-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathplugin.rb
90 lines (75 loc) · 3.06 KB
/
plugin.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
# name: private-topics
# about: Searchable private category topics
# version: 0.4
# authors: HMS Networks Americas Solution Center
# url: https://github.com/hms-networks/discourse-private-topic
enabled_site_setting :private_topics_enabled
register_asset("stylesheets/privatetopics.scss", :desktop)
after_initialize do
load File.expand_path("../controllers/privatetopic_controller.rb", __FILE__)
Discourse::Application.routes.prepend do
post 'privatetopic/control_access' => 'privatetopic#control_access'
end
Topic.register_custom_field_type('topic_restricted_access', :boolean)
add_to_serializer(:topic_view, :custom_fields, false) {object.topic.custom_fields}
module ::TopicLocked
def self.access_restricted(guardian, topic, user)
## set a bool for if the topic is locked to user
hasBeenLocked = true
# if topic is not restricted, dont lock it
if !topic.nil? && (topic.custom_fields["topic_restricted_access"].nil? || !topic.custom_fields["topic_restricted_access"])
hasBeenLocked = false
end
if !user.nil?
if guardian.is_admin? || guardian.is_moderator? || guardian.is_staff? || user.id == topic.user_id
hasBeenLocked = false
end
end
if !topic.nil? && (!topic.custom_fields["phone_survey_recipient"].nil? && !user.nil?)
surveyUserId = User.find_by(username: topic.custom_fields["phone_survey_recipient"]).id
if user.id.to_i == surveyUserId.to_i
hasBeenLocked = false
end
end
if !guardian.can_see?(topic)
raise ::TopicLocked::NoAccessLocked.new
end
if !topic.nil? && topic.archetype == "private_message"
# Check if a user is not an allowed user and not system user
systemUserId = -1
if !topic.allowed_users.include?(user) && user.id != systemUserId
# The user may belong to a group that is allowed to access the topic
isUserInAllowedGroup = false
topic.allowed_groups.each do |group|
if group.users.include?(user)
isUserInAllowedGroup = true
end
end
if !isUserInAllowedGroup
raise ::TopicLocked::NoAccessLocked.new
end
end
end
## return if the topic is locked to user
return hasBeenLocked
end
## add in NoAccesslocked class inherited from standarderror so that it can be rescued
class NoAccessLocked < StandardError; end
end
require_dependency 'topic_view'
class ::TopicView
alias_method :old_check_and_raise_exceptions, :check_and_raise_exceptions
def check_and_raise_exceptions(skip_staff_action)
if SiteSetting.private_topics_enabled
raise ::TopicLocked::NoAccessLocked.new if TopicLocked.access_restricted(@guardian, @topic, @user)
end
end
end
require_dependency 'application_controller'
class ::ApplicationController
## display helpful message when rescuing the NoAccesslocked exception
rescue_from ::TopicLocked::NoAccessLocked do
rescue_discourse_actions(:invalid_access, 403, include_ember: true)
end
end
end