mirror of
https://github.com/discourse/discourse.git
synced 2024-11-23 01:16:38 -06:00
Trust level 3 users can edit topic titles and change category
This commit is contained in:
parent
c1a66b70bb
commit
7c8ea8c166
@ -80,7 +80,7 @@ class Guardian
|
||||
alias :can_see_flags? :can_moderate?
|
||||
alias :can_send_activation_email? :can_moderate?
|
||||
|
||||
|
||||
|
||||
|
||||
# Can we impersonate this user?
|
||||
def can_impersonate?(target)
|
||||
@ -241,6 +241,8 @@ class Guardian
|
||||
if obj && authenticated?
|
||||
action_method = method_name_for action, obj
|
||||
return (action_method ? send(action_method, obj) : true)
|
||||
else
|
||||
false
|
||||
end
|
||||
end
|
||||
|
||||
|
@ -47,7 +47,7 @@ module TopicGuardian
|
||||
|
||||
# Editing Method
|
||||
def can_edit_topic?(topic)
|
||||
!topic.archived && (is_staff? || is_my_own?(topic))
|
||||
!topic.archived && (is_staff? || is_my_own?(topic) || user.has_trust_level?(:leader))
|
||||
end
|
||||
|
||||
# Recovery Method
|
||||
|
@ -7,6 +7,7 @@ describe Guardian do
|
||||
let(:user) { build(:user) }
|
||||
let(:moderator) { build(:moderator) }
|
||||
let(:admin) { build(:admin) }
|
||||
let(:leader) { build(:user, trust_level: 3) }
|
||||
let(:another_admin) { build(:admin) }
|
||||
let(:coding_horror) { build(:coding_horror) }
|
||||
|
||||
@ -510,7 +511,7 @@ describe Guardian do
|
||||
describe 'can_edit?' do
|
||||
|
||||
it 'returns false with a nil object' do
|
||||
Guardian.new(user).can_edit?(nil).should be_false
|
||||
Guardian.new(user).can_edit?(nil).should == false
|
||||
end
|
||||
|
||||
describe 'a Post' do
|
||||
@ -552,7 +553,7 @@ describe Guardian do
|
||||
end
|
||||
|
||||
it 'returns false to the author of the post' do
|
||||
Guardian.new(old_post.user).can_edit?(old_post).should eq(false)
|
||||
Guardian.new(old_post.user).can_edit?(old_post).should == false
|
||||
end
|
||||
|
||||
it 'returns true as a moderator' do
|
||||
@ -564,7 +565,7 @@ describe Guardian do
|
||||
end
|
||||
|
||||
it 'returns false for another regular user trying to edit your post' do
|
||||
Guardian.new(coding_horror).can_edit?(old_post).should eq(false)
|
||||
Guardian.new(coding_horror).can_edit?(old_post).should == false
|
||||
end
|
||||
end
|
||||
end
|
||||
@ -572,35 +573,43 @@ describe Guardian do
|
||||
describe 'a Topic' do
|
||||
|
||||
it 'returns false when not logged in' do
|
||||
Guardian.new.can_edit?(topic).should be_false
|
||||
Guardian.new.can_edit?(topic).should == false
|
||||
end
|
||||
|
||||
it 'returns true for editing your own post' do
|
||||
Guardian.new(topic.user).can_edit?(topic).should be_true
|
||||
Guardian.new(topic.user).can_edit?(topic).should eq(true)
|
||||
end
|
||||
|
||||
|
||||
it 'returns false as a regular user' do
|
||||
Guardian.new(coding_horror).can_edit?(topic).should be_false
|
||||
Guardian.new(coding_horror).can_edit?(topic).should == false
|
||||
end
|
||||
|
||||
context 'not archived' do
|
||||
it 'returns true as a moderator' do
|
||||
Guardian.new(moderator).can_edit?(topic).should be_true
|
||||
Guardian.new(moderator).can_edit?(topic).should eq(true)
|
||||
end
|
||||
|
||||
it 'returns true as an admin' do
|
||||
Guardian.new(admin).can_edit?(topic).should be_true
|
||||
Guardian.new(admin).can_edit?(topic).should eq(true)
|
||||
end
|
||||
|
||||
it 'returns true at trust level 3' do
|
||||
Guardian.new(leader).can_edit?(topic).should eq(true)
|
||||
end
|
||||
end
|
||||
|
||||
context 'archived' do
|
||||
it 'returns false as a moderator' do
|
||||
Guardian.new(moderator).can_edit?(build(:topic, user: user, archived: true)).should be_false
|
||||
Guardian.new(moderator).can_edit?(build(:topic, user: user, archived: true)).should == false
|
||||
end
|
||||
|
||||
it 'returns false as an admin' do
|
||||
Guardian.new(admin).can_edit?(build(:topic, user: user, archived: true)).should be_false
|
||||
Guardian.new(admin).can_edit?(build(:topic, user: user, archived: true)).should == false
|
||||
end
|
||||
|
||||
it 'returns false at trust level 3' do
|
||||
Guardian.new(leader).can_edit?(build(:topic, user: user, archived: true)).should == false
|
||||
end
|
||||
end
|
||||
end
|
||||
|
Loading…
Reference in New Issue
Block a user