From 784006c71ea18b68863d4ae4f7d7cd9d4a72fc63 Mon Sep 17 00:00:00 2001 From: Blake Erickson Date: Thu, 4 May 2023 14:30:34 -0600 Subject: [PATCH] SECURITY: Do not overwrite permissions on the General category (#21390) Before this fix if you had modified the default general category settings they would be reset back to the default after a deploy. --- lib/seed_data/categories.rb | 2 +- spec/lib/seed_data/categories_spec.rb | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+), 1 deletion(-) diff --git a/lib/seed_data/categories.rb b/lib/seed_data/categories.rb index 575d84b3955..dd050d86983 100644 --- a/lib/seed_data/categories.rb +++ b/lib/seed_data/categories.rb @@ -92,7 +92,7 @@ module SeedData permissions: { everyone: :full, }, - force_permissions: true, + force_permissions: false, sidebar: true, default_composer_category: true, }, diff --git a/spec/lib/seed_data/categories_spec.rb b/spec/lib/seed_data/categories_spec.rb index d4b9072d790..b69addaa4ad 100644 --- a/spec/lib/seed_data/categories_spec.rb +++ b/spec/lib/seed_data/categories_spec.rb @@ -99,6 +99,25 @@ RSpec.describe SeedData::Categories do expect(SiteSetting.default_composer_category).to eq(Category.last.id) end + it "does not overwrite permissions on the General category" do + create_category("general_category_id") + expect(Category.last.name).to eq("General") + category = Category.last + + expect(category.category_groups.count).to eq(0) + + category.set_permissions(staff: :full) + category.save! + + expect(category.category_groups.count).to eq(1) + + expect { create_category("general_category_id") }.not_to change { CategoryGroup.count } + + category.reload + expect(category.category_groups.count).to eq(1) + expect(category.category_groups.first).to have_attributes(permissions(:staff, :full)) + end + it "adds default categories SiteSetting.default_sidebar_categories" do create_category("staff_category_id") staff_category = Category.last