
|
2023-01-09 20:10:19 +08:00
|
|
|
end
|
2021-10-13 17:53:23 +08:00
|
|
|
true
|
|
|
|
end
|
|
|
|
|
2020-12-15 00:01:22 +08:00
|
|
|
def can_toggle_topic_visibility?(topic)
|
|
|
|
can_moderate?(topic) || can_perform_action_available_to_group_moderators?(topic)
|
|
|
|
end
|
|
|
|
|
2022-12-01 18:26:35 +08:00
|
|
|
alias can_create_unlisted_topic? can_toggle_topic_visibility?
|
|
|
|
|
2016-05-01 19:48:43 +08:00
|
|
|
def can_convert_topic?(topic)
|
2017-10-02 16:04:58 +08:00
|
|
|
return false if topic.blank?
|
2018-05-24 16:41:51 +08:00
|
|
|
return false if topic.trashed?
|
|
|
|
return false if topic.is_category_topic?
|
2016-05-05 00:29:56 +08:00
|
|
|
return true if is_admin?
|
2023-09-06 07:17:40 +08:00
|
|
|
return false if !@user.in_any_groups?(SiteSetting.personal_message_enabled_groups_map)
|
2016-05-05 00:29:56 +08:00
|
|
|
is_moderator? && can_create_post?(topic)
|
2016-05-01 19:48:43 +08:00
|
|
|
end
|
|
|
|
|
2014-01-10 07:25:14 +08:00
|
|
|
def can_reply_as_new_topic?(topic)
|
2016-11-30 01:59:42 +08:00
|
|
|
authenticated? && topic && @user.has_trust_level?(TrustLevel[1])
|
2014-01-10 07:25:14 +08:00
|
|
|
end
|
|
|
|
|
2020-11-06 01:18:26 +08:00
|
|
|
def can_see_deleted_topics?(category)
|
2023-01-23 09:02:47 +08:00
|
|
|
is_staff? || is_category_group_moderator?(category) ||
|
2023-02-13 12:34:04 +08:00
|
|
|
(SiteSetting.tl4_delete_posts_and_topics && user&.has_trust_level?(TrustLevel[4]))
|
2014-07-16 05:02:43 +08:00
|
|
|
end
|
|
|
|
|
2022-10-27 06:13:21 +08:00
|
|
|
# Accepts an array of `Topic#id` and returns an array of `Topic#id` which the user can see.
|
|
|
|
def can_see_topic_ids(topic_ids: [], hide_deleted: true)
|
|
|
|
topic_ids = topic_ids.compact
|
|
|
|
|
|
|
|
return topic_ids if is_admin?
|
|
|
|
return [] if topic_ids.blank?
|
|
|
|
|
|
|
|
default_scope = Topic.unscoped.where(id: topic_ids)
|
|
|
|
|
|
|
|
# When `hide_deleted` is `true`, hide deleted topics if user is not staff or category moderator
|
|
|
|
if hide_deleted && !is_staff?
|
|
|
|
if category_group_moderation_allowed?
|
|
|
|
default_scope = default_scope.where(<<~SQL)
|
|
|
|
(
|
|
|
|
deleted_at IS NULL OR
|
|
|
|
(
|
|
|
|
deleted_at IS NOT NULL
|
|
|
|
AND topics.category_id IN (#{category_group_moderator_scope.select(:id).to_sql})
|
|
|
|
)
|
|
|
|
)
|
|
|
|
SQL
|
|
|
|
else
|
|
|
|
default_scope = default_scope.where("deleted_at IS NULL")
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
# Filter out topics with shared drafts if user cannot see shared drafts
|
|
|
|
if !can_see_shared_draft?
|
|
|
|
default_scope =
|
|
|
|
default_scope.left_outer_joins(:shared_draft).where("shared_drafts.id IS NULL")
|
|
|
|
end
|
|
|
|
|
|
|
|
all_topics_scope =
|
|
|
|
if authenticated?
|
|
|
|
Topic.unscoped.merge(
|
|
|
|
secured_regular_topic_scope(default_scope, topic_ids: topic_ids).or(
|
|
|
|
private_message_topic_scope(default_scope),
|
2023-01-09 20:10:19 +08:00
|
|
|
),
|
2022-10-27 06:13:21 +08:00
|
|
|
)
|
|
|
|
else
|
|
|
|
Topic.unscoped.merge(secured_regular_topic_scope(default_scope, topic_ids: topic_ids))
|
|
|
|
end
|
|
|
|
|
|
|
|
all_topics_scope.pluck(:id)
|
|
|
|
end
|
|
|
|
|
2016-06-27 20:36:57 +08:00
|
|
|
def can_see_topic?(topic, hide_deleted = true)
|
2014-05-12 22:30:10 +08:00
|
|
|
return false unless topic
|
2014-05-13 03:26:36 +08:00
|
|
|
return true if is_admin?
|
2020-11-06 01:18:26 +08:00
|
|
|
return false if hide_deleted && topic.deleted_at && !can_see_deleted_topics?(topic.category)
|
2014-01-10 07:25:14 +08:00
|
|
|
|
2014-08-05 12:37:28 +08:00
|
|
|
if topic.private_message?
|
2016-06-27 20:36:57 +08:00
|
|
|
return authenticated? && topic.all_allowed_users.where(id: @user.id).exists?
|
2014-08-05 12:37:28 +08:00
|
|
|
end
|
|
|
|
|
2021-02-01 22:16:34 +08:00
|
|
|
return false if topic.shared_draft && !can_see_shared_draft?
|
2020-12-15 03:08:20 +08:00
|
|
|
|
2020-01-17 02:17:16 +08:00
|
|
|
category = topic.category
|
|
|
|
can_see_category?(category) &&
|
2020-01-23 03:33:25 +08:00
|
|
|
(
|
|
|
|
!category.read_restricted || !is_staged? || secure_category_ids.include?(category.id) ||
|
|
|
|
topic.user == user
|
|
|
|
)
|
2015-02-13 00:52:59 +08:00
|
|
|
end
|
2014-01-10 07:25:14 +08:00
|
|
|
|
2023-01-17 16:50:15 +08:00
|
|
|
def can_see_unlisted_topics?
|
|
|
|
is_staff? || @user.has_trust_level?(TrustLevel[4])
|
|
|
|
end
|
|
|
|
|
2019-07-04 16:12:39 +08:00
|
|
|
def can_get_access_to_topic?(topic)
|
|
|
|
topic&.access_topic_via_group.present? && authenticated?
|
|
|
|
end
|
|
|
|
|
2023-03-23 05:31:33 +08:00
|
|
|
def filter_allowed_categories(records, category_id_column: "topics.category_id")
|
2022-11-18 11:37:36 +08:00
|
|
|
return records if is_admin? && !SiteSetting.suppress_secured_categories_from_admin
|
|
|
|
|
|
|
|
records =
|
2023-03-23 05:31:33 +08:00
|
|
|
if allowed_category_ids.size == 0
|
|
|
|
records.where("#{category_id_column} IS NULL")
|
|
|
|
else
|
|
|
|
records.where(
|
|
|
|
"#{category_id_column} IS NULL or #{category_id_column} IN (?)",
|
|
|
|
allowed_category_ids,
|
|
|
|
)
|
|
|
|
end
|
2022-11-18 11:37:36 +08:00
|
|
|
|
|
|
|
records.references(:categories)
|
2014-01-10 07:25:14 +08:00
|
|
|
end
|
2015-02-13 00:52:59 +08:00
|
|
|
|
2016-12-05 20:31:43 +08:00
|
|
|
def can_edit_featured_link?(category_id)
|
2016-12-16 06:46:43 +08:00
|
|
|
return false unless SiteSetting.topic_featured_link_enabled
|
2023-02-16 17:40:11 +08:00
|
|
|
return false if @user.trust_level == TrustLevel.levels[:newuser]
|
2016-12-21 04:55:30 +08:00
|
|
|
Category.where(
|
|
|
|
id: category_id || SiteSetting.uncategorized_category_id,
|
|
|
|
topic_featured_link_allowed: true,
|
|
|
|
).exists?
|
2016-12-05 20:31:43 +08:00
|
|
|
end
|
2018-08-10 08:51:03 +08:00
|
|
|
|
|
|
|
def can_update_bumped_at?
|
2019-01-02 23:57:05 +08:00
|
|
|
is_staff? || @user.has_trust_level?(TrustLevel[4])
|
2018-08-10 08:51:03 +08:00
|
|
|
end
|
2019-04-02 15:08:15 +08:00
|
|
|
|
|
|
|
def can_banner_topic?(topic)
|
2019-06-25 18:49:29 +08:00
|
|
|
topic && authenticated? && !topic.private_message? && is_staff?
|
2019-04-02 15:08:15 +08:00
|
|
|
end
|
2019-10-24 02:05:38 +08:00
|
|
|
|
|
|
|
def can_edit_tags?(topic)
|
|
|
|
return false unless can_tag_topics?
|
|
|
|
return false if topic.private_message? && !can_tag_pms?
|
|
|
|
return true if can_edit_topic?(topic)
|
|
|
|
|
|
|
|
if topic&.first_post&.wiki &&
|
2023-12-12 12:20:37 +08:00
|
|
|
@user.in_any_groups?(SiteSetting.edit_wiki_post_allowed_groups_map)
|
2019-10-24 02:05:38 +08:00
|
|
|
return can_create_post?(topic)
|
|
|
|
end
|
|
|
|
|
|
|
|
false
|
|
|
|
end
|
2020-07-15 00:36:19 +08:00
|
|
|
|
|
|
|
def can_perform_action_available_to_group_moderators?(topic)
|
|
|
|
return false if anonymous? || topic.nil?
|
|
|
|
return true if is_staff?
|
|
|
|
return true if @user.has_trust_level?(TrustLevel[4])
|
|
|
|
|
2020-07-29 05:15:04 +08:00
|
|
|
is_category_group_moderator?(topic.category)
|
2020-07-15 00:36:19 +08:00
|
|
|
end
|
|
|
|
alias can_archive_topic? can_perform_action_available_to_group_moderators?
|
|
|
|
alias can_close_topic? can_perform_action_available_to_group_moderators?
|
2021-01-13 06:49:29 +08:00
|
|
|
alias can_open_topic? can_perform_action_available_to_group_moderators?
|
2020-08-05 22:33:25 +08:00
|
|
|
alias can_split_merge_topic? can_perform_action_available_to_group_moderators?
|
2020-07-21 03:53:47 +08:00
|
|
|
alias can_edit_staff_notes? can_perform_action_available_to_group_moderators?
|
2021-03-10 05:05:11 +08:00
|
|
|
alias can_pin_unpin_topic? can_perform_action_available_to_group_moderators?
|
2020-07-15 00:36:19 +08:00
|
|
|
|
2020-08-05 22:33:25 +08:00
|
|
|
def can_move_posts?(topic)
|
|
|
|
return false if is_silenced?
|
|
|
|
can_perform_action_available_to_group_moderators?(topic)
|
|
|
|
end
|
|
|
|
|
2020-10-29 03:47:50 +08:00
|
|
|
def affected_by_slow_mode?(topic)
|
|
|
|
topic&.slow_mode_seconds.to_i > 0 && @user.human? && !is_staff?
|
|
|
|
end
|
2022-10-27 06:13:21 +08:00
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def private_message_topic_scope(scope)
|
|
|
|
pm_scope = scope.private_messages_for_user(user)
|
|
|
|
|
|
|
|
pm_scope = pm_scope.or(scope.where(<<~SQL)) if is_moderator?
|
|
|
|
topics.subtype = '#{TopicSubtype.moderator_warning}'
|
|
|
|
OR topics.id IN (#{Topic.has_flag_scope.select(:topic_id).to_sql})
|
|
|
|
SQL
|
|
|
|
|
|
|
|
pm_scope
|
|
|
|
end
|
|
|
|
|
|
|
|
def secured_regular_topic_scope(scope, topic_ids:)
|
|
|
|
secured_scope = Topic.unscoped.secured(self)
|
|
|
|
|
|
|
|
# Staged users are allowed to see their own topics in read restricted categories when Category#email_in and
|
|
|
|
# Category#email_in_allow_strangers has been configured.
|
|
|
|
if is_staged?
|
|
|
|
sql = <<~SQL
|
|
|
|
topics.id IN (
|
|
|
|
SELECT
|
|
|
|
topics.id
|
|
|
|
FROM topics
|
|
|
|
INNER JOIN categories ON categories.id = topics.category_id
|
|
|
|
WHERE categories.read_restricted
|
|
|
|
AND categories.email_in IS NOT NULL
|
|
|
|
AND categories.email_in_allow_strangers
|
|
|
|
AND topics.user_id = :user_id
|
|
|
|
AND topics.id IN (:topic_ids)
|
|
|
|
)
|
|
|
|
SQL
|
|
|
|
|
|
|
|
secured_scope =
|
|
|
|
secured_scope.or(Topic.unscoped.where(sql, user_id: user.id, topic_ids: topic_ids))
|
|
|
|
end
|
|
|
|
|
|
|
|
scope.listable_topics.merge(secured_scope)
|
|
|
|
end
|
2014-01-21 22:21:38 +08:00
|
|
|
end
|