jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

restrict min level constraints for forum topics to mod+admin and restrict options based on current user's level. check privileges for visiblity in forum posts and topics. deprecate serializable_hash (undocumented, internal) for as_json, refactor to use hidden_attributes and method_attributes #2658

Browse Source
This commit is contained in:
Albert Yi
2016-10-25 12:54:25 -07:00
parent ae61cc8a40
commit 79842f7a3b
17 changed files with 127 additions and 189 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
app/models/forum_post.rb
View File

@@ -86,7 +86,30 @@ class ForumPost < ActiveRecord::Base
end
end
module ApiMethods
def as_json(options = {})
if CurrentUser.user.level < topic.min_level
options[:only] = [:id]
end
super(options)
end
def to_xml(options = {})
if CurrentUser.user.level < topic.min_level
options[:only] = [:id]
end
super(options)
end
def hidden_attributes
[:text_index]
end
end
extend SearchMethods
include ApiMethods
def self.new_reply(params)
if params[:topic_id]
@@ -215,8 +238,4 @@ class ForumPost < ActiveRecord::Base
x.body = x.quoted_response
end
end
def hidden_attributes
super + [:text_index]
end
end