discourse/lib/guardian/group_guardian.rb
Guo Xiang Tan ce4c8e957b PERF: Avoid looking up the same group multiple times during bulk invite.
Also cache the guardian check because it does a query to check if the
user is an owner of the group.
2019-04-16 09:42:25 +08:00

21 lines
610 B
Ruby

#mixin for all guardian methods dealing with group permissions
module GroupGuardian
# Edit authority for groups means membership changes only.
# Automatic groups are not represented in the GROUP_USERS
# table and thus do not allow membership changes.
def can_edit_group?(group)
!group.automatic && can_log_group_changes?(group)
end
def can_log_group_changes?(group)
(is_admin? || group.users.where('group_users.owner').include?(user))
end
def can_see_group_messages?(group)
SiteSetting.enable_personal_messages? && (
is_admin? || group.users.include?(user)
)
end
end