github-mirror/discourse
github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-22 01:47:24 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
discourse/app/models/topic_converter.rb
Penar Musaraj 102909edb3 FEATURE: Add support for secure media (#7888) 
This PR introduces a new secure media setting. When enabled, it prevent unathorized access to media uploads (files of type image, video and audio). When the `login_required` setting is enabled, then all media uploads will be protected from unauthorized (anonymous) access. When `login_required`is disabled, only media in private messages will be protected from unauthorized access. 

A few notes: 

- the `prevent_anons_from_downloading_files` setting no longer applies to audio and video uploads
- the `secure_media` setting can only be enabled if S3 uploads are already enabled and configured
- upload records have a new column, `secure`, which is a boolean `true/false` of the upload's secure status
- when creating a public post with an upload that has already been uploaded and is marked as secure, the post creator will raise an error
- when enabling or disabling the setting on a site with existing uploads, the rake task `uploads:ensure_correct_acl` should be used to update all uploads' secure status and their ACL on S3
2019-11-18 11:25:42 +10:00

109 lines
3.0 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
class TopicConverter
attr_reader :topic
def initialize(topic, user)
@topic = topic
@user = user
end
def convert_to_public_topic(category_id = nil)
Topic.transaction do
category_id =
if category_id
category_id
elsif SiteSetting.allow_uncategorized_topics
SiteSetting.uncategorized_category_id
else
Category.where(read_restricted: false)
.where.not(id: SiteSetting.uncategorized_category_id)
.order('id asc')
.pluck_first(:id)
end
PostRevisor.new(@topic.first_post, @topic).revise!(
@user,
category_id: category_id,
archetype: Archetype.default
)
update_user_stats
update_post_uploads_secure_status
Jobs.enqueue(:topic_action_converter, topic_id: @topic.id)
Jobs.enqueue(:delete_inaccessible_notifications, topic_id: @topic.id)
watch_topic(topic)
end
@topic
end
def convert_to_private_message
Topic.transaction do
@topic.update_category_topic_count_by(-1)
PostRevisor.new(@topic.first_post, @topic).revise!(
@user,
category_id: nil,
archetype: Archetype.private_message
)
add_allowed_users
update_post_uploads_secure_status
Jobs.enqueue(:topic_action_converter, topic_id: @topic.id)
Jobs.enqueue(:delete_inaccessible_notifications, topic_id: @topic.id)
watch_topic(topic)
end
@topic
end
private
def update_user_stats
@topic.posts.where(deleted_at: nil).each do |p|
user = User.find(p.user_id)
# update posts count. NOTE that DirectoryItem.refresh will overwrite this by counting UserAction records.
user.user_stat.post_count += 1
user.user_stat.save!
end
# update topics count
@topic.user.user_stat.topic_count += 1
@topic.user.user_stat.save!
end
def add_allowed_users
@topic.posts.where(deleted_at: nil).each do |p|
user = User.find(p.user_id)
@topic.topic_allowed_users.build(user_id: user.id) unless @topic.topic_allowed_users.where(user_id: user.id).exists?
# update posts count. NOTE that DirectoryItem.refresh will overwrite this by counting UserAction records.
user.user_stat.post_count -= 1
user.user_stat.save!
end
@topic.topic_allowed_users.build(user_id: @user.id) unless @topic.topic_allowed_users.where(user_id: @user.id).exists?
@topic.topic_allowed_users = @topic.topic_allowed_users.uniq(&:user_id)
# update topics count
@topic.user.user_stat.topic_count -= 1
@topic.user.user_stat.save!
@topic.save!
end
def watch_topic(topic)
@topic.notifier.watch_topic!(topic.user_id)
@topic.reload.topic_allowed_users.each do |tau|
next if tau.user_id < 0 || tau.user_id == topic.user_id
topic.notifier.watch!(tau.user_id)
end
end
def update_post_uploads_secure_status
@topic.posts.each do |post|
next if post.uploads.empty?
post.update_uploads_secure_status
post.rebake!
end
end
end
Reference in New Issue View Git Blame Copy Permalink