From 5e725839b09728e92a8cc172f19bb0b7633e531d Mon Sep 17 00:00:00 2001
From: Toby Zerner <toby.zerner@gmail.com>
Date: Fri, 4 Sep 2015 11:34:23 +0930
Subject: [PATCH] Scope Report and empty discussion visibility by tag

---
 .../ConfigureDiscussionPermissions.php        | 30 +++++++++++++++++--
 .../src/Listeners/ConfigureTagPermissions.php |  2 +-
 extensions/tags/src/Tag.php                   | 25 ++++++++++++++--
 3 files changed, 52 insertions(+), 5 deletions(-)

diff --git a/extensions/tags/src/Listeners/ConfigureDiscussionPermissions.php b/extensions/tags/src/Listeners/ConfigureDiscussionPermissions.php
index 6cf1641a0..a7ddd403b 100755
--- a/extensions/tags/src/Listeners/ConfigureDiscussionPermissions.php
+++ b/extensions/tags/src/Listeners/ConfigureDiscussionPermissions.php
@@ -1,9 +1,11 @@
 <?php namespace Flarum\Tags\Listeners;
 
 use Flarum\Events\ScopeModelVisibility;
+use Flarum\Events\ScopeEmptyDiscussionVisibility;
 use Flarum\Events\ModelAllow;
 use Flarum\Core\Discussions\Discussion;
 use Flarum\Tags\Tag;
+use Flarum\Reports\Report;
 use Illuminate\Database\Query\Expression;
 
 class ConfigureDiscussionPermissions
@@ -11,6 +13,7 @@ class ConfigureDiscussionPermissions
     public function subscribe($events)
     {
         $events->listen(ScopeModelVisibility::class, [$this, 'scopeDiscussionVisibility']);
+        $events->listen(ScopeEmptyDiscussionVisibility::class, [$this, 'scopeEmptyDiscussionVisibility']);
         $events->listen(ModelAllow::class, [$this, 'allowDiscussionPermissions']);
     }
 
@@ -19,12 +22,35 @@ class ConfigureDiscussionPermissions
         // Hide discussions which have tags that the user is not allowed to see.
         if ($event->model instanceof Discussion) {
             $event->query->whereNotExists(function ($query) use ($event) {
-                return $query->select(app('flarum.db')->raw(1))
+                return $query->select(new Expression(1))
                     ->from('discussions_tags')
-                    ->whereIn('tag_id', Tag::getNotVisibleTo($event->actor))
+                    ->whereIn('tag_id', Tag::getIdsWhereCannot($event->actor, 'view'))
                     ->where('discussions.id', new Expression('discussion_id'));
             });
         }
+
+        if ($event->model instanceof Report) {
+            $event->query
+                ->select('reports.*')
+                ->leftJoin('posts', 'posts.id', '=', 'reports.post_id')
+                ->leftJoin('discussions', 'discussions.id', '=', 'posts.discussion_id')
+                ->whereNotExists(function ($query) use ($event) {
+                    return $query->select(new Expression(1))
+                        ->from('discussions_tags')
+                        ->whereIn('tag_id', Tag::getIdsWhereCannot($event->actor, 'discussion.viewReports'))
+                        ->where('discussions.id', new Expression('discussion_id'));
+                });
+        }
+    }
+
+    public function scopeEmptyDiscussionVisibility(ScopeEmptyDiscussionVisibility $event)
+    {
+        $event->query->orWhereExists(function ($query) use ($event) {
+            return $query->select(new Expression(1))
+                ->from('discussions_tags')
+                ->whereIn('tag_id', Tag::getIdsWhereCan($event->actor, 'discussion.editPosts'))
+                ->where('discussions.id', new Expression('discussion_id'));
+        });
     }
 
     public function allowDiscussionPermissions(ModelAllow $event)
diff --git a/extensions/tags/src/Listeners/ConfigureTagPermissions.php b/extensions/tags/src/Listeners/ConfigureTagPermissions.php
index 3db35e129..404c02c4b 100755
--- a/extensions/tags/src/Listeners/ConfigureTagPermissions.php
+++ b/extensions/tags/src/Listeners/ConfigureTagPermissions.php
@@ -15,7 +15,7 @@ class ConfigureTagPermissions
     public function scopeTagVisibility(ScopeModelVisibility $event)
     {
         if ($event->model instanceof Tag) {
-            $event->query->whereNotIn('id', Tag::getNotVisibleTo($event->actor));
+            $event->query->whereNotIn('id', Tag::getIdsWhereCannot($event->actor, 'view'));
         }
     }
 
diff --git a/extensions/tags/src/Tag.php b/extensions/tags/src/Tag.php
index 447ee0493..651e467a4 100644
--- a/extensions/tags/src/Tag.php
+++ b/extensions/tags/src/Tag.php
@@ -104,7 +104,7 @@ class Tag extends Model
         return $this;
     }
 
-    public static function getNotVisibleTo($user)
+    public static function getIdsWhereCan($user, $permission)
     {
         static $tags;
 
@@ -113,9 +113,30 @@ class Tag extends Model
         }
 
         $ids = [];
+        $hasGlobalPermission = $user->hasPermission($permission);
 
         foreach ($tags as $tag) {
-            if ($tag->is_restricted && ! $user->hasPermission('tag' . $tag->id . '.view')) {
+            if (($hasGlobalPermission && ! $tag->is_restricted) || $user->hasPermission('tag' . $tag->id . '.' . $permission)) {
+                $ids[] = $tag->id;
+            }
+        }
+
+        return $ids;
+    }
+
+    public static function getIdsWhereCannot($user, $permission)
+    {
+        static $tags;
+
+        if (! $tags) {
+            $tags = static::all();
+        }
+
+        $ids = [];
+        $hasGlobalPermission = $user->hasPermission($permission);
+
+        foreach ($tags as $tag) {
+            if (($tag->is_restricted || ! $hasGlobalPermission) && ! $user->hasPermission('tag' . $tag->id . '.' . $permission)) {
                 $ids[] = $tag->id;
             }
         }