DEV: Introduce post_should_secure_uploads? plugin modifier (#26508)

This modifier allows plugins to alter the outcome of
`should_secure_uploads?` on a Post record, for cases when
plugins need post-attached uploads to always be secure (or
not secure) in specific scenarios.

lib/topic_upload_security_manager.rb

@@ -21,6 +21,7 @@ class TopicUploadSecurityManager
   end
 
   def run
+    rebaked_posts = []
     Rails.logger.debug("Updating upload security in topic #{@topic.id}")
     posts_owning_uploads.each do |post|
       Post.transaction do
@@ -35,14 +36,18 @@ class TopicUploadSecurityManager
             upload.access_control_post = post
             upload.update_secure_status(source: "topic upload security")
           end
-        post.rebake! if secure_status_did_change
+
+        if secure_status_did_change
+          post.rebake!
+          rebaked_posts << post
+        end
         Rails.logger.debug(
           "Security updated & rebake complete in topic #{@topic.id} - post #{post.id}",
         )
       end
     end
 
-    return if !SiteSetting.secure_uploads
+    return rebaked_posts if !SiteSetting.secure_uploads
 
     # We only want to do this if secure uploads is enabled. If
     # the setting is turned on after a site has been running
@@ -76,7 +81,10 @@ class TopicUploadSecurityManager
             end
           end
 
-        post.rebake! if secure_status_did_change
+        if secure_status_did_change
+          post.rebake!
+          rebaked_posts << post
+        end
         Rails.logger.debug(
           "Completed changing access control posts #{secure_status_did_change ? "and rebaking" : ""} in topic #{@topic.id} - post #{post.id}",
         )
@@ -84,6 +92,7 @@ class TopicUploadSecurityManager
     end
 
     Rails.logger.debug("Completed updating upload security in topic #{@topic.id}!")
+    rebaked_posts
   end
 
   private