discourse/lib
Linca 741e9d70ad
FIX: Don't show move topic for private messages for TL4 ()
In TopicController, in addition to ensure_can_move_posts!, we also
checked if the topic is private message in this line:

```ruby
raise Discourse::InvalidAccess if params[:archetype] == "private_message" && !guardian.is_staff?
```

However, this was not present in `guardian.can_move_posts?`. As a result,
the frontend topic view got an incorrect serialized result, thinking
that TL4 could move the private message post. In fact, once they tried
to move it, they got the `InvalidAccess` error message.

This commit fixes that TL4 will no longer sees the "move to" option in
the "select post" panel for a private message.
2024-09-16 11:30:05 +08:00
..
action_dispatch/session
active_support_type_extensions DEV: Refactor suspend/silence user services 2024-09-12 10:28:48 +02:00
auth DEV: Include a basic oauth faraday formatter in core for usage in managed authenticators () 2024-09-05 22:29:29 +08:00
autospec DEV: Update to lastest rubocop-discourse 2024-05-27 18:06:14 +02:00
backup_restore DEV: Resolve TODO comments for martin-brennan 2024-07-01 15:32:30 +10:00
common_passwords
compression DEV: Fix Lint/ShadowedArgument () 2023-12-06 13:16:10 +01:00
content_security_policy DEV: Remove unsafe_eval from test/theme-test CSP () 2024-09-06 13:28:33 +02:00
demon FIX: Ensure we dispose of MiniRacer::Context before forking daemons () 2024-08-14 12:45:34 +08:00
discourse_dev DEV: Fix various rubocop lints () 2023-12-06 23:25:00 +01:00
discourse_webauthn DEV: Add routes and controller actions for passkeys (2/3) () 2023-10-11 14:36:54 -04:00
email FEATURE: email attachments in a details () 2024-07-10 09:59:27 +02:00
email_controller_helper DEV: Update to lastest rubocop-discourse 2024-05-27 18:06:14 +02:00
emoji
faker
file_store FIX: Open file handles 'just in time' during s3 migration () 2024-09-09 18:39:26 +01:00
final_destination SECURITY: Add FastImage SSRF safe freedom patch 2024-07-03 20:49:15 +08:00
freedom_patches PERF: Don't do initialization for every DB if RAILS_DB is set () 2024-09-03 15:56:46 +10:00
generators DEV: Improve site setting rename generator () 2024-01-25 10:45:46 +10:00
guardian FIX: Don't show move topic for private messages for TL4 () 2024-09-16 11:30:05 +08:00
i18n DEV: Enable Rails 7.1 defaults 2024-08-12 10:41:13 +02:00
imap DEV: Fix various rubocop lints () 2023-12-06 23:25:00 +01:00
import DEV: lint against Layout/EmptyLineBetweenDefs () 2023-12-15 23:46:04 +08:00
import_export DEV: Update to lastest rubocop-discourse 2024-05-27 18:06:14 +02:00
middleware FIX: Set sane default for Net::HTTP when processing a request () 2024-08-06 07:12:42 +08:00
migration DEV: Raise an exception if trying to set a readonly column with default () 2024-09-02 10:09:40 +01:00
onebox UX: Upgrade to fontawesome 6.6.0 () 2024-09-09 14:40:56 +01:00
plugin DEV: Remove register_color_scheme api () 2024-09-06 17:26:53 +02:00
pretty_text FIX: BBCode tag parser 2024-06-18 10:47:18 +02:00
rate_limiter
reviewable DEV: remap all core icons for fontawesome 6 upgrade () 2024-09-13 16:50:52 +01:00
scheduler PERF: Don't allow a single user to monopolize the defer queue () 2024-02-07 13:47:50 -06:00
search FIX: Handle nil post_search_data for search result () 2024-03-14 14:40:46 -03:00
second_factor DEV: Update confirm-email flows to use central 2fa and ember rendering () 2024-01-30 10:32:42 +00:00
seed_data FIX: Requested changes from dev () 2024-09-09 08:55:42 -05:00
sidekiq DEV: Fix various rubocop lints () 2023-12-06 23:25:00 +01:00
site_settings FEATURE: Introduce site settings which require confirmation () 2024-06-19 16:01:24 +10:00
stylesheet SECURITY: Generate more category CSS on client 2024-03-15 14:24:11 +08:00
summarization DEV: Remove summarization code () 2024-07-02 08:51:47 -07:00
tasks DEV: Run theme tests in random order () 2024-09-11 10:45:12 +02:00
theme_settings_manager FIX: Pass values of objects typed settings to theme migrations () 2024-04-25 16:39:22 +03:00
theme_store DEV: Replace silent theme-install fails with exceptions () 2024-08-22 12:09:56 +01:00
topic_query FEATURE: option to sort user and group private messages. () 2024-01-10 13:33:30 +05:30
turbo_tests DEV: check_pending -> check_all_pending! () 2024-07-05 09:29:32 +08:00
validators FEATURE: add system_user_max_attachment_size_kb site setting () 2024-08-16 11:03:39 -03:00
wizard DEV: Update member access wizard step to use toggle group () 2024-07-29 14:07:06 +08:00
admin_confirmation.rb
admin_constraint.rb
admin_user_index_query.rb
age_words.rb
archetype.rb DEV: Update to lastest rubocop-discourse 2024-05-27 18:06:14 +02:00
auth.rb FIX: Do not capture OAuth user on 2FA page () 2024-06-27 10:27:49 +10:00
backup_restore.rb Revert "FIX: backup_restore.rb wants db user from user, not username ()" () 2024-08-06 14:11:48 +01:00
badge_posts_view_manager.rb
badge_queries.rb FEATURE: custom flag can require additional message () 2024-07-18 10:10:22 +10:00
base62.rb
bookmark_manager.rb
bookmark_query.rb FIX: Show deleted bookmark reminders in user bookmarks menu () 2024-02-29 09:03:49 +10:00
bookmark_reminder_notification_handler.rb FIX: Bookmark reminder was clearing incorrectly () 2024-08-26 09:17:39 +10:00
bookmarks_bulk_action.rb FIX: Bookmark reminder was clearing incorrectly () 2024-08-26 09:17:39 +10:00
browser_detection.rb
cache.rb FIX: race condition in Discourse.cache.fetch () 2024-07-30 09:08:12 +02:00
canonical_url.rb
category_badge.rb FIX: email category badges shouldn't use category text color () 2024-02-13 10:18:36 -05:00
chrome_installed_checker.rb DEV: lint against Layout/EmptyLineBetweenDefs () 2023-12-15 23:46:04 +08:00
color_math.rb
comment_migration.rb
common_passwords.rb DEV: Update to lastest rubocop-discourse 2024-05-27 18:06:14 +02:00
composer_messages_finder.rb DEV: Update to lastest rubocop-discourse 2024-05-27 18:06:14 +02:00
configurable_urls.rb
content_buffer.rb DEV: Enable unless cops 2023-02-21 10:30:48 +01:00
content_security_policy.rb DEV: Remove unsafe_eval from test/theme-test CSP () 2024-09-06 13:28:33 +02:00
cooked_post_processor.rb DEV: Rename with_secure_uploads? to should_secure_uploads? on Post () 2024-04-09 13:23:11 +10:00
cooked_processor_mixin.rb SECURITY: Add FastImage SSRF safe freedom patch 2024-07-03 20:49:15 +08:00
crawler_detection.rb
csrf_token_verifier.rb
current_user.rb
custom_renderer.rb DEV: enable frozen string literal on all files 2019-05-13 09:31:32 +08:00
db_helper.rb
directory_helper.rb DEV: Update to lastest rubocop-discourse 2024-05-27 18:06:14 +02:00
discourse_connect_base.rb FEATURE: Increase default DiscourseConnect session length () 2024-03-20 14:02:12 +00:00
discourse_connect_provider.rb DEV: lint against Layout/EmptyLineBetweenDefs () 2023-12-15 23:46:04 +08:00
discourse_dev.rb
discourse_diff.rb
discourse_event.rb
discourse_hub.rb DEV: include more data in Discourse Discover enrollment payload. () 2024-02-25 10:42:50 +05:30
discourse_ip_info.rb FIX: Rescue and warn when error is encountered in DiscourseIpInfo.mmdb_download () 2024-07-30 11:33:20 +08:00
discourse_js_processor.rb DEV: Switch to pnpm for JS dependencies () 2024-09-03 10:51:07 +01:00
discourse_logstash_logger.rb DEV: Log sidekiq job opts as string instead of hash () 2024-07-23 06:27:43 +08:00
discourse_plugin_registry.rb DEV: Support adding a custom filter on /filter () 2024-07-17 11:36:38 -05:00
discourse_redis.rb
discourse_sourcemapping_url_processor.rb
discourse_tagging.rb FEATURE: Add user to topic_tags_changed event () 2024-09-06 11:23:30 -03:00
discourse_updates.rb UX: rename the word "Upgrade" to "Update" in the UI. () 2024-04-02 20:04:37 +05:30
discourse_webauthn.rb FIX: Webauthn origin was incorrect for subfolder setups () 2024-02-12 16:27:24 -05:00
discourse.rb FIX: Ensure we dispose of MiniRacer::Context before forking daemons () 2024-08-14 12:45:34 +08:00
disk_space.rb
distributed_cache.rb DEV: Reduce duplication with DistributedMutex#clear_regex () 2024-02-21 14:19:04 -06:00
distributed_memoizer.rb
distributed_mutex.rb
edit_rate_limiter.rb
email_backup_token.rb
email_cook.rb
email_templates_finder.rb FIX: Add new/missing email templates to the email templates editor () 2024-07-30 00:27:41 +03:00
email_updater.rb
email.rb DEV: Apply syntax_tree formatting to lib/* 2023-01-09 12:10:19 +00:00
ember_cli.rb DEV: Switch to pnpm for JS dependencies () 2024-09-03 10:51:07 +01:00
encodings.rb DEV: Update to lastest rubocop-discourse 2024-05-27 18:06:14 +02:00
enum_site_setting.rb
enum.rb
excerpt_parser.rb
external_upload_helpers.rb DEV: Improve external upload debugging () 2024-08-30 10:25:04 +10:00
feed_element_installer.rb
feed_item_accessor.rb
file_helper.rb FIX: Use MaxMind supplied permalinks to download MaxMind databases () 2024-05-09 15:11:56 +08:00
filter_best_posts.rb
final_destination.rb FEATURE: use new site setting for onebox custom user agent. () 2024-07-24 04:45:30 +05:30
flag_query.rb
flag_settings.rb FEATURE: custom flag can require additional message () 2024-07-18 10:10:22 +10:00
gaps.rb
gc_stat_instrumenter.rb
git_repo.rb
git_url.rb
git_utils.rb DEV: Fix unicorn not booting due to 8e10878 () 2024-07-05 10:36:13 +08:00
global_path.rb
group_lookup.rb
guardian.rb FEATURE: Support designating multiple groups as mods on category () 2024-09-04 04:38:46 +03:00
has_errors.rb FIX: prevents PM to large groups () 2024-09-03 12:08:14 +02:00
highlight_js.rb DEV: Switch to pnpm for JS dependencies () 2024-09-03 10:51:07 +01:00
hijack.rb DEV: Upgrade Rails to version 7.1 2024-07-04 10:58:21 +02:00
homepage_constraint.rb FIX: Regression in custom homepage modifier used in theme components () 2024-06-21 11:24:11 -04:00
homepage_helper.rb DEV: implements register_modifier(:custom_homepage_enabled) () 2024-08-30 11:06:07 +02:00
html_prettify.rb
html_to_markdown.rb FIX: HtmlToMarkdown should keep HTML entities for <, > and & within HTML elements 2024-06-10 16:03:30 +02:00
http_language_parser.rb
http_user_agent_encoder.rb DEV: Apply suggested changes 2024-06-11 14:02:46 +02:00
image_sizer.rb
import_export.rb
inline_oneboxer.rb
job_time_spacer.rb
js_locale_helper.rb FIX: Allow invalid plural keys in MF translations 2024-07-25 14:16:28 +02:00
json_error.rb
letter_avatar.rb DEV: replace imagemagick convert commands with magick () 2024-07-08 16:55:59 +08:00
markdown_linker.rb
mem_info.rb DEV: Move non scheduled problem checks to classes () 2024-03-14 10:55:01 +08:00
message_bus_diags.rb
method_profiler.rb
mini_scheduler_long_running_job_logger.rb DEV: Log a warning message when a MiniScheduler scheduled job is stuck () 2024-08-08 12:20:16 +08:00
mini_sql_multisite_connection.rb DEV: Track SQL queries from MiniSql () 2024-09-11 10:14:53 +03:00
mobile_detection.rb
new_post_manager.rb DEV: Update to lastest rubocop-discourse 2024-05-27 18:06:14 +02:00
new_post_result.rb DEV: Update to lastest rubocop-discourse 2024-05-27 18:06:14 +02:00
notification_levels.rb
onebox.rb SECURITY: Prevent Onebox cache overflow by limiting downloads and URL lengths 2023-11-09 13:39:18 +11:00
oneboxer.rb FEATURE: Allow for multiple GitHub onebox tokens () 2024-07-15 13:07:36 +10:00
onpdiff.rb
password_hasher.rb
pbkdf2.rb
permalink_constraint.rb
pinned_check.rb
plain_text_to_markdown.rb
plugin_gem.rb DEV: Search for -gnu gem variants () 2024-06-05 14:58:02 +02:00
plugin.rb DEV: Fixup plugin initialization guard () 2023-11-29 11:44:09 +00:00
post_action_creator.rb FEATURE: Support designating multiple groups as mods on category () 2024-09-04 04:38:46 +03:00
post_action_destroyer.rb FIX: serialize Flags instead of PostActionType () 2024-08-14 12:13:46 +10:00
post_action_result.rb
post_action_type_view.rb FIX: serialize Flags instead of PostActionType () 2024-08-14 12:13:46 +10:00
post_creator.rb FIX: double reviewable items bug () 2024-07-31 12:45:00 +10:00
post_destroyer.rb FIX: serialize Flags instead of PostActionType () 2024-08-14 12:13:46 +10:00
post_jobs_enqueuer.rb DEV: Add import_embed_unlisted site setting () 2024-03-27 08:57:43 -04:00
post_locker.rb
post_merger.rb
post_revisor.rb Revert "DEV: Removal of create_post_for_category_and_tag_changes setting (#28…" () 2024-08-27 16:19:51 -03:00
presence_channel.rb DEV: remove repetitive words () 2024-04-01 06:23:21 +08:00
pretty_text.rb DEV: Switch to pnpm for JS dependencies () 2024-09-03 10:51:07 +01:00
promotion.rb FIX: down downgrade trust level if all requirements are met. () 2024-03-04 09:30:30 +11:00
quote_comparer.rb
quote_rewriter.rb SECURITY: escape display names 2023-11-09 13:39:06 +11:00
rake_helpers.rb
rate_limiter.rb
read_only_mixin.rb FIX: Change request method for categories/search () 2024-05-13 14:37:17 +03:00
redis_snapshot.rb
require_dependency_backward_compatibility.rb
retrieve_title.rb FIX: Request html when fetching inline onebox data () 2023-12-04 11:36:42 +10:00
route_format.rb
route_matcher.rb FIX: Logs api scope not working () 2024-01-10 19:30:10 -07:00
rtl.rb DEV: Remove duplicate definition of RTL locales and add Uyghur to the list () 2024-06-08 21:24:39 +02:00
s3_cors_rulesets.rb
s3_helper.rb DEV: Introduce hidden s3_inventory_bucket site setting () 2024-06-10 13:16:00 +08:00
s3_inventory.rb DEV: Restore missing_s3_uploads stats count if site was restored () 2024-07-19 14:22:58 +08:00
score_calculator.rb
screening_model.rb DEV: Apply syntax_tree formatting to lib/* 2023-01-09 12:10:19 +00:00
search.rb DEV: Forces custom search filter matchers to be case insensitive () 2024-09-06 12:30:51 -03:00
secure_session.rb DEV: Fix various rubocop lints () 2023-12-06 23:25:00 +01:00
secure_upload_endpoint_helpers.rb DEV: Add SecureUploadEndpointHelpers for controllers () 2024-02-20 11:19:22 +10:00
service_runner.rb DEV: Drop WithServiceHelper 2024-09-05 09:58:20 +02:00
shrink_uploaded_image.rb FIX: Ignore invalid images when shrinking uploads () 2024-01-22 12:10:29 +01:00
sidekiq_logster_reporter.rb DEV: Improve logging of Sidekiq errors when logstash logger is enabled () 2024-07-11 14:17:18 +08:00
sidekiq_long_running_job_logger.rb DEV: Add ability to log a warning when Sidekiq job runs for too long () 2024-06-13 14:24:44 +08:00
signal_trap_logger.rb DEV: Log Unicorn worker timeout backtraces to Rails.logger () 2024-06-03 12:51:12 +08:00
site_icon_manager.rb
site_setting_extension.rb DEV: the ability to define setting areas () 2024-09-03 09:25:45 +10:00
slug.rb
smtp_provider_overrides.rb UX: Use a dropdown for SSL mode for group SMTP () 2024-07-18 10:33:14 +10:00
socket_server.rb
spam_handler.rb
staff_constraint.rb
staff_message_format.rb
statistics.rb FIX: Exclude inactive and silenced users from /about page stats () 2024-09-12 22:28:49 +03:00
steps_inspector.rb DEV: Show parameters on a service contract failure 2024-06-13 12:19:26 +02:00
suggested_topics_builder.rb
svg_sprite.rb FIX: replace shield-blank with shield-halved for font awesome () 2024-09-09 10:48:09 -04:00
system_message.rb
temporary_db.rb
temporary_redis.rb
text_cleaner.rb
text_sentinel.rb PERF: improves TextSentinel's seems_unpretentious check () 2024-07-23 17:12:29 +02:00
theme_javascript_compiler.rb DEV: Compile theme migrations javascript files when running theme qunit () 2024-01-16 09:50:44 +08:00
theme_metadata.rb DEV: Run system tests for official themes () 2023-11-16 07:11:35 +08:00
theme_modifier_helper.rb
theme_resolver.rb DEV: Extract theme resolution to a helper () 2024-06-20 11:33:46 -04:00
theme_settings_manager.rb FIX: Pass values of objects typed settings to theme migrations () 2024-04-25 16:39:22 +03:00
theme_settings_object_validator.rb DEV: Add isValidUrl helper function to theme migrations () 2024-04-30 16:45:07 +08:00
theme_settings_parser.rb DEV: Update to lastest rubocop-discourse 2024-05-27 18:06:14 +02:00
theme_settings_validator.rb DEV: Update to lastest rubocop-discourse 2024-05-27 18:06:14 +02:00
theme_translation_manager.rb
theme_translation_parser.rb
timeline_lookup.rb
tiny_japanese_segmenter.rb
topic_creator.rb FIX: prevents PM to large groups () 2024-09-03 12:08:14 +02:00
topic_list_responder.rb
topic_publisher.rb
topic_query_params.rb FIX: Return 400 response codes when topic list query params are invalid () 2024-07-16 10:30:04 +08:00
topic_query.rb FIX: Return 400 response codes when topic list query params are invalid () 2024-07-16 10:30:04 +08:00
topic_retriever.rb
topic_subtype.rb DEV: Update to lastest rubocop-discourse 2024-05-27 18:06:14 +02:00
topic_upload_security_manager.rb DEV: Introduce post_should_secure_uploads? plugin modifier () 2024-04-10 12:02:44 +10:00
topic_view.rb PERF: Preload user options when status is enabled () 2024-09-11 10:39:14 +03:00
topics_bulk_action.rb FIX: Message for bulk closing topics silently () 2024-06-11 09:36:54 +10:00
topics_filter.rb DEV: Extend /filter's ability to order () 2024-08-07 16:37:00 +08:00
truncate_logs_formatter.rb SECURITY: Add a default limit as to when logs should be truncated 2023-10-16 10:34:38 -04:00
trust_level.rb
turbo_tests.rb DEV: Repair RSpec full_cause_backtrace under bin/turbo_rspec () 2024-03-07 18:35:46 +00:00
twitter_api.rb
unicorn_logstash_patch.rb
unread.rb
upload_creator.rb DEV: replace imagemagick convert commands with magick () 2024-07-08 16:55:59 +08:00
upload_fixer.rb
upload_markdown.rb DEV: Uploads import script can download files () 2024-05-04 22:48:16 +02:00
upload_recovery.rb
upload_security.rb DEV: Rename with_secure_uploads? to should_secure_uploads? on Post () 2024-04-09 13:23:11 +10:00
url_helper.rb DEV: Add isValidUrl helper function to theme migrations () 2024-04-30 16:45:07 +08:00
user_comm_screener.rb
user_lookup.rb
user_name_suggester.rb DEV: Fix various spec linting issues () 2023-12-04 13:45:19 +01:00
vary_header.rb
version.rb Bump version to v3.4.0.beta2-dev 2024-08-27 10:54:25 -04:00
wizard.rb DEV: Update to lastest rubocop-discourse 2024-05-27 18:06:14 +02:00
work_queue.rb PERF: Don't allow a single user to monopolize the defer queue () 2024-02-07 13:47:50 -06:00
xml_cleaner.rb FIX: Remove invalid chars from feed XMLs () 2023-10-19 14:37:37 -03:00