discourse/lib/guardian/user_guardian.rb
Régis Hanol bddffa7f9a FEATURE: flag dispositions normalization
All flags should end up in one of the three dispositions
  - Agree
  - Disagree
  - Defer

In the administration area, the *active* flags section displays 4 buttons
  - Agree (hide post + send PM)
  - Disagree
  - Defer
  - Delete

Clicking "Delete" will open a modal that offer to
  - Delete Post & Defer Flags
  - Delete Post & Agree with Flags
  - Delete Spammer (if available)

When the flag has a list associated, the list will now display 1
response and 1 reply and a "show more..." link if there are more in the
conversation. Replying to the conversation will NOT give a disposition.
Moderators must click the buttons that does that.

If someone clicks one buttons, this will add a default moderator message
from that moderator saying what happened.

The *old* flags section now displays the proper dispositions and is
super duper fast (no more N+9999 queries).

FIX: the old list includes deleted topics
FIX: the lists now properly display the topic states (deleted, closed,
archived, hidden, PM)
FIX: flagging a topic that you've already flagged the first post
2014-07-28 19:28:07 +02:00

47 lines
1.3 KiB
Ruby

# mixin for all Guardian methods dealing with user permissions
module UserGuardian
def can_edit_user?(user)
is_me?(user) || is_staff?
end
def can_edit_username?(user)
return false if (SiteSetting.sso_overrides_username? && SiteSetting.enable_sso?)
return true if is_staff?
return false if SiteSetting.username_change_period <= 0
is_me?(user) && (user.post_count == 0 || user.created_at > SiteSetting.username_change_period.days.ago)
end
def can_edit_email?(user)
return false if (SiteSetting.sso_overrides_email? && SiteSetting.enable_sso?)
return true if is_staff?
return false unless SiteSetting.email_editable?
can_edit?(user)
end
def can_edit_name?(user)
return false if not(SiteSetting.enable_names?)
return false if (SiteSetting.sso_overrides_name? && SiteSetting.enable_sso?)
return true if is_staff?
can_edit?(user)
end
def can_block_user?(user)
user && is_staff? && not(user.staff?)
end
def can_unblock_user?(user)
user && is_staff?
end
def can_delete_user?(user)
return false if user.nil? || user.admin?
if is_me?(user)
user.post_count <= 1
else
is_staff? && (user.first_post_created_at.nil? || user.first_post_created_at > SiteSetting.delete_user_max_post_age.to_i.days.ago)
end
end
end