github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-23 16:46:12 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FEATURE: moderators allowed to view groups which members can see.

Browse Source 
Currently, if a group's visibility is set to "Group owners, members" then the mods can't view those group pages. The same rule is applied for members visibility setting too.
This commit is contained in:
Vinoth Kannan 2020-09-11 03:33:44 +05:30
parent ac70c48be4
commit 2bf0c4188b
3 changed files with 54 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
app/models/group.rb
View File

@ -121,18 +121,18 @@ class Group < ActiveRecord::Base
end end
if !user&.admin if !user&.admin
is_staff = !!user&.staff?
if user.blank?
sql = "groups.visibility_level = :public"
elsif is_staff
sql = "groups.visibility_level IN (:public, :logged_on_users, :members, :staff)"
else
sql = <<~SQL sql = <<~SQL
groups.id IN ( groups.id IN (
SELECT id SELECT id
FROM groups FROM groups
WHERE visibility_level = :public WHERE visibility_level IN (:public, :logged_on_users)
UNION ALL
SELECT id
FROM groups
WHERE visibility_level = :logged_on_users
AND :user_id IS NOT NULL
UNION ALL UNION ALL
@ -143,22 +143,15 @@ class Group < ActiveRecord::Base
UNION ALL UNION ALL
SELECT g.id
FROM groups g
LEFT JOIN group_users gu ON gu.group_id = g.id AND gu.user_id = :user_id AND gu.owner
WHERE g.visibility_level = :staff
AND (gu.id IS NOT NULL OR :is_staff)
UNION ALL
SELECT g.id SELECT g.id
FROM groups g FROM groups g
JOIN group_users gu ON gu.group_id = g.id AND gu.user_id = :user_id AND gu.owner JOIN group_users gu ON gu.group_id = g.id AND gu.user_id = :user_id AND gu.owner
WHERE g.visibility_level = :owners WHERE g.visibility_level IN (:staff, :owners)
) )
SQL SQL
end
params = Group.visibility_levels.to_h.merge(user_id: user&.id, is_staff: !!user&.staff?) params = Group.visibility_levels.to_h.merge(user_id: user&.id, is_staff: is_staff)
groups = groups.where(sql, params) groups = groups.where(sql, params)
end end
@ -173,18 +166,18 @@ class Group < ActiveRecord::Base
end end
if !user&.admin if !user&.admin
is_staff = !!user&.staff?
if user.blank?
sql = "groups.members_visibility_level = :public"
elsif is_staff
sql = "groups.members_visibility_level IN (:public, :logged_on_users, :members, :staff)"
else
sql = <<~SQL sql = <<~SQL
groups.id IN ( groups.id IN (
SELECT id SELECT id
FROM groups FROM groups
WHERE members_visibility_level = :public WHERE members_visibility_level IN (:public, :logged_on_users)
UNION ALL
SELECT id
FROM groups
WHERE members_visibility_level = :logged_on_users
AND :user_id IS NOT NULL
UNION ALL UNION ALL
@ -195,22 +188,15 @@ class Group < ActiveRecord::Base
UNION ALL UNION ALL
SELECT g.id
FROM groups g
LEFT JOIN group_users gu ON gu.group_id = g.id AND gu.user_id = :user_id AND gu.owner
WHERE g.members_visibility_level = :staff
AND (gu.id IS NOT NULL OR :is_staff)
UNION ALL
SELECT g.id SELECT g.id
FROM groups g FROM groups g
JOIN group_users gu ON gu.group_id = g.id AND gu.user_id = :user_id AND gu.owner JOIN group_users gu ON gu.group_id = g.id AND gu.user_id = :user_id AND gu.owner
WHERE g.members_visibility_level = :owners WHERE g.members_visibility_level IN (:staff, :owners)
) )
SQL SQL
end
params = Group.visibility_levels.to_h.merge(user_id: user&.id, is_staff: !!user&.staff?) params = Group.visibility_levels.to_h.merge(user_id: user&.id, is_staff: is_staff)
groups = groups.where(sql, params) groups = groups.where(sql, params)
end end

4
config/locales/client.en.yml
View File

@ -3588,8 +3588,8 @@ en:
title: "Who can see this group?" title: "Who can see this group?"
public: "Everyone" public: "Everyone"
logged_on_users: "Logged on users" logged_on_users: "Logged on users"
members: "Group owners, members" members: "Group owners, members and moderators"
staff: "Group owners and staff" staff: "Group owners and moderators"
owners: "Group owners" owners: "Group owners"
description: "Admins can see all groups." description: "Admins can see all groups."
members_visibility_levels: members_visibility_levels:

4
spec/models/group_spec.rb
View File

@ -698,7 +698,7 @@ describe Group do
expect(can_view?(admin, group)).to eq(true) expect(can_view?(admin, group)).to eq(true)
expect(can_view?(owner, group)).to eq(true) expect(can_view?(owner, group)).to eq(true)
expect(can_view?(moderator, group)).to eq(false) expect(can_view?(moderator, group)).to eq(true)
expect(can_view?(member, group)).to eq(true) expect(can_view?(member, group)).to eq(true)
expect(can_view?(logged_on_user, group)).to eq(false) expect(can_view?(logged_on_user, group)).to eq(false)
expect(can_view?(nil, group)).to eq(false) expect(can_view?(nil, group)).to eq(false)
@ -763,7 +763,7 @@ describe Group do
expect(can_view?(admin, group)).to eq(true) expect(can_view?(admin, group)).to eq(true)
expect(can_view?(owner, group)).to eq(true) expect(can_view?(owner, group)).to eq(true)
expect(can_view?(moderator, group)).to eq(false) expect(can_view?(moderator, group)).to eq(true)
expect(can_view?(member, group)).to eq(true) expect(can_view?(member, group)).to eq(true)
expect(can_view?(logged_on_user, group)).to eq(false) expect(can_view?(logged_on_user, group)).to eq(false)
expect(can_view?(nil, group)).to eq(false) expect(can_view?(nil, group)).to eq(false)