mirror of
https://github.com/discourse/discourse.git
synced 2024-11-29 19:01:36 +08:00
DEV: prevents staff computed property to be overridden (#7931)
This commit is contained in:
parent
cc46de8f46
commit
c1d2fb115c
|
@ -199,11 +199,7 @@ export default Ember.Controller.extend({
|
||||||
);
|
);
|
||||||
},
|
},
|
||||||
|
|
||||||
@computed
|
isStaffUser: Ember.computed.reads("currentUser.staff"),
|
||||||
isStaffUser() {
|
|
||||||
const currentUser = this.currentUser;
|
|
||||||
return currentUser && currentUser.get("staff");
|
|
||||||
},
|
|
||||||
|
|
||||||
canUnlistTopic: Ember.computed.and("model.creatingTopic", "isStaffUser"),
|
canUnlistTopic: Ember.computed.and("model.creatingTopic", "isStaffUser"),
|
||||||
|
|
||||||
|
|
|
@ -54,7 +54,16 @@ const User = RestModel.extend({
|
||||||
return UserDraftsStream.create({ user: this });
|
return UserDraftsStream.create({ user: this });
|
||||||
},
|
},
|
||||||
|
|
||||||
staff: Ember.computed.or("admin", "moderator"),
|
staff: Ember.computed("admin", "moderator", {
|
||||||
|
get() {
|
||||||
|
return this.admin || this.moderator;
|
||||||
|
},
|
||||||
|
|
||||||
|
// prevents staff property to be overridden
|
||||||
|
set() {
|
||||||
|
return this.admin || this.moderator;
|
||||||
|
}
|
||||||
|
}),
|
||||||
|
|
||||||
destroySession() {
|
destroySession() {
|
||||||
return ajax(`/session/${this.username}`, { type: "DELETE" });
|
return ajax(`/session/${this.username}`, { type: "DELETE" });
|
||||||
|
|
|
@ -14,7 +14,7 @@ acceptance("Poll Builder - polls are disabled", {
|
||||||
});
|
});
|
||||||
|
|
||||||
test("regular user - sufficient trust level", assert => {
|
test("regular user - sufficient trust level", assert => {
|
||||||
updateCurrentUser({ staff: false, trust_level: 3 });
|
updateCurrentUser({ moderator: false, admin: false, trust_level: 3 });
|
||||||
|
|
||||||
displayPollBuilderButton();
|
displayPollBuilderButton();
|
||||||
|
|
||||||
|
@ -27,7 +27,7 @@ test("regular user - sufficient trust level", assert => {
|
||||||
});
|
});
|
||||||
|
|
||||||
test("regular user - insufficient trust level", assert => {
|
test("regular user - insufficient trust level", assert => {
|
||||||
updateCurrentUser({ staff: false, trust_level: 1 });
|
updateCurrentUser({ moderator: false, admin: false, trust_level: 1 });
|
||||||
|
|
||||||
displayPollBuilderButton();
|
displayPollBuilderButton();
|
||||||
|
|
||||||
|
@ -40,7 +40,7 @@ test("regular user - insufficient trust level", assert => {
|
||||||
});
|
});
|
||||||
|
|
||||||
test("staff", assert => {
|
test("staff", assert => {
|
||||||
updateCurrentUser({ staff: true });
|
updateCurrentUser({ moderator: true });
|
||||||
|
|
||||||
displayPollBuilderButton();
|
displayPollBuilderButton();
|
||||||
|
|
||||||
|
|
|
@ -14,7 +14,7 @@ acceptance("Poll Builder - polls are enabled", {
|
||||||
});
|
});
|
||||||
|
|
||||||
test("regular user - sufficient trust level", assert => {
|
test("regular user - sufficient trust level", assert => {
|
||||||
updateCurrentUser({ staff: false, trust_level: 1 });
|
updateCurrentUser({ moderator: false, admin: false, trust_level: 1 });
|
||||||
|
|
||||||
displayPollBuilderButton();
|
displayPollBuilderButton();
|
||||||
|
|
||||||
|
@ -27,7 +27,7 @@ test("regular user - sufficient trust level", assert => {
|
||||||
});
|
});
|
||||||
|
|
||||||
test("regular user - insufficient trust level", assert => {
|
test("regular user - insufficient trust level", assert => {
|
||||||
updateCurrentUser({ staff: false, trust_level: 0 });
|
updateCurrentUser({ moderator: false, admin: false, trust_level: 0 });
|
||||||
|
|
||||||
displayPollBuilderButton();
|
displayPollBuilderButton();
|
||||||
|
|
||||||
|
@ -40,7 +40,7 @@ test("regular user - insufficient trust level", assert => {
|
||||||
});
|
});
|
||||||
|
|
||||||
test("staff - with insufficient trust level", assert => {
|
test("staff - with insufficient trust level", assert => {
|
||||||
updateCurrentUser({ staff: true, trust_level: 0 });
|
updateCurrentUser({ moderator: true, trust_level: 0 });
|
||||||
|
|
||||||
displayPollBuilderButton();
|
displayPollBuilderButton();
|
||||||
|
|
||||||
|
|
|
@ -305,7 +305,7 @@ QUnit.test("replying to post - toggle_topic_bump", async assert => {
|
||||||
QUnit.test("replying to post as staff", async assert => {
|
QUnit.test("replying to post as staff", async assert => {
|
||||||
const composerActions = selectKit(".composer-actions");
|
const composerActions = selectKit(".composer-actions");
|
||||||
|
|
||||||
updateCurrentUser({ staff: true, admin: false });
|
updateCurrentUser({ admin: true });
|
||||||
await visit("/t/internationalization-localization/280");
|
await visit("/t/internationalization-localization/280");
|
||||||
await click("article#post_3 button.reply");
|
await click("article#post_3 button.reply");
|
||||||
await composerActions.expand();
|
await composerActions.expand();
|
||||||
|
@ -317,7 +317,7 @@ QUnit.test("replying to post as staff", async assert => {
|
||||||
QUnit.test("replying to post as TL3 user", async assert => {
|
QUnit.test("replying to post as TL3 user", async assert => {
|
||||||
const composerActions = selectKit(".composer-actions");
|
const composerActions = selectKit(".composer-actions");
|
||||||
|
|
||||||
updateCurrentUser({ staff: false, admin: false, trust_level: 3 });
|
updateCurrentUser({ moderator: false, admin: false, trust_level: 3 });
|
||||||
await visit("/t/internationalization-localization/280");
|
await visit("/t/internationalization-localization/280");
|
||||||
await click("article#post_3 button.reply");
|
await click("article#post_3 button.reply");
|
||||||
await composerActions.expand();
|
await composerActions.expand();
|
||||||
|
@ -335,7 +335,7 @@ QUnit.test("replying to post as TL3 user", async assert => {
|
||||||
QUnit.test("replying to post as TL4 user", async assert => {
|
QUnit.test("replying to post as TL4 user", async assert => {
|
||||||
const composerActions = selectKit(".composer-actions");
|
const composerActions = selectKit(".composer-actions");
|
||||||
|
|
||||||
updateCurrentUser({ staff: false, admin: false, trust_level: 4 });
|
updateCurrentUser({ moderator: false, admin: false, trust_level: 4 });
|
||||||
await visit("/t/internationalization-localization/280");
|
await visit("/t/internationalization-localization/280");
|
||||||
await click("article#post_3 button.reply");
|
await click("article#post_3 button.reply");
|
||||||
await composerActions.expand();
|
await composerActions.expand();
|
||||||
|
|
|
@ -156,7 +156,7 @@ acceptance("Composer topic featured links when uncategorized is not allowed", {
|
||||||
});
|
});
|
||||||
|
|
||||||
QUnit.test("Pasting a link enables the text input area", async assert => {
|
QUnit.test("Pasting a link enables the text input area", async assert => {
|
||||||
updateCurrentUser({ admin: false, staff: false, trust_level: 1 });
|
updateCurrentUser({ moderator: false, admin: false, trust_level: 1 });
|
||||||
|
|
||||||
await visit("/");
|
await visit("/");
|
||||||
await click("#create-topic");
|
await click("#create-topic");
|
||||||
|
|
|
@ -18,7 +18,7 @@ acceptance("Composer and uncategorized is not allowed", {
|
||||||
});
|
});
|
||||||
|
|
||||||
QUnit.test("Disable body until category is selected", async assert => {
|
QUnit.test("Disable body until category is selected", async assert => {
|
||||||
updateCurrentUser({ admin: false, staff: false, trust_level: 1 });
|
updateCurrentUser({ moderator: false, admin: false, trust_level: 1 });
|
||||||
|
|
||||||
await visit("/");
|
await visit("/");
|
||||||
await click("#create-topic");
|
await click("#create-topic");
|
||||||
|
|
|
@ -26,7 +26,7 @@ QUnit.test("shows banner when required", async assert => {
|
||||||
"alert is displayed when email disabled for non-staff"
|
"alert is displayed when email disabled for non-staff"
|
||||||
);
|
);
|
||||||
|
|
||||||
updateCurrentUser({ staff: true, moderator: true });
|
updateCurrentUser({ moderator: true });
|
||||||
await visit("/");
|
await visit("/");
|
||||||
assert.ok(
|
assert.ok(
|
||||||
exists(".alert-emails-disabled"),
|
exists(".alert-emails-disabled"),
|
||||||
|
|
|
@ -35,7 +35,7 @@ QUnit.test("as an admin", async assert => {
|
||||||
});
|
});
|
||||||
|
|
||||||
QUnit.test("as a user", async assert => {
|
QUnit.test("as a user", async assert => {
|
||||||
updateCurrentUser({ staff: false, admin: false });
|
updateCurrentUser({ moderator: false, admin: false });
|
||||||
|
|
||||||
await visit("/u/eviltrout/preferences/second-factor");
|
await visit("/u/eviltrout/preferences/second-factor");
|
||||||
Discourse.SiteSettings.enforce_second_factor = "all";
|
Discourse.SiteSettings.enforce_second_factor = "all";
|
||||||
|
@ -59,7 +59,7 @@ QUnit.test("as a user", async assert => {
|
||||||
});
|
});
|
||||||
|
|
||||||
QUnit.test("as an anonymous user", async assert => {
|
QUnit.test("as an anonymous user", async assert => {
|
||||||
updateCurrentUser({ staff: false, admin: false, is_anonymous: true });
|
updateCurrentUser({ moderator: false, admin: false, is_anonymous: true });
|
||||||
|
|
||||||
await visit("/u/eviltrout/preferences/second-factor");
|
await visit("/u/eviltrout/preferences/second-factor");
|
||||||
Discourse.SiteSettings.enforce_second_factor = "all";
|
Discourse.SiteSettings.enforce_second_factor = "all";
|
||||||
|
|
|
@ -26,7 +26,7 @@ QUnit.test("Viewing Members as anon user", async assert => {
|
||||||
acceptance("Group Members", { loggedIn: true });
|
acceptance("Group Members", { loggedIn: true });
|
||||||
|
|
||||||
QUnit.test("Viewing Members as a group owner", async assert => {
|
QUnit.test("Viewing Members as a group owner", async assert => {
|
||||||
updateCurrentUser({ admin: false, staff: false });
|
updateCurrentUser({ moderator: false, admin: false });
|
||||||
|
|
||||||
await visit("/g/discourse");
|
await visit("/g/discourse");
|
||||||
await click(".group-members-add");
|
await click(".group-members-add");
|
||||||
|
|
|
@ -42,7 +42,7 @@ QUnit.test("As an admin", async assert => {
|
||||||
});
|
});
|
||||||
|
|
||||||
QUnit.test("As a group owner", async assert => {
|
QUnit.test("As a group owner", async assert => {
|
||||||
updateCurrentUser({ admin: false, staff: false });
|
updateCurrentUser({ moderator: false, admin: false });
|
||||||
await visit("/g/discourse/manage/interaction");
|
await visit("/g/discourse/manage/interaction");
|
||||||
|
|
||||||
assert.equal(
|
assert.equal(
|
||||||
|
|
|
@ -68,7 +68,7 @@ QUnit.test("As an admin", async assert => {
|
||||||
});
|
});
|
||||||
|
|
||||||
QUnit.test("As a group owner", async assert => {
|
QUnit.test("As a group owner", async assert => {
|
||||||
updateCurrentUser({ staff: false, admin: false });
|
updateCurrentUser({ moderator: false, admin: false });
|
||||||
|
|
||||||
await visit("/g/discourse/manage/membership");
|
await visit("/g/discourse/manage/membership");
|
||||||
|
|
||||||
|
|
|
@ -34,7 +34,7 @@ QUnit.test("As an admin", async assert => {
|
||||||
});
|
});
|
||||||
|
|
||||||
QUnit.test("As a group owner", async assert => {
|
QUnit.test("As a group owner", async assert => {
|
||||||
updateCurrentUser({ staff: false, admin: false });
|
updateCurrentUser({ moderator: false, admin: false });
|
||||||
|
|
||||||
await visit("/g/discourse/manage/profile");
|
await visit("/g/discourse/manage/profile");
|
||||||
|
|
||||||
|
|
|
@ -156,7 +156,7 @@ test("new topic button is not available for staff-only tags", async assert => {
|
||||||
}
|
}
|
||||||
]);
|
]);
|
||||||
|
|
||||||
updateCurrentUser({ staff: false });
|
updateCurrentUser({ moderator: false, admin: false });
|
||||||
|
|
||||||
await visit("/tags/regular-tag");
|
await visit("/tags/regular-tag");
|
||||||
assert.ok(find("#create-topic:disabled").length === 0);
|
assert.ok(find("#create-topic:disabled").length === 0);
|
||||||
|
@ -164,7 +164,7 @@ test("new topic button is not available for staff-only tags", async assert => {
|
||||||
await visit("/tags/staff-only-tag");
|
await visit("/tags/staff-only-tag");
|
||||||
assert.ok(find("#create-topic:disabled").length === 1);
|
assert.ok(find("#create-topic:disabled").length === 1);
|
||||||
|
|
||||||
updateCurrentUser({ staff: true });
|
updateCurrentUser({ moderator: true });
|
||||||
|
|
||||||
await visit("/tags/regular-tag");
|
await visit("/tags/regular-tag");
|
||||||
assert.ok(find("#create-topic:disabled").length === 0);
|
assert.ok(find("#create-topic:disabled").length === 0);
|
||||||
|
|
|
@ -20,7 +20,7 @@ acceptance("Topic - Edit timer", {
|
||||||
});
|
});
|
||||||
|
|
||||||
QUnit.test("default", async assert => {
|
QUnit.test("default", async assert => {
|
||||||
updateCurrentUser({ admin: true, staff: true, canManageTopic: true });
|
updateCurrentUser({ moderator: true, canManageTopic: true });
|
||||||
const timerType = selectKit(".select-kit.timer-type");
|
const timerType = selectKit(".select-kit.timer-type");
|
||||||
const futureDateInputSelector = selectKit(".future-date-input-selector");
|
const futureDateInputSelector = selectKit(".future-date-input-selector");
|
||||||
|
|
||||||
|
@ -41,7 +41,7 @@ QUnit.test("default", async assert => {
|
||||||
});
|
});
|
||||||
|
|
||||||
QUnit.test("autoclose - specific time", async assert => {
|
QUnit.test("autoclose - specific time", async assert => {
|
||||||
updateCurrentUser({ admin: true, staff: true, canManageTopic: true });
|
updateCurrentUser({ moderator: true, canManageTopic: true });
|
||||||
const futureDateInputSelector = selectKit(".future-date-input-selector");
|
const futureDateInputSelector = selectKit(".future-date-input-selector");
|
||||||
|
|
||||||
await visit("/t/internationalization-localization");
|
await visit("/t/internationalization-localization");
|
||||||
|
@ -62,7 +62,7 @@ QUnit.test("autoclose - specific time", async assert => {
|
||||||
});
|
});
|
||||||
|
|
||||||
QUnit.test("autoclose", async assert => {
|
QUnit.test("autoclose", async assert => {
|
||||||
updateCurrentUser({ admin: true, staff: true, canManageTopic: true });
|
updateCurrentUser({ moderator: true, canManageTopic: true });
|
||||||
const futureDateInputSelector = selectKit(".future-date-input-selector");
|
const futureDateInputSelector = selectKit(".future-date-input-selector");
|
||||||
|
|
||||||
await visit("/t/internationalization-localization");
|
await visit("/t/internationalization-localization");
|
||||||
|
@ -117,7 +117,7 @@ QUnit.test("autoclose", async assert => {
|
||||||
});
|
});
|
||||||
|
|
||||||
QUnit.test("close temporarily", async assert => {
|
QUnit.test("close temporarily", async assert => {
|
||||||
updateCurrentUser({ admin: true, staff: true, canManageTopic: true });
|
updateCurrentUser({ moderator: true, canManageTopic: true });
|
||||||
const timerType = selectKit(".select-kit.timer-type");
|
const timerType = selectKit(".select-kit.timer-type");
|
||||||
const futureDateInputSelector = selectKit(".future-date-input-selector");
|
const futureDateInputSelector = selectKit(".future-date-input-selector");
|
||||||
|
|
||||||
|
@ -159,7 +159,7 @@ QUnit.test("close temporarily", async assert => {
|
||||||
});
|
});
|
||||||
|
|
||||||
QUnit.test("schedule", async assert => {
|
QUnit.test("schedule", async assert => {
|
||||||
updateCurrentUser({ admin: true, staff: true, canManageTopic: true });
|
updateCurrentUser({ moderator: true, canManageTopic: true });
|
||||||
const timerType = selectKit(".select-kit.timer-type");
|
const timerType = selectKit(".select-kit.timer-type");
|
||||||
const categoryChooser = selectKit(".modal-body .category-chooser");
|
const categoryChooser = selectKit(".modal-body .category-chooser");
|
||||||
const futureDateInputSelector = selectKit(".future-date-input-selector");
|
const futureDateInputSelector = selectKit(".future-date-input-selector");
|
||||||
|
@ -194,7 +194,7 @@ QUnit.test("schedule", async assert => {
|
||||||
});
|
});
|
||||||
|
|
||||||
QUnit.test("TL4 can't auto-delete", async assert => {
|
QUnit.test("TL4 can't auto-delete", async assert => {
|
||||||
updateCurrentUser({ staff: false, trust_level: 4 });
|
updateCurrentUser({ moderator: false, admin: false, trust_level: 4 });
|
||||||
|
|
||||||
await visit("/t/internationalization-localization");
|
await visit("/t/internationalization-localization");
|
||||||
await click(".toggle-admin-menu");
|
await click(".toggle-admin-menu");
|
||||||
|
@ -208,7 +208,7 @@ QUnit.test("TL4 can't auto-delete", async assert => {
|
||||||
});
|
});
|
||||||
|
|
||||||
QUnit.test("auto delete", async assert => {
|
QUnit.test("auto delete", async assert => {
|
||||||
updateCurrentUser({ admin: true, staff: true, canManageTopic: true });
|
updateCurrentUser({ moderator: true, canManageTopic: true });
|
||||||
const timerType = selectKit(".select-kit.timer-type");
|
const timerType = selectKit(".select-kit.timer-type");
|
||||||
const futureDateInputSelector = selectKit(".future-date-input-selector");
|
const futureDateInputSelector = selectKit(".future-date-input-selector");
|
||||||
|
|
||||||
|
@ -238,7 +238,7 @@ QUnit.test("auto delete", async assert => {
|
||||||
QUnit.test(
|
QUnit.test(
|
||||||
"Manually closing before the timer will clear the status text",
|
"Manually closing before the timer will clear the status text",
|
||||||
async assert => {
|
async assert => {
|
||||||
updateCurrentUser({ admin: true, staff: true, canManageTopic: true });
|
updateCurrentUser({ moderator: true, canManageTopic: true });
|
||||||
const futureDateInputSelector = selectKit(".future-date-input-selector");
|
const futureDateInputSelector = selectKit(".future-date-input-selector");
|
||||||
|
|
||||||
await visit("/t/internationalization-localization");
|
await visit("/t/internationalization-localization");
|
||||||
|
@ -265,7 +265,7 @@ QUnit.test(
|
||||||
);
|
);
|
||||||
|
|
||||||
QUnit.test("Inline delete timer", async assert => {
|
QUnit.test("Inline delete timer", async assert => {
|
||||||
updateCurrentUser({ admin: true, staff: true, canManageTopic: true });
|
updateCurrentUser({ moderator: true, canManageTopic: true });
|
||||||
const futureDateInputSelector = selectKit(".future-date-input-selector");
|
const futureDateInputSelector = selectKit(".future-date-input-selector");
|
||||||
|
|
||||||
await visit("/t/internationalization-localization");
|
await visit("/t/internationalization-localization");
|
||||||
|
|
|
@ -537,7 +537,7 @@ QUnit.test(
|
||||||
posts: [post, { id: 3 }, { id: 4 }]
|
posts: [post, { id: 3 }, { id: 4 }]
|
||||||
});
|
});
|
||||||
|
|
||||||
const currentUser = Ember.Object.create({ staff: true });
|
const currentUser = Ember.Object.create({ moderator: true });
|
||||||
const model = Topic.create({ postStream });
|
const model = Topic.create({ postStream });
|
||||||
const controller = this.subject({ model, currentUser });
|
const controller = this.subject({ model, currentUser });
|
||||||
|
|
||||||
|
|
|
@ -54,7 +54,7 @@ QUnit.test("updateFromPost", assert => {
|
||||||
});
|
});
|
||||||
|
|
||||||
QUnit.test("destroy by staff", assert => {
|
QUnit.test("destroy by staff", assert => {
|
||||||
var user = Discourse.User.create({ username: "staff", staff: true }),
|
var user = Discourse.User.create({ username: "staff", moderator: true }),
|
||||||
post = buildPost({ user: user });
|
post = buildPost({ user: user });
|
||||||
|
|
||||||
post.destroy(user);
|
post.destroy(user);
|
||||||
|
|
|
@ -53,7 +53,7 @@ widgetTest("staff menu", {
|
||||||
|
|
||||||
beforeEach() {
|
beforeEach() {
|
||||||
this.currentUser.setProperties({
|
this.currentUser.setProperties({
|
||||||
staff: true,
|
moderator: true,
|
||||||
reviewable_count: 3
|
reviewable_count: 3
|
||||||
});
|
});
|
||||||
},
|
},
|
||||||
|
@ -70,7 +70,7 @@ widgetTest("staff menu - admin", {
|
||||||
template: '{{mount-widget widget="hamburger-menu"}}',
|
template: '{{mount-widget widget="hamburger-menu"}}',
|
||||||
|
|
||||||
beforeEach() {
|
beforeEach() {
|
||||||
this.currentUser.setProperties({ staff: true, admin: true });
|
this.currentUser.setProperties({ admin: true });
|
||||||
},
|
},
|
||||||
|
|
||||||
test(assert) {
|
test(assert) {
|
||||||
|
@ -83,7 +83,7 @@ widgetTest("reviewable content", {
|
||||||
|
|
||||||
beforeEach() {
|
beforeEach() {
|
||||||
this.currentUser.setProperties({
|
this.currentUser.setProperties({
|
||||||
staff: true,
|
moderator: true,
|
||||||
reviewable_count: 5
|
reviewable_count: 5
|
||||||
});
|
});
|
||||||
},
|
},
|
||||||
|
|
|
@ -579,7 +579,7 @@ widgetTest("toggle moderator post", {
|
||||||
template:
|
template:
|
||||||
'{{mount-widget widget="post" args=args togglePostType=(action "togglePostType")}}',
|
'{{mount-widget widget="post" args=args togglePostType=(action "togglePostType")}}',
|
||||||
beforeEach() {
|
beforeEach() {
|
||||||
this.currentUser.set("staff", true);
|
this.currentUser.set("moderator", true);
|
||||||
this.set("args", { canManage: true });
|
this.set("args", { canManage: true });
|
||||||
this.on("togglePostType", () => (this.toggled = true));
|
this.on("togglePostType", () => (this.toggled = true));
|
||||||
},
|
},
|
||||||
|
@ -595,7 +595,7 @@ widgetTest("toggle moderator post", {
|
||||||
template:
|
template:
|
||||||
'{{mount-widget widget="post" args=args togglePostType=(action "togglePostType")}}',
|
'{{mount-widget widget="post" args=args togglePostType=(action "togglePostType")}}',
|
||||||
beforeEach() {
|
beforeEach() {
|
||||||
this.currentUser.set("staff", true);
|
this.currentUser.set("moderator", true);
|
||||||
this.set("args", { canManage: true });
|
this.set("args", { canManage: true });
|
||||||
this.on("togglePostType", () => (this.toggled = true));
|
this.on("togglePostType", () => (this.toggled = true));
|
||||||
},
|
},
|
||||||
|
|
Loading…
Reference in New Issue
Block a user