diff --git a/framework/core/js/src/admin/AdminApplication.js b/framework/core/js/src/admin/AdminApplication.js index ca71ee2c2..96857c55a 100644 --- a/framework/core/js/src/admin/AdminApplication.js +++ b/framework/core/js/src/admin/AdminApplication.js @@ -55,7 +55,7 @@ export default class AdminApplication extends Application { required.push('discussion.hide'); } if (permission === 'discussion.deletePosts') { - required.push('discussion.editPosts'); + required.push('discussion.hidePosts'); } return required; diff --git a/framework/core/js/src/admin/components/PermissionGrid.js b/framework/core/js/src/admin/components/PermissionGrid.js index 3a6c428a0..591141389 100644 --- a/framework/core/js/src/admin/components/PermissionGrid.js +++ b/framework/core/js/src/admin/components/PermissionGrid.js @@ -206,10 +206,16 @@ export default class PermissionGrid extends Component { items.add('editPosts', { icon: 'fas fa-pencil-alt', - label: app.translator.trans('core.admin.permissions.edit_and_delete_posts_label'), + label: app.translator.trans('core.admin.permissions.edit_posts_label'), permission: 'discussion.editPosts' }, 70); + items.add('hidePosts', { + icon: 'far fa-trash-alt', + label: app.translator.trans('core.admin.permissions.delete_posts_label'), + permission: 'discussion.hidePosts' + }, 60); + items.add('deletePosts', { icon: 'fas fa-times', label: app.translator.trans('core.admin.permissions.delete_posts_forever_label'), diff --git a/framework/core/js/src/common/models/Post.js b/framework/core/js/src/common/models/Post.js index d2254bf94..848434dab 100644 --- a/framework/core/js/src/common/models/Post.js +++ b/framework/core/js/src/common/models/Post.js @@ -24,5 +24,6 @@ Object.assign(Post.prototype, { isHidden: computed('hideTime', hideTime => !!hideTime), canEdit: Model.attribute('canEdit'), + canHide: Model.attribute('canHide'), canDelete: Model.attribute('canDelete') }); diff --git a/framework/core/js/src/forum/utils/PostControls.js b/framework/core/js/src/forum/utils/PostControls.js index 8d9712289..6140b96b8 100644 --- a/framework/core/js/src/forum/utils/PostControls.js +++ b/framework/core/js/src/forum/utils/PostControls.js @@ -82,7 +82,7 @@ export default { const items = new ItemList(); if (post.contentType() === 'comment' && !post.isHidden()) { - if (post.canEdit()) { + if (post.canHide()) { items.add('hide', Button.component({ icon: 'far fa-trash-alt', children: app.translator.trans('core.forum.post_controls.delete_button'), @@ -90,7 +90,7 @@ export default { })); } } else { - if (post.contentType() === 'comment' && post.canEdit()) { + if (post.contentType() === 'comment' && post.canHide()) { items.add('restore', Button.component({ icon: 'fas fa-reply', children: app.translator.trans('core.forum.post_controls.restore_button'), diff --git a/framework/core/src/Api/Serializer/PostSerializer.php b/framework/core/src/Api/Serializer/PostSerializer.php index ee807374b..ca2cfaf13 100644 --- a/framework/core/src/Api/Serializer/PostSerializer.php +++ b/framework/core/src/Api/Serializer/PostSerializer.php @@ -66,7 +66,8 @@ class PostSerializer extends BasicPostSerializer $attributes += [ 'canEdit' => $canEdit, - 'canDelete' => $gate->allows('delete', $post) + 'canDelete' => $gate->allows('delete', $post), + 'canHide' => $gate->allows('hide', $post) ]; return $attributes; diff --git a/framework/core/src/Install/Console/InstallCommand.php b/framework/core/src/Install/Console/InstallCommand.php index 194d7b68b..58080032a 100644 --- a/framework/core/src/Install/Console/InstallCommand.php +++ b/framework/core/src/Install/Console/InstallCommand.php @@ -319,6 +319,7 @@ class InstallCommand extends AbstractCommand // Moderators can edit + delete stuff [Group::MODERATOR_ID, 'discussion.hide'], [Group::MODERATOR_ID, 'discussion.editPosts'], + [Group::MODERATOR_ID, 'discussion.hidePosts'], [Group::MODERATOR_ID, 'discussion.rename'], [Group::MODERATOR_ID, 'discussion.viewIpsPosts'], ]; diff --git a/framework/core/src/Post/Command/EditPostHandler.php b/framework/core/src/Post/Command/EditPostHandler.php index 14ae6ca20..3458141ad 100644 --- a/framework/core/src/Post/Command/EditPostHandler.php +++ b/framework/core/src/Post/Command/EditPostHandler.php @@ -68,7 +68,7 @@ class EditPostHandler } if (isset($attributes['isHidden'])) { - $this->assertCan($actor, 'edit', $post); + $this->assertCan($actor, 'hide', $post); if ($attributes['isHidden']) { $post->hide($actor); diff --git a/framework/core/src/Post/PostPolicy.php b/framework/core/src/Post/PostPolicy.php index 3b857a889..c8167bb6f 100644 --- a/framework/core/src/Post/PostPolicy.php +++ b/framework/core/src/Post/PostPolicy.php @@ -79,7 +79,7 @@ class PostPolicy extends AbstractPolicy // Hide hidden posts, unless they are authored by the current user, or // the current user has permission to view hidden posts in the // discussion. - if (! $actor->hasPermission('discussion.editPosts')) { + if (! $actor->hasPermission('discussion.hidePosts')) { $query->where(function ($query) use ($actor) { $query->whereNull('posts.hide_time') ->orWhere('user_id', $actor->id) @@ -89,7 +89,7 @@ class PostPolicy extends AbstractPolicy ->whereRaw('discussions.id = posts.discussion_id') ->where(function ($query) use ($actor) { $this->events->dispatch( - new ScopeModelVisibility(Discussion::query()->setQuery($query), $actor, 'editPosts') + new ScopeModelVisibility(Discussion::query()->setQuery($query), $actor, 'hidePosts') ); }); });