Fixed incorrect showing of favorite groups

2017-12-18 12:16:20 -08:00
parent 26c168bdcd
commit 3b1fdc8cde
3 changed files with 26 additions and 5 deletions
--- a/app/controllers/favorite_groups_controller.rb
+++ b/app/controllers/favorite_groups_controller.rb
@@ -13,6 +13,7 @@ class FavoriteGroupsController < ApplicationController
  def show
    @favorite_group = FavoriteGroup.find(params[:id])
    check_read_privilege(@favorite_group)
    @post_set = PostSets::FavoriteGroup.new(@favorite_group, params[:page])
    respond_with(@favorite_group)
  end
@@ -37,13 +38,13 @@ class FavoriteGroupsController < ApplicationController
  def edit
    @favorite_group = FavoriteGroup.find(params[:id])
-    check_privilege(@favorite_group)
+    check_write_privilege(@favorite_group)
    respond_with(@favorite_group)
  end
  def update
    @favorite_group = FavoriteGroup.find(params[:id])
-    check_privilege(@favorite_group)
+    check_write_privilege(@favorite_group)
    @favorite_group.update_attributes(params[:favorite_group])
    unless @favorite_group.errors.any?
      flash[:notice] = "Favorite group updated"
@@ -53,7 +54,7 @@ class FavoriteGroupsController < ApplicationController
  def destroy
    @favorite_group = FavoriteGroup.find(params[:id])
-    check_privilege(@favorite_group)
+    check_write_privilege(@favorite_group)
    @favorite_group.destroy
    flash[:notice] = "Favorite group deleted"
    redirect_to favorite_groups_path
@@ -61,13 +62,17 @@ class FavoriteGroupsController < ApplicationController
  def add_post
    @favorite_group = FavoriteGroup.find(params[:id])
-    check_privilege(@favorite_group)
+    check_write_privilege(@favorite_group)
    @post = Post.find(params[:post_id])
    @favorite_group.add!(@post.id)
  end
 private
-  def check_privilege(favgroup)
+  def check_write_privilege(favgroup)
    raise User::PrivilegeError unless favgroup.editable_by?(CurrentUser.user)
  end
  def check_read_privilege(favgroup)
    raise User::PrivilegeError unless favgroup.viewable_by?(CurrentUser.user)
  end
 end
--- a/app/models/favorite_group.rb
+++ b/app/models/favorite_group.rb
@@ -237,4 +237,8 @@ class FavoriteGroup < ApplicationRecord
  def editable_by?(user)
    creator_id == user.id
  end
  def viewable_by?(user)
    creator_id == user.id || !creator.hide_favorites?
  end
 end
--- a/app/models/tag.rb
+++ b/app/models/tag.rb
@@ -608,11 +608,23 @@ class Tag < ApplicationRecord
          when "-favgroup"
            favgroup_id = FavoriteGroup.name_to_id(g2)
            favgroup = FavoriteGroup.find(favgroup_id)
            if !favgroup.viewable_by?(CurrentUser.user)
              raise User::PrivilegeError.new
            end
            q[:favgroups_neg] ||= []
            q[:favgroups_neg] << favgroup_id
          when "favgroup"
            favgroup_id = FavoriteGroup.name_to_id(g2)
            favgroup = FavoriteGroup.find(favgroup_id)
            if !favgroup.viewable_by?(CurrentUser.user)
              raise User::PrivilegeError.new
            end
            q[:favgroups] ||= []
            q[:favgroups] << favgroup_id