diff --git a/app/components/comment_component.rb b/app/components/comment_component.rb index 78edb9c83..1ed50ffc9 100644 --- a/app/components/comment_component.rb +++ b/app/components/comment_component.rb @@ -19,6 +19,10 @@ class CommentComponent < ApplicationComponent !comment.is_deleted? && !comment.is_sticky? && comment.score <= current_user.comment_threshold end + def can_see_creator? + policy(comment).can_see_creator? + end + def redact_deleted? comment.is_deleted? && !policy(comment).can_see_deleted? end diff --git a/app/components/comment_component/comment_component.html.erb b/app/components/comment_component/comment_component.html.erb index 7e685d88c..14f666e06 100644 --- a/app/components/comment_component/comment_component.html.erb +++ b/app/components/comment_component/comment_component.html.erb @@ -3,12 +3,12 @@ x-bind:data-show-thresholded="String(showThresholded)" data-id="<%= comment.id %>" data-post-id="<%= comment.post_id %>" - data-creator-id="<%= comment.creator_id unless redact_deleted? %>" + data-creator-id="<%= comment.creator_id if can_see_creator? %>" data-updater-id="<%= comment.updater_id unless redact_deleted? %>" - data-score="<%= comment.score %>" - data-do-not-bump-post="<%= comment.do_not_bump_post? %>" + data-score="<%= comment.score unless redact_deleted? %>" + data-do-not-bump-post="<%= comment.do_not_bump_post? unless redact_deleted? %>" data-is-deleted="<%= comment.is_deleted? %>" - data-is-sticky="<%= comment.is_sticky? %>" + data-is-sticky="<%= comment.is_sticky? unless redact_deleted? %>" data-is-dimmed="<%= dimmed? %>" data-is-thresholded="<%= thresholded? %>" data-is-reported="<%= reported? %>" @@ -18,12 +18,12 @@
- <% if redact_deleted? %> + <% if redact_deleted? && !can_see_creator? %> [deleted] <% else %> <%= link_to_user comment.creator %> <% if comment.is_deleted? %> - (deleted) + [deleted] <% end %> <% end %>
@@ -90,65 +90,67 @@ <% end %> - <%= render PopupMenuComponent.new do |menu| %> - <% if policy(comment).update? %> - <% menu.item do %> - <%= link_to edit_comment_path(comment.id), id: "edit_comment_link_#{comment.id}", class: "edit_comment_link" do %> - <%= edit_icon %> Edit + <% unless redact_deleted? %> + <%= render PopupMenuComponent.new do |menu| %> + <% if policy(comment).update? %> + <% menu.item do %> + <%= link_to edit_comment_path(comment.id), id: "edit_comment_link_#{comment.id}", class: "edit_comment_link" do %> + <%= edit_icon %> Edit + <% end %> + <% end %> + + <% menu.item do %> + <% if comment.is_deleted? %> + <%= link_to comment_path(comment.id), "data-params": "comment[is_deleted]=false", method: :put, remote: true do %> + <%= undelete_icon %> Undelete + <% end %> + <% else %> + <%= link_to comment_path(comment.id), "data-params": "comment[is_deleted]=true", "data-confirm": "Are you sure you want to delete this comment?", method: :put, remote: true do %> + <%= delete_icon %> Delete + <% end %> + <% end %> + <% end %> + <% end %> + + <% if policy(comment).can_sticky_comment? %> + <% menu.item do %> + <% if comment.is_sticky? %> + <%= link_to comment_path(comment.id), "data-params": "comment[is_sticky]=false", method: :put, remote: true do %> + <%= unsticky_icon %> Unsticky + <% end %> + <% else %> + <%= link_to comment_path(comment.id), "data-params": "comment[is_sticky]=true", method: :put, remote: true do %> + <%= sticky_icon %> Sticky + <% end %> + <% end %> + <% end %> + <% end %> + + <% if policy(comment).reportable? %> + <% menu.item do %> + <%= link_to new_moderation_report_path(moderation_report: { model_type: "Comment", model_id: comment.id }), remote: true do %> + <%= flag_icon %> Report + <% end %> <% end %> <% end %> <% menu.item do %> - <% if comment.is_deleted? %> - <%= link_to comment_path(comment.id), "data-params": "comment[is_deleted]=false", method: :put, remote: true do %> - <%= undelete_icon %> Undelete - <% end %> - <% else %> - <%= link_to comment_path(comment.id), "data-params": "comment[is_deleted]=true", "data-confirm": "Are you sure you want to delete this comment?", method: :put, remote: true do %> - <%= delete_icon %> Delete - <% end %> + <%= link_to comment_path(comment.id), class: "comment-copy-id" do %> + <%= hashtag_icon %> Copy ID <% end %> <% end %> - <% end %> - <% if policy(comment).can_sticky_comment? %> <% menu.item do %> - <% if comment.is_sticky? %> - <%= link_to comment_path(comment.id), "data-params": "comment[is_sticky]=false", method: :put, remote: true do %> - <%= unsticky_icon %> Unsticky - <% end %> - <% else %> - <%= link_to comment_path(comment.id), "data-params": "comment[is_sticky]=true", method: :put, remote: true do %> - <%= sticky_icon %> Sticky - <% end %> + <%= link_to comment_path(comment.id), class: "comment-copy-link" do %> + <%= link_icon %> Copy Link <% end %> <% end %> - <% end %> - <% if policy(comment).reportable? %> - <% menu.item do %> - <%= link_to new_moderation_report_path(moderation_report: { model_type: "Comment", model_id: comment.id }), remote: true do %> - <%= flag_icon %> Report - <% end %> - <% end %> <% end %> - - <% menu.item do %> - <%= link_to comment_path(comment.id), class: "comment-copy-id" do %> - <%= hashtag_icon %> Copy ID - <% end %> - <% end %> - - <% menu.item do %> - <%= link_to comment_path(comment.id), class: "comment-copy-link" do %> - <%= link_icon %> Copy Link - <% end %> - <% end %> - <% end %> - <% if policy(comment).update? %> + <% if policy(comment).update? && !redact_deleted? %> <%= render "comments/form", comment: comment, hidden: true %> <% end %>
diff --git a/app/policies/comment_policy.rb b/app/policies/comment_policy.rb index 6557fc456..41391e137 100644 --- a/app/policies/comment_policy.rb +++ b/app/policies/comment_policy.rb @@ -22,7 +22,7 @@ class CommentPolicy < ApplicationPolicy end def can_see_creator? - !record.is_deleted? || can_see_deleted? + !record.is_deleted? || can_see_deleted? || record.creator_id == user.id end def reply? @@ -39,7 +39,8 @@ class CommentPolicy < ApplicationPolicy def api_attributes attributes = super - attributes -= [:creator_id, :updater_id, :body] if record.is_deleted? && !can_see_deleted? + attributes -= [:creator_id] unless can_see_creator? + attributes -= [:updater_id, :body, :score, :do_not_bump_post, :is_sticky] if record.is_deleted? && !can_see_deleted? attributes end diff --git a/test/components/comment_component_test.rb b/test/components/comment_component_test.rb index 30ca2c866..403d916fe 100644 --- a/test/components/comment_component_test.rb +++ b/test/components/comment_component_test.rb @@ -31,14 +31,22 @@ class CommentComponentTest < ViewComponent::TestCase @deleted_comment = as(create(:user)) { create(:comment, is_deleted: true) } end - should "have the creator and body hidden for a Member" do - render_comment(@deleted_comment, current_user: @deleted_comment.creator) + should "hide the creator and body for a Member" do + render_comment(@deleted_comment, current_user: User.anonymous) assert_css("article[data-is-dimmed=true]") assert_css("article .author-name", text: "[deleted]") assert_css("article .body p", text: "[deleted]") end + should "show the creator to the commenter themselves" do + render_comment(@deleted_comment, current_user: @deleted_comment.creator) + + assert_css("article[data-is-dimmed=true]") + assert_css("article .author-name", text: @deleted_comment.creator.name) + assert_css("article .body p", text: "[deleted]") + end + should "be visible for a Moderator" do render_comment(@deleted_comment, current_user: create(:moderator_user))