From e68e97d986dc5f881f1c33617a3d6bab5cab1dae Mon Sep 17 00:00:00 2001 From: Neil Lalonde Date: Mon, 12 May 2014 15:26:36 -0400 Subject: [PATCH] FIX: moderators can't see private topics that they aren't invited to see. --- app/models/post_action.rb | 12 +++++++++--- lib/guardian/topic_guardian.rb | 4 ++-- spec/components/guardian_spec.rb | 9 +++++++++ spec/components/post_creator_spec.rb | 8 ++++---- spec/components/topic_view_spec.rb | 8 ++++---- spec/models/post_action_spec.rb | 5 +++++ 6 files changed, 33 insertions(+), 13 deletions(-) diff --git a/app/models/post_action.rb b/app/models/post_action.rb index eb317f9f11a..0096a5df3c3 100644 --- a/app/models/post_action.rb +++ b/app/models/post_action.rb @@ -96,9 +96,15 @@ class PostAction < ActiveRecord::Base return unless opts[:message] && [:notify_moderators, :notify_user].include?(post_action_type) - # this is a hack to allow a PM with no reciepients, we should think through - # a cleaner technique, a PM with myself is valid for flagging - target_usernames = post_action_type == :notify_user ? post.user.username : "x" + target_usernames = if post_action_type == :notify_user + post.user.username + elsif post_action_type == :notify_moderators + User.moderators.pluck(:username) + else + # this is a hack to allow a PM with no reciepients, we should think through + # a cleaner technique, a PM with myself is valid for flagging + 'x' + end title = I18n.t("post_action_types.#{post_action_type}.email_title", title: post.topic.title) diff --git a/lib/guardian/topic_guardian.rb b/lib/guardian/topic_guardian.rb index 2885f5553c5..ed0d8ad9053 100644 --- a/lib/guardian/topic_guardian.rb +++ b/lib/guardian/topic_guardian.rb @@ -46,7 +46,7 @@ module TopicGuardian def can_see_topic?(topic) return false unless topic - return true if is_staff? + return true if is_admin? return false if topic.deleted_at # NOTE @@ -56,7 +56,7 @@ module TopicGuardian # not secure, or I can see it (not(topic.read_restricted_category?) || can_see_category?(topic.category)) && # not private, or I am allowed (or is staff) - (not(topic.private_message?) || (authenticated? && (is_staff? || topic.all_allowed_users.where(id: @user.id).exists?))) + (not(topic.private_message?) || (authenticated? && (is_admin? || topic.all_allowed_users.where(id: @user.id).exists?))) end end diff --git a/spec/components/guardian_spec.rb b/spec/components/guardian_spec.rb index 0a89456beea..78877277185 100644 --- a/spec/components/guardian_spec.rb +++ b/spec/components/guardian_spec.rb @@ -301,6 +301,15 @@ describe Guardian do Guardian.new(user).can_see?(topic).should be_true end + + it "restricts private topics" do + user.save! + private_topic = Fabricate(:private_message_topic, user: user) + Guardian.new(private_topic.user).can_see?(private_topic).should be_true + Guardian.new(build(:user)).can_see?(private_topic).should be_false + Guardian.new(moderator).can_see?(private_topic).should be_false + Guardian.new(admin).can_see?(private_topic).should be_true + end end describe 'a Post' do diff --git a/spec/components/post_creator_spec.rb b/spec/components/post_creator_spec.rb index d9b939f0572..45a880c2bf5 100644 --- a/spec/components/post_creator_spec.rb +++ b/spec/components/post_creator_spec.rb @@ -338,13 +338,13 @@ describe PostCreator do unrelated.notifications.count.should == 0 post.topic.subtype.should == TopicSubtype.user_to_user - # if a mod replies they should be added to the allowed user list - mod = Fabricate(:moderator) - PostCreator.create(mod, raw: 'hi there welcome topic, I am a mod', + # if an admin replies they should be added to the allowed user list + admin = Fabricate(:admin) + PostCreator.create(admin, raw: 'hi there welcome topic, I am a mod', topic_id: post.topic_id) post.topic.reload - post.topic.topic_allowed_users.where(user_id: mod.id).count.should == 1 + post.topic.topic_allowed_users.where(user_id: admin.id).count.should == 1 end end diff --git a/spec/components/topic_view_spec.rb b/spec/components/topic_view_spec.rb index f1675a33d5b..dc20826c087 100644 --- a/spec/components/topic_view_spec.rb +++ b/spec/components/topic_view_spec.rb @@ -19,10 +19,10 @@ describe TopicView do end it "handles deleted topics" do - topic.trash!(coding_horror) - lambda { TopicView.new(topic.id, coding_horror) }.should raise_error(Discourse::NotFound) - coding_horror.stubs(:staff?).returns(true) - lambda { TopicView.new(topic.id, coding_horror) }.should_not raise_error + admin = Fabricate(:admin) + topic.trash!(admin) + lambda { TopicView.new(topic.id, Fabricate(:user)) }.should raise_error(Discourse::NotFound) + lambda { TopicView.new(topic.id, admin) }.should_not raise_error end diff --git a/spec/models/post_action_spec.rb b/spec/models/post_action_spec.rb index 82cc5c0df48..0697130f5a2 100644 --- a/spec/models/post_action_spec.rb +++ b/spec/models/post_action_spec.rb @@ -29,6 +29,11 @@ describe PostAction do action.related_post_id.should == posts[0].id.to_i posts[0].subtype.should == TopicSubtype.notify_moderators + # Moderators should be invited to the private topic, otherwise they're not permitted to see it + topic_user_ids = posts[0].topic.topic_users.map {|x| x.user_id} + topic_user_ids.should include(codinghorror.id) + topic_user_ids.should include(mod.id) + # reply to PM should clear flag p = PostCreator.new(mod, topic_id: posts[0].topic_id, raw: "This is my test reply to the user, it should clear flags") p.create