Added permissions to badges

app/controllers/forumgroups_controller.rb

@@ -19,6 +19,19 @@ def edit
   def update
     if admin?
       @group = Forumgroup.find(params[:id])
+      group_badges = Badgeassociation.where(forumgroup: @group)
+      ["read-", "write-"].each_with_index do |p,i|
+        current_badges = group_badges.where(permission: i+1).pluck(:badge_id)
+        params.select{|k,v| k.start_with? p}.each do |k,v|
+          name = k.gsub(p, "")
+          if current_badges.include? (bid = Badge.find_by(name: name).id)
+            current_badges.delete bid
+          else
+            Badgeassociation.create!(badge: Badge.find_by(name: name), forumgroup: @group, permission: i+1)
+          end
+        end
+        current_badges.each {|b| Badgeassociation.find_by(badge_id: b, forumgroup: @group, permission: i+1).delete}
+      end
       if @group.update_attributes(group_params)
         flash[:notice] = "Forum group updated"
         redirect_to @group
@@ -43,6 +56,11 @@ def new
   def create
     if admin?
       @group = Forumgroup.new(group_params)
+      ["read-", "write-"].each_with_index do |p,i|
+        params.select{|k,v| k.start_with? p}.each do |k,v|
+          Badgeassociation.create!(badge: Badge.find_by(name: k.gsub(p, "")), forumgroup: @group, permission: i+1)
+        end
+      end
       if @group.save
         flash[:notice] = "Forum group created."
         redirect_to @group

app/controllers/forums_controller.rb

@@ -35,6 +35,19 @@ def new
 
   def update
     if admin?
+      forum_badges = Badgeassociation.where(forum: @forum)
+      ["read-", "write-"].each_with_index do |p,i|
+        current_badges = forum_badges.where(permission: i+1).pluck(:badge_id)
+        params.select{|k,v| k.start_with? p}.each do |k,v|
+          name = k.gsub(p, "")
+          if current_badges.include? (bid = Badge.find_by(name: name).id)
+            current_badges.delete bid
+          else
+            Badgeassociation.create!(badge: Badge.find_by(name: name), forum: @forum, permission: i+1)
+          end
+        end
+        current_badges.each {|b| Badgeassociation.find_by(badge_id: b, forum: @forum, permission: i+1).delete}
+      end
       if @forum.update_attributes(forum_params)
         flash[:notice] = "Forum updated"
         redirect_to @forum
@@ -50,6 +63,11 @@ def update
   def create
     if admin?
       @forum = Forum.new(forum_params([:forumgroup_id]))
+      ["read-", "write-"].each_with_index do |p,i|
+        params.select{|k,v| k.start_with? p}.each do |k,v|
+          Badgeassociation.create!(badge: Badge.find_by(name: k.gsub(p, "")), forum: @forum, permission: i+1)
+        end
+      end
       if @forum.save
         flash[:notice] = "Forum created."
         redirect_to @forum

app/models/badge.rb

@@ -1,6 +1,7 @@
 class Badge < ActiveRecord::Base
   include Comparable
   has_many :users
+  has_and_belongs_to_many :forums
 
   def self.get (input)
     if input.is_a?(String) || input.is_a?(Symbol)

app/models/badgeassociation.rb

@@ -0,0 +1,7 @@
+class Badgeassociation < ActiveRecord::Base
+
+  belongs_to :badge
+  belongs_to :forum
+  belongs_to :forumgroup
+
+end

app/models/forum.rb

@@ -1,6 +1,10 @@
 class Forum < ActiveRecord::Base
   belongs_to :forumgroup
   has_many :forumthreads
+
+  has_many :badgeassociations
+  has_many :badges, through: :badgeassociations
+
   belongs_to :role_read, class_name: "Role", foreign_key: "role_read_id"
   belongs_to :role_write, class_name: "Role", foreign_key: "role_write_id"
   has_and_belongs_to_many :labels
@@ -18,11 +22,11 @@ def threads
   end
 
   def can_read?(user)
-    group && group.can_read?(user) && (role_read.nil? || (!user.nil? && user.role >= role_read))
+    group && group.can_read?(user) && (role_read.nil? || (!user.nil? && user.role >= role_read) || Badgeassociation.find_by(badge: user.badge, forum: self, permission: 1))
   end
 
   def can_write?(user)
-    group.can_write?(user) && (role_write.nil? || (!user.nil? && user.role >= role_write))
+    group.can_write?(user) && (role_write.nil? || (!user.nil? && user.role >= role_write || Badgeassociation.find_by(badge: user.badge, forum: self, permission: 2)))
   end
 
   def can_view?(user)

app/models/forumgroup.rb

@@ -4,7 +4,8 @@ class Forumgroup < ActiveRecord::Base
   belongs_to :role_write, class_name: "Role", foreign_key: "role_write_id"
   accepts_nested_attributes_for :forums
 
-
+  has_many :badgeassociations
+  has_many :badges, through: :badgeassociations
 
   validates_presence_of :name, :position
   validates_length_of :name, in: 2..20
@@ -14,11 +15,11 @@ def to_s
   end
 
   def can_read?(user)
-    role_read.nil? || (!user.nil? && user.role >= role_read)
+    role_read.nil? || (!user.nil? && user.role >= role_read) || Badgeassociation.find_by(badge: user.badge, forumgroup: self, permission: 1)
   end
 
   def can_write?(user)
-    !user.nil? && user.confirmed? && (role_write.nil? || user.role >= role_write)
+    !user.nil? && user.confirmed? && (role_write.nil? || user.role >= role_write) || Badgeassociation.find_by(badge: user.badge, forumgroup: self, permission: 2)
   end
 
   def can_view?(user)

app/models/forumthread.rb

@@ -70,7 +70,7 @@ def self.filter (user, title, content, reply, label, author, query, forum)
     order_phrase = query || [title, content, reply].select(&:present?).join(" ")
     user_id = user.try(:id).to_i
     role_value = user.try(:role).to_i
-    can_read = "COALESCE(forum_role_read.value, 0) <= ? AND COALESCE(forumgroup_role_read.value, 0) <= ?"
+    can_read = "(COALESCE(forum_role_read.value, 0) <= ? AND COALESCE(forumgroup_role_read.value, 0) <= ?)"
     # A user can view sticky threads in write-only forums without read permissions.
     sticky_can_write = "sticky = true AND (COALESCE(forum_role_write.value, 0) <= ? AND COALESCE(forumgroup_role_write.value, 0) <= ?)"
     match = ["MATCH (title, forumthreads.content) AGAINST (#{Forumthread.sanitize(order_phrase)})", "MATCH (threadreplies.content) AGAINST (#{Forumthread.sanitize(order_phrase)})", "MATCH (title, forumthreads.content) AGAINST (?) OR MATCH (threadreplies.content) AGAINST (?)", "MATCH (title) AGAINST (?)", "MATCH (forumthreads.content) AGAINST (?)", "MATCH (threadreplies.content) AGAINST (?)"]
@@ -86,7 +86,7 @@ def self.filter (user, title, content, reply, label, author, query, forum)
     .joins("LEFT JOIN roles as forumgroup_role_read ON forumgroups.role_read_id = forumgroup_role_read.id")
     .joins("LEFT JOIN roles as forumgroup_role_write ON forumgroups.role_write_id = forumgroup_role_write.id")
 
-    threads = threads.where("forumthreads.user_author_id = ? OR (#{can_read}) OR (#{sticky_can_write})", user_id, role_value, role_value, role_value, role_value)
+    threads = threads.where("forumthreads.user_author_id = ? OR (#{can_read}) OR (#{sticky_can_write}) OR (?)", user_id, role_value, role_value, role_value, role_value, Forum.find(forum).can_read?(user))
     if query
       threads = threads.where("#{match[2]}", query[0..99], query[0..99])
     elsif [title, content, reply].any?

app/views/forumgroups/edit.html.erb

@@ -29,12 +29,28 @@
       <td><%= f.label :role_read_id, "Min. read role" %></td>
       <td><%= f.select :role_read_id, role_selection, include_blank: "None" %></td>
     </tr>
+    <tr>
+      <td><b>Badges with read permission</b></td>
+      <td>
+        <% Badge.where("name != 'none'").each do |b| %>
+          <%=b%><%= check_box_tag "read-#{b}", nil, Badgeassociation.find_by(badge: b, forumgroup: @group, permission: 1) %>
+        <% end %>
+      </td>
+    </tr>
     <tr>
       <td><%= f.label :role_write_id, "Min. write role" %></td>
       <td><%= f.select :role_write_id, role_selection, include_blank: false %></td>
     </tr>
+    <tr>
+      <td><b>Badges with write permission</b></td>
+      <td>
+        <% Badge.where("name != 'none'").each do |b| %>
+          <%=b%><%= check_box_tag "write-#{b}", nil, Badgeassociation.find_by(badge: b, forumgroup: @group, permission: 2) %>
+        <% end %>
+      </td>
+    </tr>
   </table>
   <p><%= f.submit "Update group", class: "btn blue left" %></p>
 <% end %>
 <p><%= button_to "Delete group", @group, :method => "delete", data: {confirm: "Delete group?\nForums + Threads will not be accessible!"}, class: "btn red right" %></p>
-<div class="clear"></div>
+<div class="clear"></div>

app/views/forumgroups/new.html.erb

@@ -16,11 +16,27 @@
       <td><%= f.label :role_read_id, "Min. read role" %></td>
       <td><%= f.select :role_read_id, role_selection, include_blank: "None" %></td>
     </tr>
+    <tr>
+      <td><b>Badges with read permission</b></td>
+      <td>
+        <% Badge.where("name != 'none'").each do |b| %>
+          <%=b%><%= check_box_tag "read-#{b}" %>
+        <% end %>
+      </td>
+    </tr>
     <tr>
       <td><%= f.label :role_write_id, "Min. write role" %></td>
       <td><%= f.select :role_write_id, role_selection, include_blank: false %></td>
     </tr>
+    <tr>
+      <td><b>Badges with write permission</b></td>
+      <td>
+        <% Badge.where("name != 'none'").each do |b| %>
+          <%=b%><%= check_box_tag "write-#{b}" %>
+        <% end %>
+      </td>
+    </tr>
   </table>
   <p><%= f.submit "Create group", class: "btn blue left" %></p>
   <div class="clear"></div>
-<% end %>
+<% end %>

app/views/forums/edit.html.erb

@@ -17,10 +17,26 @@
       <td><%= f.label :role_read_id, "Min. read role" %></td>
       <td><%= f.select :role_read_id, role_selection, include_blank: "None" %></td>
     </tr>
+    <tr>
+      <td><b>Badges with read permission</b></td>
+      <td>
+        <% Badge.where("name != 'none'").each do |b| %>
+          <%=b%><%= check_box_tag "read-#{b}", nil, Badgeassociation.find_by(badge: b, forum: @forum, permission: 1) %>
+        <% end %>
+      </td>
+    </tr>
     <tr>
       <td><%= f.label :role_write_id, "Min. write role" %></td>
       <td><%= f.select :role_write_id, role_selection, include_blank: false %></td>
     </tr>
+    <tr>
+      <td><b>Badges with write permission</b></td>
+      <td>
+        <% Badge.where("name != 'none'").each do |b| %>
+          <%=b%><%= check_box_tag "write-#{b}", nil, Badgeassociation.find_by(badge: b, forum: @forum, permission: 2) %>
+        <% end %>
+      </td>
+    </tr>
     <tr>
       <td><%= f.label :necro_length, "Necropost warning delay (in days)" %></td>
       <td><%= f.number_field :necro_length, placeholder: "Warning Delay (leave blank for no warning)" %></td>

app/views/forums/new.html.erb

@@ -17,10 +17,26 @@
       <td><%= f.label :role_read_id, "Min. read role" %></td>
       <td><%= f.select :role_read_id, role_selection, include_blank: "None" %></td>
     </tr>
+    <tr>
+      <td><b>Badges with read permission</b></td>
+      <td>
+        <% Badge.where("name != 'none'").each do |b| %>
+          <%=b%><%= check_box_tag "read-#{b}" %>
+        <% end %>
+      </td>
+    </tr>
     <tr>
       <td><%= f.label :role_write_id, "Min. write role" %></td>
       <td><%= f.select :role_write_id, role_selection, include_blank: false %></td>
     </tr>
+    <tr>
+      <td><b>Badges with write permission</b></td>
+      <td>
+        <% Badge.where("name != 'none'").each do |b| %>
+          <%=b%><%= check_box_tag "write-#{b}" %>
+        <% end %>
+      </td>
+    </tr>
     <tr>
       <td><%= f.label :necro_length, "Necropost warning delay (in days)" %></td>
       <td><%= f.number_field :necro_length, placeholder: "Warning Delay (leave blank for no warning)" %></td>

db/migrate/20170710141543_create_badgeassociations.rb

@@ -0,0 +1,10 @@
+class CreateBadgeassociations < ActiveRecord::Migration
+  def change
+    create_table :badgeassociations do |t|
+      t.references :badge
+      t.references :forum
+      t.references :forumgroup
+      t.integer :permission #1 = read, 2 = write
+    end
+  end
+end