2014-01-09 17:25:14 -06:00
|
|
|
#mixin for all guardian methods dealing with topic permisions
|
|
|
|
module TopicGuardian
|
|
|
|
|
|
|
|
def can_remove_allowed_users?(topic)
|
|
|
|
is_staff?
|
|
|
|
end
|
|
|
|
|
|
|
|
# Creating Methods
|
|
|
|
def can_create_topic?(parent)
|
2014-06-09 14:21:01 -05:00
|
|
|
is_staff? ||
|
2014-06-09 10:03:10 -05:00
|
|
|
(user &&
|
|
|
|
user.trust_level >= SiteSetting.min_trust_to_create_topic.to_i &&
|
|
|
|
can_create_post?(parent))
|
2014-01-09 17:25:14 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
def can_create_topic_on_category?(category)
|
2014-01-21 08:21:38 -06:00
|
|
|
can_create_topic?(nil) &&
|
2015-09-07 11:52:53 -05:00
|
|
|
(!category || Category.topic_create_allowed(self).where(id: category.id).count == 1)
|
2014-01-09 17:25:14 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
def can_create_post_on_topic?(topic)
|
|
|
|
# No users can create posts on deleted topics
|
2016-09-09 11:15:56 -05:00
|
|
|
return false if topic.blank?
|
2014-01-09 17:25:14 -06:00
|
|
|
return false if topic.trashed?
|
2016-04-13 00:59:38 -05:00
|
|
|
return true if is_admin?
|
2014-01-09 17:25:14 -06:00
|
|
|
|
2016-04-13 00:59:38 -05:00
|
|
|
trusted = (authenticated? && user.has_trust_level?(TrustLevel[4])) || is_moderator?
|
|
|
|
|
|
|
|
(!(topic.closed? || topic.archived?) || trusted) && can_create_post?(topic)
|
2014-01-09 17:25:14 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
# Editing Method
|
|
|
|
def can_edit_topic?(topic)
|
2014-07-29 09:40:02 -05:00
|
|
|
return false if Discourse.static_doc_topic_ids.include?(topic.id) && !is_admin?
|
2015-02-25 23:08:52 -06:00
|
|
|
return false unless can_see?(topic)
|
2016-04-13 00:59:38 -05:00
|
|
|
|
|
|
|
return true if is_admin?
|
|
|
|
return true if is_moderator? && can_create_post?(topic)
|
|
|
|
|
2016-06-01 14:41:56 -05:00
|
|
|
# can't edit topics in secured categories where you don't have permission to create topics
|
|
|
|
return false if !can_create_topic_on_category?(topic.category)
|
|
|
|
|
2016-01-28 13:05:56 -06:00
|
|
|
# TL4 users can edit archived topics, but can not edit private messages
|
|
|
|
return true if (topic.archived && !topic.private_message? && user.has_trust_level?(TrustLevel[4]) && can_create_post?(topic))
|
2016-04-13 00:59:38 -05:00
|
|
|
|
2016-01-28 13:05:56 -06:00
|
|
|
# TL3 users can not edit archived topics and private messages
|
|
|
|
return true if (!topic.archived && !topic.private_message? && user.has_trust_level?(TrustLevel[3]) && can_create_post?(topic))
|
2015-04-30 16:03:51 -05:00
|
|
|
|
2014-08-15 11:44:58 -05:00
|
|
|
return false if topic.archived
|
2015-02-25 13:53:21 -06:00
|
|
|
is_my_own?(topic) && !topic.edit_time_limit_expired?
|
2014-01-09 17:25:14 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
# Recovery Method
|
|
|
|
def can_recover_topic?(topic)
|
2017-03-05 23:17:57 -06:00
|
|
|
topic && topic.deleted_at && topic.user && is_staff?
|
2014-01-09 17:25:14 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
def can_delete_topic?(topic)
|
|
|
|
!topic.trashed? &&
|
|
|
|
is_staff? &&
|
2014-08-13 16:02:44 -05:00
|
|
|
!(Category.exists?(topic_id: topic.id)) &&
|
|
|
|
!Discourse.static_doc_topic_ids.include?(topic.id)
|
2014-01-09 17:25:14 -06:00
|
|
|
end
|
|
|
|
|
2016-05-01 06:48:43 -05:00
|
|
|
def can_convert_topic?(topic)
|
2016-05-04 11:29:56 -05:00
|
|
|
return false if topic && topic.trashed?
|
|
|
|
return true if is_admin?
|
|
|
|
is_moderator? && can_create_post?(topic)
|
2016-05-01 06:48:43 -05:00
|
|
|
end
|
|
|
|
|
2014-01-09 17:25:14 -06:00
|
|
|
def can_reply_as_new_topic?(topic)
|
2016-11-29 11:59:42 -06:00
|
|
|
authenticated? && topic && @user.has_trust_level?(TrustLevel[1])
|
2014-01-09 17:25:14 -06:00
|
|
|
end
|
|
|
|
|
2014-07-15 16:02:43 -05:00
|
|
|
def can_see_deleted_topics?
|
|
|
|
is_staff?
|
|
|
|
end
|
|
|
|
|
2016-06-27 07:36:57 -05:00
|
|
|
def can_see_topic?(topic, hide_deleted=true)
|
2014-05-12 09:30:10 -05:00
|
|
|
return false unless topic
|
2014-05-12 14:26:36 -05:00
|
|
|
return true if is_admin?
|
2016-06-27 07:36:57 -05:00
|
|
|
return false if hide_deleted && topic.deleted_at && !can_see_deleted_topics?
|
2014-01-09 17:25:14 -06:00
|
|
|
|
2014-08-04 23:37:28 -05:00
|
|
|
if topic.private_message?
|
2016-06-27 07:36:57 -05:00
|
|
|
return authenticated? && topic.all_allowed_users.where(id: @user.id).exists?
|
2014-08-04 23:37:28 -05:00
|
|
|
end
|
|
|
|
|
2016-06-27 07:36:57 -05:00
|
|
|
can_see_category?(topic.category)
|
2015-02-12 10:52:59 -06:00
|
|
|
end
|
2014-01-09 17:25:14 -06:00
|
|
|
|
2015-09-18 02:14:10 -05:00
|
|
|
def can_see_topic_if_not_deleted?(topic)
|
2016-06-27 07:36:57 -05:00
|
|
|
can_see_topic?(topic, false)
|
2015-09-18 02:14:10 -05:00
|
|
|
end
|
|
|
|
|
2015-02-12 10:52:59 -06:00
|
|
|
def filter_allowed_categories(records)
|
|
|
|
unless is_admin?
|
|
|
|
allowed_ids = allowed_category_ids
|
|
|
|
if allowed_ids.length > 0
|
|
|
|
records = records.where('topics.category_id IS NULL or topics.category_id IN (?)', allowed_ids)
|
|
|
|
else
|
|
|
|
records = records.where('topics.category_id IS NULL')
|
|
|
|
end
|
|
|
|
records = records.references(:categories)
|
|
|
|
end
|
|
|
|
records
|
2014-01-09 17:25:14 -06:00
|
|
|
end
|
2015-02-12 10:52:59 -06:00
|
|
|
|
2016-12-05 06:31:43 -06:00
|
|
|
def can_edit_featured_link?(category_id)
|
2016-12-15 16:46:43 -06:00
|
|
|
return false unless SiteSetting.topic_featured_link_enabled
|
2016-12-20 14:55:30 -06:00
|
|
|
Category.where(id: category_id||SiteSetting.uncategorized_category_id, topic_featured_link_allowed: true).exists?
|
2016-12-05 06:31:43 -06:00
|
|
|
end
|
2014-01-21 08:21:38 -06:00
|
|
|
end
|