Create new hidePosts permission (#1466)

This commit is contained in:
AFR 2018-07-15 03:15:40 +07:00 committed by Franz Liedke
parent f11fa5c600
commit 4098e0c855
8 changed files with 17 additions and 8 deletions

View File

@ -55,7 +55,7 @@ export default class AdminApplication extends Application {
required.push('discussion.hide'); required.push('discussion.hide');
} }
if (permission === 'discussion.deletePosts') { if (permission === 'discussion.deletePosts') {
required.push('discussion.editPosts'); required.push('discussion.hidePosts');
} }
return required; return required;

View File

@ -206,10 +206,16 @@ export default class PermissionGrid extends Component {
items.add('editPosts', { items.add('editPosts', {
icon: 'fas fa-pencil-alt', icon: 'fas fa-pencil-alt',
label: app.translator.trans('core.admin.permissions.edit_and_delete_posts_label'), label: app.translator.trans('core.admin.permissions.edit_posts_label'),
permission: 'discussion.editPosts' permission: 'discussion.editPosts'
}, 70); }, 70);
items.add('hidePosts', {
icon: 'far fa-trash-alt',
label: app.translator.trans('core.admin.permissions.delete_posts_label'),
permission: 'discussion.hidePosts'
}, 60);
items.add('deletePosts', { items.add('deletePosts', {
icon: 'fas fa-times', icon: 'fas fa-times',
label: app.translator.trans('core.admin.permissions.delete_posts_forever_label'), label: app.translator.trans('core.admin.permissions.delete_posts_forever_label'),

View File

@ -24,5 +24,6 @@ Object.assign(Post.prototype, {
isHidden: computed('hideTime', hideTime => !!hideTime), isHidden: computed('hideTime', hideTime => !!hideTime),
canEdit: Model.attribute('canEdit'), canEdit: Model.attribute('canEdit'),
canHide: Model.attribute('canHide'),
canDelete: Model.attribute('canDelete') canDelete: Model.attribute('canDelete')
}); });

View File

@ -82,7 +82,7 @@ export default {
const items = new ItemList(); const items = new ItemList();
if (post.contentType() === 'comment' && !post.isHidden()) { if (post.contentType() === 'comment' && !post.isHidden()) {
if (post.canEdit()) { if (post.canHide()) {
items.add('hide', Button.component({ items.add('hide', Button.component({
icon: 'far fa-trash-alt', icon: 'far fa-trash-alt',
children: app.translator.trans('core.forum.post_controls.delete_button'), children: app.translator.trans('core.forum.post_controls.delete_button'),
@ -90,7 +90,7 @@ export default {
})); }));
} }
} else { } else {
if (post.contentType() === 'comment' && post.canEdit()) { if (post.contentType() === 'comment' && post.canHide()) {
items.add('restore', Button.component({ items.add('restore', Button.component({
icon: 'fas fa-reply', icon: 'fas fa-reply',
children: app.translator.trans('core.forum.post_controls.restore_button'), children: app.translator.trans('core.forum.post_controls.restore_button'),

View File

@ -66,7 +66,8 @@ class PostSerializer extends BasicPostSerializer
$attributes += [ $attributes += [
'canEdit' => $canEdit, 'canEdit' => $canEdit,
'canDelete' => $gate->allows('delete', $post) 'canDelete' => $gate->allows('delete', $post),
'canHide' => $gate->allows('hide', $post)
]; ];
return $attributes; return $attributes;

View File

@ -319,6 +319,7 @@ class InstallCommand extends AbstractCommand
// Moderators can edit + delete stuff // Moderators can edit + delete stuff
[Group::MODERATOR_ID, 'discussion.hide'], [Group::MODERATOR_ID, 'discussion.hide'],
[Group::MODERATOR_ID, 'discussion.editPosts'], [Group::MODERATOR_ID, 'discussion.editPosts'],
[Group::MODERATOR_ID, 'discussion.hidePosts'],
[Group::MODERATOR_ID, 'discussion.rename'], [Group::MODERATOR_ID, 'discussion.rename'],
[Group::MODERATOR_ID, 'discussion.viewIpsPosts'], [Group::MODERATOR_ID, 'discussion.viewIpsPosts'],
]; ];

View File

@ -68,7 +68,7 @@ class EditPostHandler
} }
if (isset($attributes['isHidden'])) { if (isset($attributes['isHidden'])) {
$this->assertCan($actor, 'edit', $post); $this->assertCan($actor, 'hide', $post);
if ($attributes['isHidden']) { if ($attributes['isHidden']) {
$post->hide($actor); $post->hide($actor);

View File

@ -79,7 +79,7 @@ class PostPolicy extends AbstractPolicy
// Hide hidden posts, unless they are authored by the current user, or // Hide hidden posts, unless they are authored by the current user, or
// the current user has permission to view hidden posts in the // the current user has permission to view hidden posts in the
// discussion. // discussion.
if (! $actor->hasPermission('discussion.editPosts')) { if (! $actor->hasPermission('discussion.hidePosts')) {
$query->where(function ($query) use ($actor) { $query->where(function ($query) use ($actor) {
$query->whereNull('posts.hide_time') $query->whereNull('posts.hide_time')
->orWhere('user_id', $actor->id) ->orWhere('user_id', $actor->id)
@ -89,7 +89,7 @@ class PostPolicy extends AbstractPolicy
->whereRaw('discussions.id = posts.discussion_id') ->whereRaw('discussions.id = posts.discussion_id')
->where(function ($query) use ($actor) { ->where(function ($query) use ($actor) {
$this->events->dispatch( $this->events->dispatch(
new ScopeModelVisibility(Discussion::query()->setQuery($query), $actor, 'editPosts') new ScopeModelVisibility(Discussion::query()->setQuery($query), $actor, 'hidePosts')
); );
}); });
}); });