FEATURE: Make allow_uploaded_avatars accept TL (#14091)

This gives admins more control over who can upload custom profile pictures.
2025-02-25 18:55:32 -06:00 · 2021-08-24 10:46:28 +03:00
parent eb6d66fe6f
commit ff367e22fb
12 changed files with 122 additions and 14 deletions
--- a/app/assets/javascripts/discourse/app/controllers/avatar-selector.js
+++ b/app/assets/javascripts/discourse/app/controllers/avatar-selector.js
@@ -83,10 +83,23 @@ export default Controller.extend(ModalFunctionality, {
    }
  },

-  @discourseComputed()
-  allowAvatarUpload() {
+  siteSettingMatches(value, user) {
+    switch (value) {
+      case "disabled":
+        return false;
+      case "staff":
+        return user.staff;
+      case "admin":
+        return user.admin;
+      default:
+        return user.trust_level >= parseInt(value, 10) || user.staff;
+    }
+  },
+
+  @discourseComputed("siteSettings.allow_uploaded_avatars")
+  allowAvatarUpload(allowUploadedAvatars) {
    return (
-      this.siteSettings.allow_uploaded_avatars &&
+      this.siteSettingMatches(allowUploadedAvatars, this.currentUser) &&
      allowsImages(this.currentUser.staff, this.siteSettings)
    );
  },
--- a/app/assets/javascripts/discourse/tests/helpers/site-settings.js
+++ b/app/assets/javascripts/discourse/tests/helpers/site-settings.js
@@ -62,7 +62,7 @@ const ORIGINAL_SETTINGS = {
  max_image_width: 690,
  max_image_height: 500,
  allow_profile_backgrounds: true,
-  allow_uploaded_avatars: true,
+  allow_uploaded_avatars: "0",
  tl1_requires_read_posts: 30,
  enable_long_polling: true,
  polling_interval: 3000,
--- a/app/controllers/uploads_controller.rb
+++ b/app/controllers/uploads_controller.rb
@@ -29,7 +29,7 @@ class UploadsController < ApplicationController
    # 50 characters ought to be enough for the upload type
    type = (params[:upload_type].presence || params[:type].presence).parameterize(separator: "_")[0..50]

-    if type == "avatar" && !me.admin? && (SiteSetting.discourse_connect_overrides_avatar || !SiteSetting.allow_uploaded_avatars)
+    if type == "avatar" && !me.admin? && (SiteSetting.discourse_connect_overrides_avatar || !TrustLevelAndStaffAndDisabledSetting.matches?(SiteSetting.allow_uploaded_avatars, me))
      return render json: failed_json, status: 422
    end

--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -1138,7 +1138,7 @@ class UsersController < ApplicationController

    if type.blank? || type == 'system'
      upload_id = nil
-    elsif !SiteSetting.allow_uploaded_avatars
+    elsif !TrustLevelAndStaffAndDisabledSetting.matches?(SiteSetting.allow_uploaded_avatars, user)
      return render json: failed_json, status: 422
    else
      upload_id = params[:upload_id]
--- a/app/models/trust_level_and_staff_and_disabled_setting.rb
+++ b/app/models/trust_level_and_staff_and_disabled_setting.rb
@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+class TrustLevelAndStaffAndDisabledSetting < TrustLevelAndStaffSetting
+  def self.valid_value?(val)
+    valid_values.include?(val) || (val.to_i.to_s == val.to_s && valid_values.include?(val.to_i))
+  end
+
+  def self.valid_values
+    ['disabled'] + TrustLevel.valid_range.to_a + special_groups
+  end
+
+  def self.translation(value)
+    if value == 'disabled'
+      I18n.t('site_settings.disabled')
+    else
+      super
+    end
+  end
+
+  def self.matches?(value, user)
+    case value
+    when 'disabled'
+      false
+    when 'staff'
+      user.staff?
+    when 'admin'
+      user.admin?
+    else
+      user.has_trust_level?(value.to_i) || user.staff?
+    end
+  end
+end