mirror of
https://github.com/discourse/discourse.git
synced 2024-11-27 04:26:29 +08:00
DEV: followup on secure category mention
Follows up on #f7809207 - Priority mention support only available for groups with less than 500 members - Proper use attribute on model
This commit is contained in:
parent
f1b3e72581
commit
3c44e54c3f
|
@ -159,7 +159,7 @@ export default Ember.Component.extend({
|
||||||
const topicId = this.get("topic.id");
|
const topicId = this.get("topic.id");
|
||||||
// maybe this is a brand new topic, so grab category from composer
|
// maybe this is a brand new topic, so grab category from composer
|
||||||
const categoryId =
|
const categoryId =
|
||||||
this.get("topic.category_id") || this.get("composer._categoryId");
|
this.get("topic.category_id") || this.get("composer.categoryId");
|
||||||
|
|
||||||
return userSearch({
|
return userSearch({
|
||||||
term,
|
term,
|
||||||
|
|
|
@ -5,6 +5,8 @@ require_dependency 'search'
|
||||||
|
|
||||||
class UserSearch
|
class UserSearch
|
||||||
|
|
||||||
|
MAX_SIZE_PRIORITY_MENTION ||= 500
|
||||||
|
|
||||||
def initialize(term, opts = {})
|
def initialize(term, opts = {})
|
||||||
@term = term
|
@term = term
|
||||||
@term_like = "#{term.downcase.gsub("_", "\\_")}%"
|
@term_like = "#{term.downcase.gsub("_", "\\_")}%"
|
||||||
|
@ -116,19 +118,19 @@ class UserSearch
|
||||||
end
|
end
|
||||||
|
|
||||||
# 3. category matches
|
# 3. category matches
|
||||||
# 10,11,12: trust level groups (tl0/1/2) explicitly bypassed
|
|
||||||
# may amend this in future to allow them if count in the group
|
|
||||||
# is small enough
|
|
||||||
if secure_category_id
|
if secure_category_id
|
||||||
in_category = filtered_by_term_users
|
in_category = filtered_by_term_users
|
||||||
.where(<<~SQL, secure_category_id)
|
.where(<<~SQL, secure_category_id, MAX_SIZE_PRIORITY_MENTION)
|
||||||
users.id IN (
|
users.id IN (
|
||||||
SELECT gu.user_id
|
SELECT gu.user_id
|
||||||
FROM group_users gu
|
FROM group_users gu
|
||||||
WHERE group_id IN (
|
WHERE group_id IN (
|
||||||
SELECT group_id FROM category_groups
|
SELECT group_id FROM category_groups
|
||||||
WHERE category_id = ?
|
JOIN groups g ON group_id = g.id
|
||||||
) AND group_id NOT IN (10,11,12)
|
WHERE
|
||||||
|
category_id = ? AND
|
||||||
|
user_count < ?
|
||||||
|
)
|
||||||
LIMIT 200
|
LIMIT 200
|
||||||
)
|
)
|
||||||
SQL
|
SQL
|
||||||
|
|
Loading…
Reference in New Issue
Block a user