mirror of
https://github.com/discourse/discourse.git
synced 2024-11-22 22:21:55 +08:00
FEATURE - allow Group Moderators to edit category description (#10292)
Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
This commit is contained in:
parent
61d3640643
commit
2aec92d0b4
|
@ -485,6 +485,10 @@ class Post < ActiveRecord::Base
|
||||||
post_number == 1
|
post_number == 1
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def is_category_description?
|
||||||
|
topic.present? && topic.is_category_topic? && is_first_post?
|
||||||
|
end
|
||||||
|
|
||||||
def is_reply_by_email?
|
def is_reply_by_email?
|
||||||
via_email && post_number.present? && post_number > 1
|
via_email && post_number.present? && post_number > 1
|
||||||
end
|
end
|
||||||
|
|
|
@ -54,6 +54,10 @@ module CategoryGuardian
|
||||||
secure_category_ids.include?(category.id)
|
secure_category_ids.include?(category.id)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def can_edit_category_description?(category)
|
||||||
|
can_perform_action_available_to_group_moderators?(category.topic)
|
||||||
|
end
|
||||||
|
|
||||||
def secure_category_ids
|
def secure_category_ids
|
||||||
@secure_category_ids ||= @user.secure_category_ids
|
@secure_category_ids ||= @user.secure_category_ids
|
||||||
end
|
end
|
||||||
|
|
|
@ -161,6 +161,10 @@ module PostGuardian
|
||||||
return !post.edit_time_limit_expired?(@user)
|
return !post.edit_time_limit_expired?(@user)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
if post.is_category_description?
|
||||||
|
return true if can_edit_category_description?(post.topic.category)
|
||||||
|
end
|
||||||
|
|
||||||
false
|
false
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
|
@ -192,8 +192,13 @@ class PostRevisor
|
||||||
PostLocker.new(@post, @editor).lock
|
PostLocker.new(@post, @editor).lock
|
||||||
end
|
end
|
||||||
|
|
||||||
# We log staff edits to posts
|
# We log staff/group moderator edits to posts
|
||||||
if @editor.staff? && @editor.id != @post.user_id && @fields.has_key?('raw') && !@opts[:skip_staff_log]
|
if (
|
||||||
|
(@editor.staff? || (@post.is_category_description? && Guardian.new(@editor).can_edit_category_description?(@post.topic.category))) &&
|
||||||
|
@editor.id != @post.user_id &&
|
||||||
|
@fields.has_key?('raw') &&
|
||||||
|
!@opts[:skip_staff_log]
|
||||||
|
)
|
||||||
StaffActionLogger.new(@editor).log_post_edit(
|
StaffActionLogger.new(@editor).log_post_edit(
|
||||||
@post,
|
@post,
|
||||||
old_raw: old_raw
|
old_raw: old_raw
|
||||||
|
|
|
@ -598,6 +598,28 @@ describe PostRevisor do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context "logging group moderator edits" do
|
||||||
|
fab!(:group_user) { Fabricate(:group_user) }
|
||||||
|
fab!(:category) { Fabricate(:category, reviewable_by_group_id: group_user.group.id, topic: topic) }
|
||||||
|
|
||||||
|
before do
|
||||||
|
SiteSetting.enable_category_group_moderation = true
|
||||||
|
topic.update!(category: category)
|
||||||
|
post.update!(topic: topic)
|
||||||
|
end
|
||||||
|
|
||||||
|
it "logs an edit when a group moderator revises the category description" do
|
||||||
|
PostRevisor.new(post).revise!(group_user.user, raw: "a group moderator can update the description")
|
||||||
|
|
||||||
|
log = UserHistory.where(
|
||||||
|
acting_user_id: group_user.user.id,
|
||||||
|
action: UserHistory.actions[:post_edit]
|
||||||
|
).first
|
||||||
|
expect(log).to be_present
|
||||||
|
expect(log.details).to eq("Hello world\n\n---\n\na group moderator can update the description")
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
context "staff_edit_locks_post" do
|
context "staff_edit_locks_post" do
|
||||||
|
|
||||||
context "disabled" do
|
context "disabled" do
|
||||||
|
|
|
@ -426,6 +426,53 @@ describe PostsController do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe "when logged in as group moderator" do
|
||||||
|
fab!(:topic) { Fabricate(:topic, category: category) }
|
||||||
|
fab!(:post) { Fabricate(:post, user: user, topic: topic) }
|
||||||
|
fab!(:group_user) { Fabricate(:group_user) }
|
||||||
|
let(:user_gm) { group_user.user }
|
||||||
|
let(:group) { group_user.group }
|
||||||
|
|
||||||
|
before do
|
||||||
|
SiteSetting.enable_category_group_moderation = true
|
||||||
|
post.topic.category.update!(reviewable_by_group_id: group.id, topic_id: topic.id)
|
||||||
|
sign_in(user_gm)
|
||||||
|
end
|
||||||
|
|
||||||
|
it "allows updating the category description" do
|
||||||
|
put "/posts/#{post.id}.json", params: update_params
|
||||||
|
expect(response.status).to eq(200)
|
||||||
|
|
||||||
|
post.reload
|
||||||
|
expect(post.raw).to eq('edited body')
|
||||||
|
expect(UserHistory.where(action: UserHistory.actions[:post_edit]).count).to eq(1)
|
||||||
|
end
|
||||||
|
|
||||||
|
it "can not update other posts within the primary category topic" do
|
||||||
|
second_post = Fabricate(:post, user: user, topic: topic)
|
||||||
|
|
||||||
|
put "/posts/#{second_post.id}.json", params: update_params
|
||||||
|
expect(response.status).to eq(403)
|
||||||
|
end
|
||||||
|
|
||||||
|
it "can not update other first posts of topics in the same category" do
|
||||||
|
second_topic_in_category = Fabricate(:topic, category: category)
|
||||||
|
post_in_second_topic = Fabricate(:post, user: user, topic: second_topic_in_category)
|
||||||
|
|
||||||
|
put "/posts/#{post_in_second_topic.id}.json", params: update_params
|
||||||
|
expect(response.status).to eq(403)
|
||||||
|
end
|
||||||
|
|
||||||
|
it "can not update category descriptions in other categories" do
|
||||||
|
second_category = Fabricate(:category)
|
||||||
|
topic.update!(category: second_category)
|
||||||
|
|
||||||
|
put "/posts/#{post.id}.json", params: update_params
|
||||||
|
expect(response.status).to eq(403)
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
||||||
|
|
||||||
it 'can not change category to a disallowed category' do
|
it 'can not change category to a disallowed category' do
|
||||||
post = create_post
|
post = create_post
|
||||||
sign_in(post.user)
|
sign_in(post.user)
|
||||||
|
|
|
@ -595,4 +595,26 @@ describe StaffActionLogger do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe 'log_post_staff_note' do
|
||||||
|
fab!(:post) { Fabricate(:post) }
|
||||||
|
|
||||||
|
it "raises an error when argument is missing" do
|
||||||
|
expect { logger.log_topic_archived(nil) }.to raise_error(Discourse::InvalidParameters)
|
||||||
|
end
|
||||||
|
|
||||||
|
it "creates a new UserHistory record" do
|
||||||
|
expect { logger.log_post_staff_note(post, { new_raw_value: 'my note', old_value: nil }) }.to change { UserHistory.count }.by(1)
|
||||||
|
user_history = UserHistory.last
|
||||||
|
expect(user_history.action).to eq(UserHistory.actions[:post_staff_note_create])
|
||||||
|
expect(user_history.new_value).to eq('my note')
|
||||||
|
expect(user_history.previous_value).to eq(nil)
|
||||||
|
|
||||||
|
expect { logger.log_post_staff_note(post, { new_raw_value: nil, old_value: 'my note' }) }.to change { UserHistory.count }.by(1)
|
||||||
|
user_history = UserHistory.last
|
||||||
|
expect(user_history.action).to eq(UserHistory.actions[:post_staff_note_destroy])
|
||||||
|
expect(user_history.new_value).to eq(nil)
|
||||||
|
expect(user_history.previous_value).to eq('my note')
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
end
|
end
|
||||||
|
|
|
@ -7,6 +7,7 @@ QUnit.test("Enter as a anon user", async assert => {
|
||||||
await click(".show-more-actions");
|
await click(".show-more-actions");
|
||||||
|
|
||||||
assert.ok(exists("#topic"), "The topic was rendered");
|
assert.ok(exists("#topic"), "The topic was rendered");
|
||||||
|
assert.ok(exists("#post_1 .post-controls .edit"), "The edit button was not rendered");
|
||||||
assert.ok(!exists(".show-post-admin-menu"), "The wrench button was not rendered");
|
assert.ok(!exists(".show-post-admin-menu"), "The wrench button was not rendered");
|
||||||
});
|
});
|
||||||
|
|
||||||
|
@ -17,5 +18,6 @@ QUnit.test("Enter as a user with group moderator permissions", async assert => {
|
||||||
await click(".show-more-actions");
|
await click(".show-more-actions");
|
||||||
await click(".show-post-admin-menu");
|
await click(".show-post-admin-menu");
|
||||||
|
|
||||||
|
assert.ok(exists("#post_1 .post-controls .edit"), "The edit button was rendered");
|
||||||
assert.ok(exists(".add-notice"), "The add notice button was rendered");
|
assert.ok(exists(".add-notice"), "The add notice button was rendered");
|
||||||
});
|
});
|
||||||
|
|
Loading…
Reference in New Issue
Block a user