FEATURE: Staff members can lock posts

Locking a post prevents it from being edited. This is useful if the user
has posted something which has been edited out, and the staff members don't
want them to be able to edit it back in again.

lib/guardian/post_guardian.rb

@@ -46,6 +46,10 @@ module PostGuardian
     !!result
   end
 
+  def can_lock_post?(post)
+    can_see_post?(post) && is_staff?
+  end
+
   def can_defer_flags?(post)
     can_see_post?(post) && is_staff? && post
   end
@@ -98,6 +102,9 @@ module PostGuardian
 
     return true if is_admin?
 
+    # Must be staff to edit a locked post
+    return false if post.locked? && !is_staff?
+
     if is_staff? || @user.has_trust_level?(TrustLevel[4])
       return can_create_post?(post.topic)
     end
@@ -106,6 +113,7 @@ module PostGuardian
       return false
     end
 
+
     if post.wiki && (@user.trust_level >= SiteSetting.min_trust_to_edit_wiki_post.to_i)
       return can_create_post?(post.topic)
     end
@@ -114,6 +122,7 @@ module PostGuardian
       return false
     end
 
+
     if is_my_own?(post)
       if post.hidden?
         return false if post.hidden_at.present? &&

lib/post_locker.rb

@@ -0,0 +1,23 @@
+class PostLocker
+  def initialize(post, user)
+    @post, @user = post, user
+  end
+
+  def lock
+    Guardian.new(@user).ensure_can_lock_post!(@post)
+
+    Post.transaction do
+      @post.update_column(:locked_by_id, @user.id)
+      StaffActionLogger.new(@user).log_post_lock(@post, locked: true)
+    end
+  end
+
+  def unlock
+    Guardian.new(@user).ensure_can_lock_post!(@post)
+
+    Post.transaction do
+      @post.update_column(:locked_by_id, nil)
+      StaffActionLogger.new(@user).log_post_lock(@post, locked: false)
+    end
+  end
+end