diff --git a/app/controllers/forum_topic_visits_controller.rb b/app/controllers/forum_topic_visits_controller.rb index 00c5eb677..0ae394eab 100644 --- a/app/controllers/forum_topic_visits_controller.rb +++ b/app/controllers/forum_topic_visits_controller.rb @@ -2,7 +2,7 @@ class ForumTopicVisitsController < ApplicationController respond_to :xml, :json def index - @forum_topic_visits = ForumTopicVisit.where(user: CurrentUser.user).paginated_search(params) + @forum_topic_visits = ForumTopicVisit.visible(CurrentUser.user).paginated_search(params) respond_with(@forum_topic_visits) end end diff --git a/app/controllers/news_updates_controller.rb b/app/controllers/news_updates_controller.rb index 1be5c1840..7e760178d 100644 --- a/app/controllers/news_updates_controller.rb +++ b/app/controllers/news_updates_controller.rb @@ -1,9 +1,9 @@ class NewsUpdatesController < ApplicationController - respond_to :html + respond_to :html, :json, :xml def index authorize NewsUpdate - @news_updates = NewsUpdate.order("id desc").paginate(params[:page], :limit => params[:limit]) + @news_updates = NewsUpdate.visible(CurrentUser.user).paginated_search(params, count_pages: true) respond_with(@news_updates) end diff --git a/app/controllers/saved_searches_controller.rb b/app/controllers/saved_searches_controller.rb index b7a163285..8d45b06fe 100644 --- a/app/controllers/saved_searches_controller.rb +++ b/app/controllers/saved_searches_controller.rb @@ -2,7 +2,7 @@ class SavedSearchesController < ApplicationController respond_to :html, :xml, :json, :js def index - @saved_searches = authorize SavedSearch.where(user: CurrentUser.user).paginated_search(params, count_pages: true) + @saved_searches = authorize SavedSearch.visible(CurrentUser.user).paginated_search(params, count_pages: true) respond_with(@saved_searches) end diff --git a/app/models/forum_topic_visit.rb b/app/models/forum_topic_visit.rb index d484041e6..2384659b0 100644 --- a/app/models/forum_topic_visit.rb +++ b/app/models/forum_topic_visit.rb @@ -2,6 +2,14 @@ class ForumTopicVisit < ApplicationRecord belongs_to :user belongs_to :forum_topic + def self.visible(user) + if user.is_owner? + all + else + where(user: user) + end + end + def self.prune!(user) where("user_id = ? and last_read_at < ?", user.id, user.last_forum_read_at).delete_all end diff --git a/app/models/ip_ban.rb b/app/models/ip_ban.rb index 6143f2cdd..b198643c8 100644 --- a/app/models/ip_ban.rb +++ b/app/models/ip_ban.rb @@ -12,6 +12,14 @@ class IpBan < ApplicationRecord partial: 100 }, _suffix: "ban" + def self.visible(user) + if user.is_moderator? + all + else + none + end + end + def self.ip_matches(ip_addr) where("ip_addr >>= ?", ip_addr) end diff --git a/app/models/news_update.rb b/app/models/news_update.rb index bbc68de60..a8cdb6fe9 100644 --- a/app/models/news_update.rb +++ b/app/models/news_update.rb @@ -2,4 +2,18 @@ class NewsUpdate < ApplicationRecord belongs_to :creator, class_name: "User" belongs_to_updater scope :recent, -> {where("created_at >= ?", 2.weeks.ago).order("created_at desc").limit(5)} + + def self.visible(user) + if user.is_admin? + all + else + none + end + end + + def self.search(params) + q = search_attributes(params, :id, :created_at, :updated_at, :message, :creator, :updater) + q = q.apply_default_order(params) + q + end end diff --git a/app/models/saved_search.rb b/app/models/saved_search.rb index 4ebe3c056..cf88a2a72 100644 --- a/app/models/saved_search.rb +++ b/app/models/saved_search.rb @@ -14,6 +14,10 @@ class SavedSearch < ApplicationRecord scope :labeled, ->(label) { where_array_includes_any_lower(:labels, [normalize_label(label)]) } scope :has_tag, ->(name) { where_regex(:query, "(^| )[~-]?#{Regexp.escape(name)}( |$)", flags: "i") } + def self.visible(user) + where(user: user) + end + concerning :Redis do extend Memoist