diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml index dccc03f3ae9..62db818bb1d 100644 --- a/config/locales/server.en.yml +++ b/config/locales/server.en.yml @@ -1988,6 +1988,7 @@ en: min_trust_to_post_embedded_media: "The minimum trust level required to embed media items in a post" embedded_media_post_allowed_groups: "The users in these groups are allowed to embed media items in a post" min_trust_level_to_allow_profile_background: "The minimum trust level required to upload a profile background" + profile_background_allowed_groups: "Groups that are allowed to upload a profile background." min_trust_level_to_allow_user_card_background: "The minimum trust level required to upload a user card background" user_card_background_allowed_groups: "Groups that are allowed to upload a user card background." min_trust_level_to_allow_invite: "The minimum trust level required to invite users" @@ -2598,6 +2599,7 @@ en: post_links_allowed_groups: "min_trust_to_post_links" user_api_key_allowed_groups: "min_trust_level_for_user_api_key" tag_topic_allowed_groups: "min_trust_level_to_tag_topics" + profile_background_allowed_groups: "min_trust_level_to_allow_profile_background" placeholder: discourse_connect_provider_secrets: diff --git a/config/site_settings.yml b/config/site_settings.yml index a2f73f753db..21d288741b4 100644 --- a/config/site_settings.yml +++ b/config/site_settings.yml @@ -1778,6 +1778,11 @@ trust: default: 0 client: true enum: "TrustLevelSetting" + profile_background_allowed_groups: + default: "3|10" # auto group staff and trust_level_0 + type: group_list + allow_any: false + refresh: true min_trust_level_to_allow_user_card_background: default: 0 client: true @@ -1788,7 +1793,6 @@ trust: type: group_list allow_any: false refresh: true - validator: "AtLeastOneGroupValidator" min_trust_level_to_allow_invite: default: 2 enum: "TrustLevelSetting" diff --git a/db/migrate/20240216073624_fill_profile_background_allowed_groups_based_on_deprecated_setting.rb b/db/migrate/20240216073624_fill_profile_background_allowed_groups_based_on_deprecated_setting.rb new file mode 100644 index 00000000000..1c7c8b02716 --- /dev/null +++ b/db/migrate/20240216073624_fill_profile_background_allowed_groups_based_on_deprecated_setting.rb @@ -0,0 +1,24 @@ +# frozen_string_literal: true + +class FillProfileBackgroundAllowedGroupsBasedOnDeprecatedSetting < ActiveRecord::Migration[7.0] + def up + old_setting_trust_level = + DB.query_single( + "SELECT value FROM site_settings WHERE name = 'min_trust_level_to_allow_profile_background' LIMIT 1", + ).first + + if old_setting_trust_level.present? + allowed_groups = "3|1#{old_setting_trust_level}" # allow staff and the TL auto group + + DB.exec( + "INSERT INTO site_settings(name, value, data_type, created_at, updated_at) + VALUES('profile_background_allowed_groups', :setting, '20', NOW(), NOW())", + setting: allowed_groups, + ) + end + end + + def down + raise ActiveRecord::IrreversibleMigration + end +end diff --git a/lib/guardian/user_guardian.rb b/lib/guardian/user_guardian.rb index 1b4f9ae3820..608ee260bf1 100644 --- a/lib/guardian/user_guardian.rb +++ b/lib/guardian/user_guardian.rb @@ -182,10 +182,8 @@ module UserGuardian end def can_upload_profile_header?(user) - ( - is_me?(user) && - user.has_trust_level?(SiteSetting.min_trust_level_to_allow_profile_background.to_i) - ) || is_staff? + (is_me?(user) && user.in_any_groups?(SiteSetting.profile_background_allowed_groups_map)) || + is_staff? end def can_upload_user_card_background?(user) diff --git a/lib/site_settings/deprecated_settings.rb b/lib/site_settings/deprecated_settings.rb index 3e02ffd5a8b..e2b22e2af38 100644 --- a/lib/site_settings/deprecated_settings.rb +++ b/lib/site_settings/deprecated_settings.rb @@ -41,6 +41,12 @@ module SiteSettings::DeprecatedSettings ["min_trust_to_post_links", "post_links_allowed_groups", false, "3.3"], ["min_trust_level_for_user_api_key", "user_api_key_allowed_groups", false, "3.3"], ["min_trust_level_to_tag_topics", "tag_topic_allowed_groups", false, "3.3"], + [ + "min_trust_level_to_allow_profile_background", + "profile_background_allowed_groups", + false, + "3.3", + ], ] OVERRIDE_TL_GROUP_SETTINGS = %w[ @@ -66,6 +72,7 @@ module SiteSettings::DeprecatedSettings min_trust_to_post_links min_trust_level_for_user_api_key min_trust_level_to_tag_topics + min_trust_level_to_allow_profile_background ] def group_to_tl(old_setting, new_setting) diff --git a/spec/lib/guardian/user_guardian_spec.rb b/spec/lib/guardian/user_guardian_spec.rb index b88739264a5..fc83c031669 100644 --- a/spec/lib/guardian/user_guardian_spec.rb +++ b/spec/lib/guardian/user_guardian_spec.rb @@ -451,15 +451,15 @@ RSpec.describe UserGuardian do expect(guardian.can_upload_profile_header?(admin)).to eq(true) end - it "returns true if the trust level of user matches site setting" do + it "returns true if the group of user matches site setting" do guardian = Guardian.new(trust_level_2) - SiteSetting.min_trust_level_to_allow_profile_background = 2 + SiteSetting.profile_background_allowed_groups = Group::AUTO_GROUPS[:trust_level_2] expect(guardian.can_upload_profile_header?(trust_level_2)).to eq(true) end - it "returns false if the trust level of user does not matches site setting" do + it "returns false if the group of user does not matches site setting" do guardian = Guardian.new(trust_level_1) - SiteSetting.min_trust_level_to_allow_profile_background = 2 + SiteSetting.profile_background_allowed_groups = Group::AUTO_GROUPS[:trust_level_2] expect(guardian.can_upload_profile_header?(trust_level_1)).to eq(false) end end diff --git a/spec/services/user_updater_spec.rb b/spec/services/user_updater_spec.rb index 4b56a15a18e..b00909866e4 100644 --- a/spec/services/user_updater_spec.rb +++ b/spec/services/user_updater_spec.rb @@ -211,11 +211,11 @@ RSpec.describe UserUpdater do expect(user.date_of_birth).to eq(date_of_birth.to_date) end - it "allows user to update profile header when the user has required trust level" do - user = Fabricate(:user, trust_level: 2) + it "allows user to update profile header when the user has required group" do + user = Fabricate(:user, trust_level: TrustLevel[2]) updater = UserUpdater.new(user, user) upload = Fabricate(:upload) - SiteSetting.min_trust_level_to_allow_profile_background = 2 + SiteSetting.profile_background_allowed_groups = Group::AUTO_GROUPS[:trust_level_2] val = updater.update(profile_background_upload_url: upload.url) expect(val).to be_truthy user.reload @@ -226,11 +226,11 @@ RSpec.describe UserUpdater do expect(user.profile_background_upload).to eq(nil) end - it "allows user to update user card background when the user has required trust level" do + it "allows user to update user card background when the user has required group" do user = Fabricate(:user, trust_level: TrustLevel[2]) updater = UserUpdater.new(user, user) upload = Fabricate(:upload) - SiteSetting.min_trust_level_to_allow_user_card_background = 2 + SiteSetting.user_card_background_allowed_groups = Group::AUTO_GROUPS[:trust_level_2] val = updater.update(card_background_upload_url: upload.url) expect(val).to be_truthy user.reload