From d9d86577ffef022f7d263e5adab65799bd60010e Mon Sep 17 00:00:00 2001
From: Guo Xiang Tan <tgx_world@hotmail.com>
Date: Tue, 10 Apr 2018 09:22:01 +0800
Subject: [PATCH] FIX: Staff users are not affected by `enable_group_directory`
 site setting.

---
 .../discourse/widgets/hamburger-menu.js.es6   |  2 +-
 app/controllers/groups_controller.rb          |  2 +-
 spec/requests/groups_controller_spec.rb       | 27 +++++++++++++++++--
 3 files changed, 27 insertions(+), 4 deletions(-)

diff --git a/app/assets/javascripts/discourse/widgets/hamburger-menu.js.es6 b/app/assets/javascripts/discourse/widgets/hamburger-menu.js.es6
index 77e8b331867..933d0516156 100644
--- a/app/assets/javascripts/discourse/widgets/hamburger-menu.js.es6
+++ b/app/assets/javascripts/discourse/widgets/hamburger-menu.js.es6
@@ -116,7 +116,7 @@ export default createWidget('hamburger-menu', {
       links.push({ route: 'users', className: 'user-directory-link', label: 'directory.title' });
     }
 
-    if (this.siteSettings.enable_group_directory) {
+    if (this.siteSettings.enable_group_directory ||  this.currentUser.staff) {
       links.push({ route: 'groups', className: 'groups-link', label: 'groups.index.title' });
     }
 
diff --git a/app/controllers/groups_controller.rb b/app/controllers/groups_controller.rb
index 15d37a07d98..ff14238113e 100644
--- a/app/controllers/groups_controller.rb
+++ b/app/controllers/groups_controller.rb
@@ -37,7 +37,7 @@ class GroupsController < ApplicationController
   }
 
   def index
-    unless SiteSetting.enable_group_directory?
+    unless SiteSetting.enable_group_directory? || current_user&.staff?
       raise Discourse::InvalidAccess.new(:enable_group_directory)
     end
 
diff --git a/spec/requests/groups_controller_spec.rb b/spec/requests/groups_controller_spec.rb
index 00569ba6783..d1279fe23fd 100644
--- a/spec/requests/groups_controller_spec.rb
+++ b/spec/requests/groups_controller_spec.rb
@@ -4,6 +4,8 @@ describe GroupsController do
   let(:user) { Fabricate(:user) }
   let(:group) { Fabricate(:group, users: [user]) }
   let(:moderator_group_id) { Group::AUTO_GROUPS[:moderators] }
+  let(:admin) { Fabricate(:admin) }
+  let(:moderator) { Fabricate(:moderator) }
 
   describe '#index' do
     let(:staff_group) do
@@ -11,11 +13,32 @@ describe GroupsController do
     end
 
     context 'when group directory is disabled' do
-      it 'should deny access' do
+      before do
         SiteSetting.enable_group_directory = false
+      end
 
+      it 'should deny access for an anon user' do
         get "/groups.json"
-        expect(response).to be_forbidden
+        expect(response.status).to eq(403)
+      end
+
+      it 'should deny access for a normal user' do
+        get "/groups.json"
+        expect(response.status).to eq(403)
+      end
+
+      it 'should not deny access for an admin' do
+        sign_in(admin)
+        get "/groups.json"
+
+        expect(response.status).to eq(200)
+      end
+
+      it 'should not deny access for a moderator' do
+        sign_in(moderator)
+        get "/groups.json"
+
+        expect(response.status).to eq(200)
       end
     end