IntenseWebs/discourse
3
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-02-25 18:55:32 -06:00
Code Issues Packages Projects Releases Wiki Activity

FIX: Server-side hashtag lookups of secure categories for a user (#19377)

Browse Source 
* FIX: Use Category.secured(guardian) for hashtag datasource

Follow up to comments in #19219, changing the category
hashtag datasource to use Category.secured(guardian) instead
of Site.new(guardian).categories here since the latter does
more work for not much benefit, and the query time is the
same. Also eliminates some Hash -> Model back and forth
busywork. Add some more specs too.

* FIX: Server-side hashtag lookup cooking user loading

When we were using the PrettyText.options.currentUser
and parsing back and forth with JSON for the hashtag
lookups server-side, we had a bug where the user's
secure categories were not loaded since we never actually
loaded a User model from the database, only parsed it
from JSON.

This commit fixes the issue by instead using the
PretyText.options.userId and looking up the user directly
from the database when calling hashtag_lookup via the
PrettyText::Helpers code when cooking server-side. Added
the missing spec to check for this as well.
This commit is contained in:
Martin Brennan
2022-12-09 10:34:25 +10:00
committed by GitHub
parent b50d071307
commit b2acc416e7
11 changed files with 118 additions and 64 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
lib/pretty_text/helpers.rb
View File

@@ -110,15 +110,15 @@ module PrettyText
end
end
def hashtag_lookup(slug, cooking_user, types_in_priority_order)
def hashtag_lookup(slug, cooking_user_id, types_in_priority_order)
# This is _somewhat_ expected since we need to be able to cook posts
# etc. without a user sometimes, but it is still an edge case.
if cooking_user.blank?
if cooking_user_id.blank?
cooking_user = Discourse.system_user
else
cooking_user = User.find(cooking_user_id)
end
cooking_user = User.new(cooking_user) if cooking_user.is_a?(Hash)
result = HashtagAutocompleteService.new(
Guardian.new(cooking_user)
).lookup([slug], types_in_priority_order)

4
lib/pretty_text/shims.js
View File

@@ -113,8 +113,8 @@ function __categoryLookup(c) {
return __helpers.category_tag_hashtag_lookup(c);
}
function __hashtagLookup(slug, cookingUser, typesInPriorityOrder) {
return __helpers.hashtag_lookup(slug, cookingUser, typesInPriorityOrder);
function __hashtagLookup(slug, cookingUserId, typesInPriorityOrder) {
return __helpers.hashtag_lookup(slug, cookingUserId, typesInPriorityOrder);
}
function __lookupAvatar(p) {