mirror of
https://github.com/discourse/discourse.git
synced 2026-03-04 01:15:08 +08:00
20e4134a09
Silenced users can now no longer like posts or use reactions, which closes a potential griefing vector that was difficult for moderators to monitor. The implementation adds a silenced check to the guardian's post_can_act? method for likes, and introduces a new can_use_reactions? guardian method in the discourse-reactions plugin that delegates to the same logic. This ensures both features share the same authorization path. Additionally, silenced users' custom status is now shadow-banned: visible to themselves and staff, but hidden from other users. A new `can_see_user_status?` guardian method centralizes the visibility logic, used by serializers and MessageBus publishing. Status updates from silenced users are now only broadcast to themselves and staff. Also includes minor CSS fixes for user status spacing and alignment. Chat reactions already had proper silenced user checks in place via the can_react? guardian method, so no changes were needed there. Ref - t/140084 |
||
|---|---|---|
| .. | ||
| user_status_mixin_spec.rb | ||
