mirror of
https://github.com/discourse/discourse.git
synced 2024-12-13 16:43:45 +08:00
30990006a9
This reduces chances of errors where consumers of strings mutate inputs and reduces memory usage of the app. Test suite passes now, but there may be some stuff left, so we will run a few sites on a branch prior to merging
23 lines
641 B
Ruby
23 lines
641 B
Ruby
# frozen_string_literal: true
|
|
|
|
#mixin for all guardian methods dealing with group permissions
|
|
module GroupGuardian
|
|
|
|
# Edit authority for groups means membership changes only.
|
|
# Automatic groups are not represented in the GROUP_USERS
|
|
# table and thus do not allow membership changes.
|
|
def can_edit_group?(group)
|
|
!group.automatic && can_log_group_changes?(group)
|
|
end
|
|
|
|
def can_log_group_changes?(group)
|
|
(is_admin? || group.users.where('group_users.owner').include?(user))
|
|
end
|
|
|
|
def can_see_group_messages?(group)
|
|
SiteSetting.enable_personal_messages? && (
|
|
is_admin? || group.users.include?(user)
|
|
)
|
|
end
|
|
end
|