DEV: Add guardian modifier to prevent sending PM (#28282)

2024-11-22 10:57:04 +08:00 · 2024-08-08 12:57:13 -05:00 · 2024-08-08 12:57:13 -05:00 · 5b1d9d602f
commit 5b1d9d602f
parent 2527f4599d
2 changed files with 23 additions and 0 deletions
--- a/lib/guardian.rb
+++ b/lib/guardian.rb
@ -505,6 +505,14 @@ class Guardian
    # Must be a valid target
    return false if !(target_is_group || target_is_user)

+    can_send_private_message =
+      DiscoursePluginRegistry.apply_modifier(
+        :guardian_can_send_private_message,
+        target: target,
+        user: @user,
+      )
+    return false if !can_send_private_message
+
    # Users can send messages to certain groups with the `everyone` messageable_level
    # even if they are not in personal_message_enabled_groups
    group_is_messageable = target_is_group && Group.messageable(@user).where(id: target.id).exists?
--- a/spec/lib/guardian_spec.rb
+++ b/spec/lib/guardian_spec.rb
@ -309,6 +309,10 @@ RSpec.describe Guardian do
    fab!(:suspended_user) do
      Fabricate(:user, suspended_till: 1.week.from_now, suspended_at: 1.day.ago)
    end
+    let!(:plugin) { Plugin::Instance.new }
+    let!(:modifier) { :guardian_can_send_private_message }
+    let!(:deny_block) { Proc.new { false } }
+    let!(:allow_block) { Proc.new { true } }

    it "returns false when the user is nil" do
      expect(Guardian.new(nil).can_send_private_message?(user)).to be_falsey
@ -341,6 +345,17 @@ RSpec.describe Guardian do
      expect(Guardian.new(user).can_send_private_message?(another_user)).to be_falsey
    end

+    it "allows plugins to control if user can send PM" do
+      DiscoursePluginRegistry.register_modifier(plugin, modifier, &deny_block)
+      expect(Guardian.new(user).can_send_private_message?(user)).to be_falsey
+
+      DiscoursePluginRegistry.register_modifier(plugin, modifier, &allow_block)
+      expect(Guardian.new(user).can_send_private_message?(user)).to be_truthy
+    ensure
+      DiscoursePluginRegistry.unregister_modifier(plugin, modifier, &deny_block)
+      DiscoursePluginRegistry.unregister_modifier(plugin, modifier, &allow_block)
+    end
+
    context "when personal_message_enabled_groups does not contain the user" do
      let(:group) { Fabricate(:group) }
      before { SiteSetting.personal_message_enabled_groups = group.id }