From 01bbaadf2fdc3ba205fb408ab0e299dc7c957463 Mon Sep 17 00:00:00 2001
From: Alexander Skvortsov <38059171+askvortsov1@users.noreply.github.com>
Date: Fri, 20 Mar 2020 10:57:03 -0400
Subject: [PATCH] Users should not be able to restore discussions if deleted by
 admins (#2037)

---
 framework/core/src/Discussion/DiscussionPolicy.php | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/framework/core/src/Discussion/DiscussionPolicy.php b/framework/core/src/Discussion/DiscussionPolicy.php
index e1fc5fceb..335509096 100644
--- a/framework/core/src/Discussion/DiscussionPolicy.php
+++ b/framework/core/src/Discussion/DiscussionPolicy.php
@@ -139,7 +139,11 @@ class DiscussionPolicy extends AbstractPolicy
      */
     public function hide(User $actor, Discussion $discussion)
     {
-        if ($discussion->user_id == $actor->id && $discussion->participant_count <= 1 && $actor->can('reply', $discussion)) {
+        if ($discussion->user_id == $actor->id
+            && $discussion->participant_count <= 1
+            && (! $discussion->hidden_at || $discussion->hidden_user_id == $actor->id)
+            && $actor->can('reply', $discussion)
+        ) {
             return true;
         }
     }