2014-02-14 00:42:35 +08:00
|
|
|
# mixin for all Guardian methods dealing with user permissions
|
|
|
|
module UserGuardian
|
|
|
|
|
2018-09-20 13:33:10 +08:00
|
|
|
def can_pick_avatar?(user_avatar, upload)
|
|
|
|
return false unless self.user
|
2018-12-18 13:37:31 +08:00
|
|
|
|
2018-09-20 13:33:10 +08:00
|
|
|
return true if is_admin?
|
2018-12-18 13:37:31 +08:00
|
|
|
|
2018-09-20 13:33:10 +08:00
|
|
|
# can always pick blank avatar
|
|
|
|
return true if !upload
|
2018-12-18 13:37:31 +08:00
|
|
|
|
2018-09-20 13:33:10 +08:00
|
|
|
return true if user_avatar.contains_upload?(upload.id)
|
|
|
|
return true if upload.user_id == user_avatar.user_id || upload.user_id == user.id
|
|
|
|
|
2018-12-18 13:37:31 +08:00
|
|
|
UserUpload.exists?(
|
|
|
|
upload_id: upload.id,
|
|
|
|
user_id: [upload.user_id, user.id]
|
|
|
|
)
|
2018-09-20 13:33:10 +08:00
|
|
|
end
|
|
|
|
|
2014-02-14 00:42:35 +08:00
|
|
|
def can_edit_user?(user)
|
|
|
|
is_me?(user) || is_staff?
|
|
|
|
end
|
|
|
|
|
|
|
|
def can_edit_username?(user)
|
2014-03-08 14:16:49 +08:00
|
|
|
return false if (SiteSetting.sso_overrides_username? && SiteSetting.enable_sso?)
|
2014-02-14 00:42:35 +08:00
|
|
|
return true if is_staff?
|
|
|
|
return false if SiteSetting.username_change_period <= 0
|
2017-11-10 07:05:53 +08:00
|
|
|
is_me?(user) && ((user.post_count + user.topic_count) == 0 || user.created_at > SiteSetting.username_change_period.days.ago)
|
2014-02-14 00:42:35 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
def can_edit_email?(user)
|
2014-03-08 14:16:49 +08:00
|
|
|
return false if (SiteSetting.sso_overrides_email? && SiteSetting.enable_sso?)
|
2014-02-14 00:42:35 +08:00
|
|
|
return false unless SiteSetting.email_editable?
|
2014-08-15 10:41:01 +08:00
|
|
|
return true if is_staff?
|
2014-02-14 00:42:35 +08:00
|
|
|
can_edit?(user)
|
|
|
|
end
|
|
|
|
|
2014-03-14 04:26:40 +08:00
|
|
|
def can_edit_name?(user)
|
|
|
|
return false if not(SiteSetting.enable_names?)
|
|
|
|
return false if (SiteSetting.sso_overrides_name? && SiteSetting.enable_sso?)
|
|
|
|
return true if is_staff?
|
|
|
|
can_edit?(user)
|
|
|
|
end
|
|
|
|
|
2014-09-03 09:32:27 +08:00
|
|
|
def can_see_notifications?(user)
|
|
|
|
is_me?(user) || is_admin?
|
|
|
|
end
|
|
|
|
|
2017-11-11 01:18:08 +08:00
|
|
|
def can_silence_user?(user)
|
2014-02-14 00:42:35 +08:00
|
|
|
user && is_staff? && not(user.staff?)
|
|
|
|
end
|
|
|
|
|
2017-11-11 01:18:08 +08:00
|
|
|
def can_unsilence_user?(user)
|
2014-02-14 00:42:35 +08:00
|
|
|
user && is_staff?
|
|
|
|
end
|
|
|
|
|
|
|
|
def can_delete_user?(user)
|
2014-07-29 01:17:37 +08:00
|
|
|
return false if user.nil? || user.admin?
|
2014-02-14 00:42:35 +08:00
|
|
|
if is_me?(user)
|
|
|
|
user.post_count <= 1
|
|
|
|
else
|
2018-03-05 12:32:23 +08:00
|
|
|
is_staff? && (user.first_post_created_at.nil? || user.post_count <= 5 || user.first_post_created_at > SiteSetting.delete_user_max_post_age.to_i.days.ago)
|
2014-02-14 00:42:35 +08:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2015-03-07 05:44:54 +08:00
|
|
|
def can_anonymize_user?(user)
|
|
|
|
is_staff? && !user.nil? && !user.staff?
|
|
|
|
end
|
|
|
|
|
2016-05-07 01:34:33 +08:00
|
|
|
def can_reset_bounce_score?(user)
|
|
|
|
user && is_staff?
|
|
|
|
end
|
|
|
|
|
2014-09-30 04:31:05 +08:00
|
|
|
def can_check_emails?(user)
|
|
|
|
is_admin? || (is_staff? && SiteSetting.show_email_on_profile)
|
|
|
|
end
|
|
|
|
|
2014-11-28 02:51:13 +08:00
|
|
|
def restrict_user_fields?(user)
|
|
|
|
user.trust_level == TrustLevel[0] && anonymous?
|
|
|
|
end
|
|
|
|
|
2015-01-06 02:49:32 +08:00
|
|
|
def can_see_staff_info?(user)
|
|
|
|
user && is_staff?
|
|
|
|
end
|
|
|
|
|
2017-09-13 04:06:01 +08:00
|
|
|
def can_see_suspension_reason?(user)
|
|
|
|
return true unless SiteSetting.hide_suspension_reasons?
|
|
|
|
user == @user || is_staff?
|
|
|
|
end
|
|
|
|
|
2017-12-22 09:18:12 +08:00
|
|
|
def can_disable_second_factor?(user)
|
|
|
|
user && can_administer_user?(user)
|
|
|
|
end
|
|
|
|
|
2018-10-11 01:00:08 +08:00
|
|
|
def can_see_profile?(user)
|
|
|
|
return false if user.blank?
|
|
|
|
|
|
|
|
# If a user has hidden their profile, restrict it to them and staff
|
|
|
|
if user.user_option.try(:hide_profile_and_presence?)
|
|
|
|
return is_me?(user) || is_staff?
|
|
|
|
end
|
|
|
|
|
|
|
|
true
|
|
|
|
end
|
|
|
|
|
2018-12-07 18:57:28 +08:00
|
|
|
def allowed_user_field_ids(user)
|
|
|
|
@allowed_user_field_ids ||= {}
|
|
|
|
@allowed_user_field_ids[user.id] ||=
|
|
|
|
begin
|
|
|
|
if is_staff? || is_me?(user)
|
|
|
|
UserField.pluck(:id)
|
|
|
|
else
|
|
|
|
UserField.where("show_on_profile OR show_on_user_card").pluck(:id)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2014-03-14 04:26:40 +08:00
|
|
|
end
|