discourse/lib/guardian/group_guardian.rb

# frozen_string_literal: true

#mixin for all guardian methods dealing with group permissions
module GroupGuardian

  # Creating Method
  def can_create_group?
    is_admin? ||
    (
      SiteSetting.moderators_manage_categories_and_groups &&
      is_moderator?
    )
  end

  # Edit authority for groups means membership changes only.
  # Automatic groups are not represented in the GROUP_USERS
  # table and thus do not allow membership changes.
  def can_edit_group?(group)
    !group.automatic &&
      (can_admin_group?(group) || group.users.where('group_users.owner').include?(user))
  end

  def can_admin_group?(group)
    is_admin? ||
    (
      SiteSetting.moderators_manage_categories_and_groups &&
      is_moderator? &&
      can_see?(group) &&
      group.id != Group::AUTO_GROUPS[:admins]
    )
  end

  def can_see_group_messages?(group)
    return true if is_admin?
    return true if is_moderator? && group.id == Group::AUTO_GROUPS[:moderators]
    return false if user.blank?

    # TODO (martin) Remove enable_personal_messages here once plugins have been changed.
    (SiteSetting.enable_personal_messages ||
      user.in_any_groups?(SiteSetting.personal_message_enabled_groups_map)) &&
      group.users.include?(user)
  end

  def can_associate_groups?
    is_admin? && AssociatedGroup.has_provider?
  end
end
DEV: enable frozen string literal on all files This reduces chances of errors where consumers of strings mutate inputs and reduces memory usage of the app. Test suite passes now, but there may be some stuff left, so we will run a few sites on a branch prior to merging 2019-05-03 06:17:27 +08:00			`# frozen_string_literal: true`

table & model changes for group managers with permission to edit membership 2015-01-09 07:35:52 +08:00			`#mixin for all guardian methods dealing with group permissions`
			`module GroupGuardian`

FEATURE - Moderators can create and manage groups (#10432) Enabling the moderators_manage_categories_and_groups site setting will allow moderator users to create/manage groups. * show New Group form to moderators * Allow moderators to update groups and read logs, where appropriate * Rename site setting from create -> manage * improved tests * Migration should rename old log entries * Log group changes, even if those changes mean you can no longer see the group * Slight reshuffle * RouteTo /g if they no longer have permissions to view group 2020-08-19 22:41:40 +08:00			`# Creating Method`
			`def can_create_group?`
			`is_admin? \|\|`
			`(`
			`SiteSetting.moderators_manage_categories_and_groups &&`
			`is_moderator?`
			`)`
			`end`

table & model changes for group managers with permission to edit membership 2015-01-09 07:35:52 +08:00			`# Edit authority for groups means membership changes only.`
			`# Automatic groups are not represented in the GROUP_USERS`
			`# table and thus do not allow membership changes.`
			`def can_edit_group?(group)`
DEV: remove calls to guardian from GroupActionLogger (#13835) We shouldn't be checking if a user is allowed to do an action in the logger. We should be checking it just before we perform the action. In fact, guardians in the logger can make things even worse in case of a security bug. Let's say we forgot to check user's permissions before performing some action, but we still have a call to the guardian in the logger. In this case, a user would perform the action anyway, and this action wouldn't even be logged! I've checked all cases and I confirm that we're safe to delete this calls from the logger. I've added two calls to guardians in admin/user_controller. We didn't have security bugs there, because regular users can't access admin/... routes at all. But it's good to have calls to guardian in these methods anyway, neighboring methods have them. 2021-07-28 19:04:04 +08:00			`!group.automatic &&`
			`(can_admin_group?(group) \|\| group.users.where('group_users.owner').include?(user))`
FEATURE - Moderators can create and manage groups (#10432) Enabling the moderators_manage_categories_and_groups site setting will allow moderator users to create/manage groups. * show New Group form to moderators * Allow moderators to update groups and read logs, where appropriate * Rename site setting from create -> manage * improved tests * Migration should rename old log entries * Log group changes, even if those changes mean you can no longer see the group * Slight reshuffle * RouteTo /g if they no longer have permissions to view group 2020-08-19 22:41:40 +08:00			`end`

			`def can_admin_group?(group)`
			`is_admin? \|\|`
			`(`
			`SiteSetting.moderators_manage_categories_and_groups &&`
			`is_moderator? &&`
			`can_see?(group) &&`
			`group.id != Group::AUTO_GROUPS[:admins]`
			`)`
FEATURE: allow group members to see all messages on group page 2015-12-08 06:19:33 +08:00			`end`

			`def can_see_group_messages?(group)`
FIX: Admin should always be able to view group messages. Follow-up to b0f22f25231d73500a5b17d31349bc419a1058b0. Before this fix, `SiteSetting.enable_personal_messages = false` will prevent admin from viewing group messages. 2020-09-09 08:58:21 +08:00			`return true if is_admin?`
FIX: Always let moderators to see their group PMs (#10813) When enable_personal_messages was disabled, moderators could not see the private messages for the "moderators" group. The link was displayed on the client side, but the checks on the server side did not allow it. 2020-10-06 00:38:08 +08:00			`return true if is_moderator? && group.id == Group::AUTO_GROUPS[:moderators]`
FEATURE: Introduce personal_message_enabled_groups setting (#18042) This will replace `enable_personal_messages` and `min_trust_to_send_messages`, this commit introduces the setting `personal_message_enabled_groups` and uses it in all places that `enable_personal_messages` and `min_trust_to_send_messages` currently apply. A migration is included to set `personal_message_enabled_groups` based on the following rules: * If `enable_personal_messages` was false, then set `personal_message_enabled_groups` to `3`, which is the staff auto group * If `min_trust_to_send_messages` is not default (1) and the above condition is false, then set the `personal_message_enabled_groups` setting to the appropriate auto group based on the trust level * Otherwise just set `personal_message_enabled_groups` to 11 which is the TL1 auto group After follow-up PRs to plugins using these old settings, we will be able to drop the old settings from core, in the meantime I've added DEPRECATED notices to their descriptions and added them to the deprecated site settings list. This commit also introduces a `_map` shortcut method definition for all `group_list` site settings, e.g. `SiteSetting.personal_message_enabled_groups` also has `SiteSetting.personal_message_enabled_groups_map` available, which automatically splits the setting by `\|` and converts it into an array of integers. 2022-09-26 11:58:40 +08:00			`return false if user.blank?`
FIX: Admin should always be able to view group messages. Follow-up to b0f22f25231d73500a5b17d31349bc419a1058b0. Before this fix, `SiteSetting.enable_personal_messages = false` will prevent admin from viewing group messages. 2020-09-09 08:58:21 +08:00
FEATURE: Introduce personal_message_enabled_groups setting (#18042) This will replace `enable_personal_messages` and `min_trust_to_send_messages`, this commit introduces the setting `personal_message_enabled_groups` and uses it in all places that `enable_personal_messages` and `min_trust_to_send_messages` currently apply. A migration is included to set `personal_message_enabled_groups` based on the following rules: * If `enable_personal_messages` was false, then set `personal_message_enabled_groups` to `3`, which is the staff auto group * If `min_trust_to_send_messages` is not default (1) and the above condition is false, then set the `personal_message_enabled_groups` setting to the appropriate auto group based on the trust level * Otherwise just set `personal_message_enabled_groups` to 11 which is the TL1 auto group After follow-up PRs to plugins using these old settings, we will be able to drop the old settings from core, in the meantime I've added DEPRECATED notices to their descriptions and added them to the deprecated site settings list. This commit also introduces a `_map` shortcut method definition for all `group_list` site settings, e.g. `SiteSetting.personal_message_enabled_groups` also has `SiteSetting.personal_message_enabled_groups_map` available, which automatically splits the setting by `\|` and converts it into an array of integers. 2022-09-26 11:58:40 +08:00			`# TODO (martin) Remove enable_personal_messages here once plugins have been changed.`
			`(SiteSetting.enable_personal_messages \|\|`
			`user.in_any_groups?(SiteSetting.personal_message_enabled_groups_map)) &&`
			`group.users.include?(user)`
table & model changes for group managers with permission to edit membership 2015-01-09 07:35:52 +08:00			`end`
FEATURE: Experimental support for group membership via google auth (#14835) This commit introduces a new site setting "google_oauth2_hd_groups". If enabled, group information will be fetched from Google during authentication, and stored in the Discourse database. These 'associated groups' can be connected to a Discourse group via the "Membership" tab of the group preferences UI. The majority of the implementation is generic, so we will be able to add support to more authentication methods in the near future. https://meta.discourse.org/t/managing-group-membership-via-authentication/175950 2021-12-09 20:30:27 +08:00
			`def can_associate_groups?`
			`is_admin? && AssociatedGroup.has_provider?`
			`end`
table & model changes for group managers with permission to edit membership 2015-01-09 07:35:52 +08:00			`end`