From d435795b73b2db020a6ee4727f1dfd67100588c0 Mon Sep 17 00:00:00 2001
From: evazion <noizave@gmail.com>
Date: Fri, 3 Apr 2020 16:37:48 -0500
Subject: [PATCH] posts: add disapproved:<reason> edit metatag.

* Allow tagging a post with a `disapproved:<disinterest|breaks_rules|poor_quality>` to disapprove it.
* Disallow disapproving active posts.

Fixes #4384.
---
 app/models/post.rb                            |  6 +++-
 app/models/post_disapproval.rb                |  7 ++++
 .../post_disapprovals_controller_test.rb      |  8 +++++
 test/unit/post_test.rb                        | 32 +++++++++++++++++++
 4 files changed, 52 insertions(+), 1 deletion(-)

diff --git a/app/models/post.rb b/app/models/post.rb
index b709c7f5f..79a87db16 100644
--- a/app/models/post.rb
+++ b/app/models/post.rb
@@ -753,7 +753,7 @@ class Post < ApplicationRecord
     def filter_metatags(tags)
       @pre_metatags, tags = tags.partition {|x| x =~ /\A(?:rating|parent|-parent|-?locked):/i}
       tags = apply_categorization_metatags(tags)
-      @post_metatags, tags = tags.partition {|x| x =~ /\A(?:-pool|pool|newpool|fav|-fav|child|-child|-favgroup|favgroup|upvote|downvote|status|-status):/i}
+      @post_metatags, tags = tags.partition {|x| x =~ /\A(?:-pool|pool|newpool|fav|-fav|child|-child|-favgroup|favgroup|upvote|downvote|status|-status|disapproved):/i}
       apply_pre_metatags
       return tags
     end
@@ -815,6 +815,10 @@ class Post < ApplicationRecord
           raise User::PrivilegeError unless CurrentUser.is_approver?
           unban!
 
+        when /^disapproved:(.+)$/i
+          raise User::PrivilegeError unless CurrentUser.is_approver?
+          disapprovals.create!(user: CurrentUser.user, reason: $1.downcase)
+
         when /^child:none$/i
           children.each do |post|
             post.update!(parent_id: nil)
diff --git a/app/models/post_disapproval.rb b/app/models/post_disapproval.rb
index 5557a1b87..3385f7d80 100644
--- a/app/models/post_disapproval.rb
+++ b/app/models/post_disapproval.rb
@@ -6,6 +6,7 @@ class PostDisapproval < ApplicationRecord
   belongs_to :user
   validates_uniqueness_of :post_id, :scope => [:user_id], :message => "have already hidden this post"
   validates_inclusion_of :reason, in: REASONS
+  validate :validate_disapproval
 
   scope :with_message, -> { where.not(message: nil) }
   scope :without_message, -> { where(message: nil) }
@@ -62,6 +63,12 @@ class PostDisapproval < ApplicationRecord
     [:user, :post]
   end
 
+  def validate_disapproval
+    if post.status == "active"
+      errors[:post] << "is already active and cannot be disapproved"
+    end
+  end
+
   def message=(message)
     message = nil if message.blank?
     super(message)
diff --git a/test/functional/post_disapprovals_controller_test.rb b/test/functional/post_disapprovals_controller_test.rb
index f0eb17ad8..9260dda0f 100644
--- a/test/functional/post_disapprovals_controller_test.rb
+++ b/test/functional/post_disapprovals_controller_test.rb
@@ -29,6 +29,14 @@ class PostDisapprovalsControllerTest < ActionDispatch::IntegrationTest
           assert_response 403
         end
       end
+
+      should "not allow disapproving active posts" do
+        assert_difference("PostDisapproval.count", 0) do
+          @post.update!(is_pending: false)
+          post_auth post_disapprovals_path, @approver, params: { post_disapproval: { post_id: @post.id, reason: "breaks_rules" }, format: "js" }
+          assert_response :success
+        end
+      end
     end
 
     context "index action" do
diff --git a/test/unit/post_test.rb b/test/unit/post_test.rb
index a282efd9a..93628c433 100644
--- a/test/unit/post_test.rb
+++ b/test/unit/post_test.rb
@@ -1046,6 +1046,38 @@ class PostTest < ActiveSupport::TestCase
           end
         end
 
+        context "for disapproved:<reason>" do
+          should "disapprove the post if the user has permission" do
+            @user = create(:approver)
+
+            as(@user) do
+              @post.update!(is_pending: true)
+              @post.update(tag_string: "aaa disapproved:disinterest")
+            end
+
+            assert_equal(@post.id, PostDisapproval.last.post_id)
+            assert_equal(@user.id, PostDisapproval.last.user_id)
+            assert_equal("disinterest", PostDisapproval.last.reason)
+          end
+
+          should "not disapprove the post if the user is doesn't have permission" do
+            assert_raises(User::PrivilegeError) do
+              @post.update!(is_pending: true)
+              @post.update(tag_string: "aaa disapproved:disinterest")
+            end
+
+            assert_equal(0, @post.disapprovals.count)
+          end
+
+          should "not allow disapproving active posts" do
+            assert_raises(User::PrivilegeError) do
+              @post.update(tag_string: "aaa disapproved:disinterest")
+            end
+
+            assert_equal(0, @post.disapprovals.count)
+          end
+        end
+
         context "for a source" do
           should "set the source with source:foo_bar_baz" do
             @post.update(:tag_string => "source:foo_bar_baz")