mirror of
https://github.com/discourse/discourse.git
synced 2026-03-05 15:27:34 +08:00
71b96243e1
There exists a `localization_guardian` that checks if a user can localize based on settings like - `content_localization_allowed_groups` - `content_localization_allow_author_localization` However, it missed out checking if the user can even see the model. This commit fixes that by adding the checks. This issue was found as I was adding a new model (`tags`) and discovered they were absent for the older models. This commit also introduces a small refactor that `.find`s the model first on the controller and passes the object, so that the subsequent services do not have to `.find` them again.
198 lines
8.2 KiB
Ruby
198 lines
8.2 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
describe LocalizationGuardian do
|
|
fab!(:user)
|
|
fab!(:admin)
|
|
fab!(:moderator)
|
|
fab!(:post) { Fabricate(:post, user: user) }
|
|
fab!(:other_user_post, :post)
|
|
fab!(:topic) { Fabricate(:topic, user: user) }
|
|
fab!(:other_user_topic, :topic)
|
|
|
|
before { SiteSetting.content_localization_enabled = true }
|
|
|
|
describe "#can_localize_content?" do
|
|
it "returns false when content localization is disabled" do
|
|
SiteSetting.content_localization_enabled = false
|
|
expect(Guardian.new(admin).can_localize_content?).to eq(false)
|
|
end
|
|
|
|
it "returns true for users in allowed groups" do
|
|
SiteSetting.content_localization_allowed_groups = "#{Group::AUTO_GROUPS[:admins]}"
|
|
expect(Guardian.new(admin).can_localize_content?).to eq(true)
|
|
end
|
|
|
|
it "returns false for users not in allowed groups" do
|
|
SiteSetting.content_localization_allowed_groups = "#{Group::AUTO_GROUPS[:admins]}"
|
|
expect(Guardian.new(user).can_localize_content?).to eq(false)
|
|
end
|
|
end
|
|
|
|
describe "#can_localize_post?" do
|
|
it "returns false when content localization is disabled" do
|
|
SiteSetting.content_localization_enabled = false
|
|
expect(Guardian.new(user).can_localize_post?(post)).to eq(false)
|
|
end
|
|
|
|
context "when user cannot see the post" do
|
|
fab!(:private_category) { Fabricate(:private_category, group: Fabricate(:group)) }
|
|
fab!(:private_topic) { Fabricate(:topic, category: private_category) }
|
|
fab!(:private_post) { Fabricate(:post, topic: private_topic) }
|
|
|
|
before do
|
|
SiteSetting.content_localization_allowed_groups = "#{Group::AUTO_GROUPS[:everyone]}"
|
|
end
|
|
|
|
it "returns false for posts in private categories the user cannot access" do
|
|
expect(Guardian.new(user).can_localize_post?(private_post)).to eq(false)
|
|
expect(Guardian.new(user).can_localize_post?(private_post.id)).to eq(false)
|
|
end
|
|
|
|
it "returns false for posts in private messages the user is not part of" do
|
|
pm = Fabricate(:private_message_topic)
|
|
pm_post = Fabricate(:post, topic: pm)
|
|
expect(Guardian.new(user).can_localize_post?(pm_post)).to eq(false)
|
|
expect(Guardian.new(user).can_localize_post?(pm_post.id)).to eq(false)
|
|
end
|
|
|
|
it "returns false for non-existent posts" do
|
|
expect(Guardian.new(user).can_localize_post?(999_999_999)).to eq(false)
|
|
end
|
|
end
|
|
|
|
context "when user is in allowed groups" do
|
|
before { SiteSetting.content_localization_allowed_groups = "#{Group::AUTO_GROUPS[:admins]}" }
|
|
|
|
it "returns true for any post" do
|
|
expect(Guardian.new(admin).can_localize_post?(post)).to eq(true)
|
|
expect(Guardian.new(admin).can_localize_post?(post.id)).to eq(true)
|
|
expect(Guardian.new(admin).can_localize_post?(other_user_post)).to eq(true)
|
|
expect(Guardian.new(admin).can_localize_post?(other_user_post.id)).to eq(true)
|
|
end
|
|
end
|
|
|
|
context "when author localization is enabled" do
|
|
before do
|
|
SiteSetting.content_localization_allowed_groups = "#{Group::AUTO_GROUPS[:admins]}"
|
|
SiteSetting.content_localization_allow_author_localization = true
|
|
end
|
|
|
|
it "returns true when user is the post author" do
|
|
expect(Guardian.new(user).can_localize_post?(post)).to eq(true)
|
|
expect(Guardian.new(user).can_localize_post?(post.id)).to eq(true)
|
|
end
|
|
|
|
it "returns false when user is not the post author" do
|
|
expect(Guardian.new(user).can_localize_post?(other_user_post)).to eq(false)
|
|
expect(Guardian.new(user).can_localize_post?(other_user_post.id)).to eq(false)
|
|
end
|
|
|
|
it "returns true for users in allowed groups regardless of authorship" do
|
|
expect(Guardian.new(admin).can_localize_post?(post)).to eq(true)
|
|
expect(Guardian.new(admin).can_localize_post?(post.id)).to eq(true)
|
|
expect(Guardian.new(admin).can_localize_post?(other_user_post)).to eq(true)
|
|
expect(Guardian.new(admin).can_localize_post?(other_user_post.id)).to eq(true)
|
|
end
|
|
end
|
|
|
|
context "when author localization is disabled" do
|
|
before do
|
|
SiteSetting.content_localization_allowed_groups = "#{Group::AUTO_GROUPS[:admins]}"
|
|
SiteSetting.content_localization_allow_author_localization = false
|
|
end
|
|
|
|
it "returns false for post authors not in allowed groups" do
|
|
expect(Guardian.new(user).can_localize_post?(post)).to eq(false)
|
|
expect(Guardian.new(user).can_localize_post?(post.id)).to eq(false)
|
|
end
|
|
|
|
it "returns true for users in allowed groups" do
|
|
expect(Guardian.new(admin).can_localize_post?(post)).to eq(true)
|
|
expect(Guardian.new(admin).can_localize_post?(post.id)).to eq(true)
|
|
end
|
|
end
|
|
end
|
|
|
|
describe "#can_localize_topic?" do
|
|
it "returns false when content localization is disabled" do
|
|
SiteSetting.content_localization_enabled = false
|
|
expect(Guardian.new(user).can_localize_topic?(topic)).to eq(false)
|
|
end
|
|
|
|
context "when user cannot see the topic" do
|
|
fab!(:private_category) { Fabricate(:private_category, group: Fabricate(:group)) }
|
|
fab!(:private_topic) { Fabricate(:topic, category: private_category) }
|
|
|
|
before do
|
|
SiteSetting.content_localization_allowed_groups = "#{Group::AUTO_GROUPS[:everyone]}"
|
|
end
|
|
|
|
it "returns false for topics in private categories the user cannot access" do
|
|
expect(Guardian.new(user).can_localize_topic?(private_topic)).to eq(false)
|
|
expect(Guardian.new(user).can_localize_topic?(private_topic.id)).to eq(false)
|
|
end
|
|
|
|
it "returns false for private messages the user is not part of" do
|
|
pm = Fabricate(:private_message_topic)
|
|
expect(Guardian.new(user).can_localize_topic?(pm)).to eq(false)
|
|
expect(Guardian.new(user).can_localize_topic?(pm.id)).to eq(false)
|
|
end
|
|
|
|
it "returns false for non-existent topics" do
|
|
expect(Guardian.new(user).can_localize_topic?(999_999_999)).to eq(false)
|
|
end
|
|
end
|
|
|
|
context "when user is in allowed groups" do
|
|
before { SiteSetting.content_localization_allowed_groups = "#{Group::AUTO_GROUPS[:admins]}" }
|
|
|
|
it "returns true for any topic" do
|
|
expect(Guardian.new(admin).can_localize_topic?(topic)).to eq(true)
|
|
expect(Guardian.new(admin).can_localize_topic?(topic.id)).to eq(true)
|
|
expect(Guardian.new(admin).can_localize_topic?(other_user_topic)).to eq(true)
|
|
expect(Guardian.new(admin).can_localize_topic?(other_user_topic.id)).to eq(true)
|
|
end
|
|
end
|
|
|
|
context "when author localization is enabled" do
|
|
before do
|
|
SiteSetting.content_localization_allowed_groups = "#{Group::AUTO_GROUPS[:admins]}"
|
|
SiteSetting.content_localization_allow_author_localization = true
|
|
end
|
|
|
|
it "returns true when user is the topic author" do
|
|
expect(Guardian.new(user).can_localize_topic?(topic)).to eq(true)
|
|
expect(Guardian.new(user).can_localize_topic?(topic.id)).to eq(true)
|
|
end
|
|
|
|
it "returns false when user is not the topic author" do
|
|
expect(Guardian.new(user).can_localize_topic?(other_user_topic)).to eq(false)
|
|
expect(Guardian.new(user).can_localize_topic?(other_user_topic.id)).to eq(false)
|
|
end
|
|
|
|
it "returns true for users in allowed groups regardless of authorship" do
|
|
expect(Guardian.new(admin).can_localize_topic?(topic)).to eq(true)
|
|
expect(Guardian.new(admin).can_localize_topic?(topic.id)).to eq(true)
|
|
expect(Guardian.new(admin).can_localize_topic?(other_user_topic)).to eq(true)
|
|
expect(Guardian.new(admin).can_localize_topic?(other_user_topic.id)).to eq(true)
|
|
end
|
|
end
|
|
|
|
context "when author localization is disabled" do
|
|
before do
|
|
SiteSetting.content_localization_allowed_groups = "#{Group::AUTO_GROUPS[:admins]}"
|
|
SiteSetting.content_localization_allow_author_localization = false
|
|
end
|
|
|
|
it "returns false for topic authors not in allowed groups" do
|
|
expect(Guardian.new(user).can_localize_topic?(topic)).to eq(false)
|
|
expect(Guardian.new(user).can_localize_topic?(topic.id)).to eq(false)
|
|
end
|
|
|
|
it "returns true for users in allowed groups" do
|
|
expect(Guardian.new(admin).can_localize_topic?(topic)).to eq(true)
|
|
expect(Guardian.new(admin).can_localize_topic?(topic.id)).to eq(true)
|
|
end
|
|
end
|
|
end
|
|
end
|
