favgroups: make private favgroups a Gold-only option.

Make private favgroups a Gold-only option. This is for consistency with
private favorites and upvotes being Gold-only options.

Existing Members with private favgroups are allowed to keep them, as
long as they don't disable privacy. If they disable it, then they can't
re-enable it again without upgrading to Gold first.

app/controllers/favorite_groups_controller.rb

@@ -19,7 +19,7 @@ class FavoriteGroupsController < ApplicationController
   end
 
   def new
-    @favorite_group = authorize FavoriteGroup.new
+    @favorite_group = authorize FavoriteGroup.new(creator: CurrentUser.user)
     respond_with(@favorite_group)
   end
 

app/models/favorite_group.rb

@@ -10,6 +10,7 @@ class FavoriteGroup < ApplicationRecord
   validate :creator_can_create_favorite_groups, :on => :create
   validate :validate_number_of_posts
   validate :validate_posts
+  validate :validate_can_enable_privacy
 
   array_attribute :post_ids, parse: /\d+/, cast: :to_i
 
@@ -83,6 +84,12 @@ class FavoriteGroup < ApplicationRecord
     end
   end
 
+  def validate_can_enable_privacy
+    if is_public_change == [true, false] && !Pundit.policy!(creator, self).can_enable_privacy?
+      errors.add(:base, "Can't enable privacy without a Gold account")
+    end
+  end
+
   def self.normalize_name(name)
     name.gsub(/[[:space:]]+/, "_")
   end
@@ -112,7 +119,7 @@ class FavoriteGroup < ApplicationRecord
   end
 
   def pretty_name
-    name.tr("_", " ")
+    name&.tr("_", " ")
   end
 
   def posts
@@ -166,6 +173,18 @@ class FavoriteGroup < ApplicationRecord
     post_ids.include?(post_id)
   end
 
+  def is_private=(value)
+    self.is_public = !ActiveModel::Type::Boolean.new.cast(value)
+  end
+
+  def is_private
+    !is_public?
+  end
+
+  def is_private?
+    !is_public?
+  end
+
   def self.available_includes
     [:creator]
   end

app/policies/favorite_group_policy.rb

@@ -15,7 +15,11 @@ class FavoriteGroupPolicy < ApplicationPolicy
     update?
   end
 
+  def can_enable_privacy?
+    record.creator.is_gold?
+  end
+
   def permitted_attributes
-    [:name, :post_ids_string, :is_public, :post_ids, { post_ids: [] }]
+    [:name, :post_ids_string, :is_public, :is_private, :post_ids, { post_ids: [] }]
   end
 end

app/views/favorite_groups/_form.html.erb

@@ -0,0 +1,12 @@
+<%= edit_form_for(@favorite_group) do |f| %>
+  <%= f.input :name, as: :string, required: true, input_html: { value: @favorite_group.pretty_name } %>
+  <%= f.input :post_ids_string, label: "Posts", as: :text %>
+  <% if policy(@favorite_group).can_enable_privacy? %>
+    <%= f.input :is_private, label: "Private", as: :boolean, hint: "Don't allow others to view this favgroup." %>
+  <% elsif @favorite_group.is_private? %>
+    <%= f.input :is_private, label: "Private", as: :boolean, hint: "Don't allow others to view this favgroup. Warning: if you disable this, you can't re-enable it without ".html_safe + link_to("upgrading to Danbooru Gold", new_user_upgrade_path) + ". (".html_safe + link_to_wiki("learn more", "help:privacy_mode") + ")".html_safe %>
+  <% else %>
+    <%= f.input :is_private, label: "Private", as: :boolean, hint: link_to("Upgrade to Danbooru Gold to enable private favgroups", new_user_upgrade_path), input_html: { disabled: true } %>
+  <% end %>
+  <%= f.submit "Submit" %>
+<% end %>

app/views/favorite_groups/edit.html.erb

@@ -2,12 +2,7 @@
   <div id="a-edit">
     <h1>Edit Favorite Group: <%= @favorite_group.pretty_name %></h1>
 
-    <%= edit_form_for(@favorite_group) do |f| %>
-      <%= f.input :name, :as => :string, :input_html => { :value => @favorite_group.pretty_name } %>
-      <%= f.input :post_ids_string, label: "Posts", as: :text %>
-      <%= f.input :is_public %>
-      <%= f.button :submit, "Submit" %>
-    <% end %>
+    <%= render "form" %>
   </div>
 </div>
 

app/views/favorite_groups/new.html.erb

@@ -2,12 +2,7 @@
   <div id="a-new">
     <h1>New Favorite Group</h1>
 
-    <%= edit_form_for(@favorite_group) do |f| %>
-      <%= f.input :name, as: :string, required: true %>
-      <%= f.input :post_ids_string, label: "Posts", as: :text %>
-      <%= f.input :is_public, label: "Public" %>
-      <%= f.submit "Submit" %>
-    <% end %>
+    <%= render "form" %>
   </div>
 </div>