Fix #5237: Deleted comments can be viewed by other users

* Fix it so non-moderators can't search deleted comments using the `updater`, `body`, `score`, `do_not_bump_post`, or `is_sticky` fields. Searching for these fields will exclude deleted comments. * Fix it so non-moderators can search for their own deleted comments using the `creator` field, but not for deleted comments belonging to other users. * Fix it so that if a regular user searches `commenter:<username>`, they can only see posts with undeleted comments by that user. If a moderator or the commenter themselves searches `commenter:<username>`, they can see all posts the user has commented on, including posts with deleted comments. * Fix it so the comment count on user profiles only counts visible comments. Regular users can only see the number of undeleted comments a user has, while moderators and the commenter themselves can see the total number of comments. Known issue: * It's still possible to order deleted comments by score, which can let you infer the score of deleted comments.
2022-09-22 19:02:17 -05:00
parent 88ac91f5f3
commit a442658f8a
8 changed files with 88 additions and 23 deletions
--- a/app/logical/post_query.rb
+++ b/app/logical/post_query.rb
@@ -138,7 +138,7 @@ class PostQuery
  # True if the search depends on the current user because of permissions or privacy settings.
  def is_user_dependent_search?
    metatags.any? do |metatag|
-      metatag.name.in?(%w[upvoter upvote downvoter downvote search flagger fav ordfav favgroup ordfavgroup]) ||
+      metatag.name.in?(%w[upvoter upvote downvoter downvote commenter comm search flagger fav ordfav favgroup ordfavgroup]) ||
      metatag.name == "status" && metatag.value == "unmoderated" ||
      metatag.name == "disapproved" && !metatag.value.downcase.in?(PostDisapproval::REASONS)
    end