jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

comments: let users see their own name on their own deleted comments.

Browse Source 
* Let the user see their own username when viewing their own deleted comments.
* Don't hide the creator_id field from the comment creator in the API.
* Hide the score, do_not_bump_post, and is_sticky fields for deleted
  comments in the HTML and in the API, unless the user is a moderator.
* Hide the "..." popup menu on deleted comments, unless the user is a moderator.

This is so that when a user looks at their own comment history, their
name isn't hidden from them on their own deleted comments. This may confuse
users however into thinking their name is still visible to other users.
This commit is contained in:
evazion
2022-09-22 19:39:12 -05:00
parent a442658f8a
commit 2429d6c961
4 changed files with 69 additions and 54 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/components/comment_component.rb
View File

@@ -19,6 +19,10 @@ class CommentComponent < ApplicationComponent
!comment.is_deleted? && !comment.is_sticky? && comment.score <= current_user.comment_threshold
end
def can_see_creator?
policy(comment).can_see_creator?
end
def redact_deleted?
comment.is_deleted? && !policy(comment).can_see_deleted?
end

102
app/components/comment_component/comment_component.html.erb
View File

@@ -3,12 +3,12 @@
x-bind:data-show-thresholded="String(showThresholded)"
data-id="<%= comment.id %>"
data-post-id="<%= comment.post_id %>"
data-creator-id="<%= comment.creator_id unless redact_deleted? %>"
data-creator-id="<%= comment.creator_id if can_see_creator? %>"
data-updater-id="<%= comment.updater_id unless redact_deleted? %>"
data-score="<%= comment.score %>"
data-do-not-bump-post="<%= comment.do_not_bump_post? %>"
data-score="<%= comment.score unless redact_deleted? %>"
data-do-not-bump-post="<%= comment.do_not_bump_post? unless redact_deleted? %>"
data-is-deleted="<%= comment.is_deleted? %>"
data-is-sticky="<%= comment.is_sticky? %>"
data-is-sticky="<%= comment.is_sticky? unless redact_deleted? %>"
data-is-dimmed="<%= dimmed? %>"
data-is-thresholded="<%= thresholded? %>"
data-is-reported="<%= reported? %>"
@@ -18,12 +18,12 @@
<div class="author">
<div class="author-name">
<% if redact_deleted? %>
<% if redact_deleted? && !can_see_creator? %>
[deleted]
<% else %>
<%= link_to_user comment.creator %>
<% if comment.is_deleted? %>
(deleted)
[deleted]
<% end %>
<% end %>
</div>
@@ -90,65 +90,67 @@
</li>
<% end %>
<%= render PopupMenuComponent.new do |menu| %>
<% if policy(comment).update? %>
<% menu.item do %>
<%= link_to edit_comment_path(comment.id), id: "edit_comment_link_#{comment.id}", class: "edit_comment_link" do %>
<%= edit_icon %> Edit
<% unless redact_deleted? %>
<%= render PopupMenuComponent.new do |menu| %>
<% if policy(comment).update? %>
<% menu.item do %>
<%= link_to edit_comment_path(comment.id), id: "edit_comment_link_#{comment.id}", class: "edit_comment_link" do %>
<%= edit_icon %> Edit
<% end %>
<% end %>
<% menu.item do %>
<% if comment.is_deleted? %>
<%= link_to comment_path(comment.id), "data-params": "comment[is_deleted]=false", method: :put, remote: true do %>
<%= undelete_icon %> Undelete
<% end %>
<% else %>
<%= link_to comment_path(comment.id), "data-params": "comment[is_deleted]=true", "data-confirm": "Are you sure you want to delete this comment?", method: :put, remote: true do %>
<%= delete_icon %> Delete
<% end %>
<% end %>
<% end %>
<% end %>
<% if policy(comment).can_sticky_comment? %>
<% menu.item do %>
<% if comment.is_sticky? %>
<%= link_to comment_path(comment.id), "data-params": "comment[is_sticky]=false", method: :put, remote: true do %>
<%= unsticky_icon %> Unsticky
<% end %>
<% else %>
<%= link_to comment_path(comment.id), "data-params": "comment[is_sticky]=true", method: :put, remote: true do %>
<%= sticky_icon %> Sticky
<% end %>
<% end %>
<% end %>
<% end %>
<% if policy(comment).reportable? %>
<% menu.item do %>
<%= link_to new_moderation_report_path(moderation_report: { model_type: "Comment", model_id: comment.id }), remote: true do %>
<%= flag_icon %> Report
<% end %>
<% end %>
<% end %>
<% menu.item do %>
<% if comment.is_deleted? %>
<%= link_to comment_path(comment.id), "data-params": "comment[is_deleted]=false", method: :put, remote: true do %>
<%= undelete_icon %> Undelete
<% end %>
<% else %>
<%= link_to comment_path(comment.id), "data-params": "comment[is_deleted]=true", "data-confirm": "Are you sure you want to delete this comment?", method: :put, remote: true do %>
<%= delete_icon %> Delete
<% end %>
<%= link_to comment_path(comment.id), class: "comment-copy-id" do %>
<%= hashtag_icon %> Copy ID
<% end %>
<% end %>
<% end %>
<% if policy(comment).can_sticky_comment? %>
<% menu.item do %>
<% if comment.is_sticky? %>
<%= link_to comment_path(comment.id), "data-params": "comment[is_sticky]=false", method: :put, remote: true do %>
<%= unsticky_icon %> Unsticky
<% end %>
<% else %>
<%= link_to comment_path(comment.id), "data-params": "comment[is_sticky]=true", method: :put, remote: true do %>
<%= sticky_icon %> Sticky
<% end %>
<%= link_to comment_path(comment.id), class: "comment-copy-link" do %>
<%= link_icon %> Copy Link
<% end %>
<% end %>
<% end %>
<% if policy(comment).reportable? %>
<% menu.item do %>
<%= link_to new_moderation_report_path(moderation_report: { model_type: "Comment", model_id: comment.id }), remote: true do %>
<%= flag_icon %> Report
<% end %>
<% end %>
<% end %>
<% menu.item do %>
<%= link_to comment_path(comment.id), class: "comment-copy-id" do %>
<%= hashtag_icon %> Copy ID
<% end %>
<% end %>
<% menu.item do %>
<%= link_to comment_path(comment.id), class: "comment-copy-link" do %>
<%= link_icon %> Copy Link
<% end %>
<% end %>
<% end %>
</menu>
<% if policy(comment).update? %>
<% if policy(comment).update? && !redact_deleted? %>
<%= render "comments/form", comment: comment, hidden: true %>
<% end %>
</div>

5
app/policies/comment_policy.rb
View File

@@ -22,7 +22,7 @@ class CommentPolicy < ApplicationPolicy
end
def can_see_creator?
!record.is_deleted? || can_see_deleted?
!record.is_deleted? || can_see_deleted? || record.creator_id == user.id
end
def reply?
@@ -39,7 +39,8 @@ class CommentPolicy < ApplicationPolicy
def api_attributes
attributes = super
attributes -= [:creator_id, :updater_id, :body] if record.is_deleted? && !can_see_deleted?
attributes -= [:creator_id] unless can_see_creator?
attributes -= [:updater_id, :body, :score, :do_not_bump_post, :is_sticky] if record.is_deleted? && !can_see_deleted?
attributes
end

12
test/components/comment_component_test.rb
View File

@@ -31,14 +31,22 @@ class CommentComponentTest < ViewComponent::TestCase
@deleted_comment = as(create(:user)) { create(:comment, is_deleted: true) }
end
should "have the creator and body hidden for a Member" do
render_comment(@deleted_comment, current_user: @deleted_comment.creator)
should "hide the creator and body for a Member" do
render_comment(@deleted_comment, current_user: User.anonymous)
assert_css("article[data-is-dimmed=true]")
assert_css("article .author-name", text: "[deleted]")
assert_css("article .body p", text: "[deleted]")
end
should "show the creator to the commenter themselves" do
render_comment(@deleted_comment, current_user: @deleted_comment.creator)
assert_css("article[data-is-dimmed=true]")
assert_css("article .author-name", text: @deleted_comment.creator.name)
assert_css("article .body p", text: "[deleted]")
end
should "be visible for a Moderator" do
render_comment(@deleted_comment, current_user: create(:moderator_user))