pundit: convert forum topics / forum posts to pundit.
Fix it being possible for users to delete or undelete their own forum posts and topics, even if they were deleted by a mod.
This commit is contained in:
evazion
@@ -63,7 +63,7 @@ class BulkUpdateRequest < ApplicationRecord
|
||||
def forum_updater
|
||||
@forum_updater ||= begin
|
||||
post = if forum_topic
|
||||
forum_post || forum_topic.posts.first
|
||||
forum_post || forum_topic.forum_posts.first
|
||||
else
|
||||
nil
|
||||
end
|
||||
@@ -89,7 +89,7 @@ class BulkUpdateRequest < ApplicationRecord
|
||||
def create_forum_topic
|
||||
CurrentUser.as(user) do
|
||||
self.forum_topic = ForumTopic.create(title: title, category_id: 1, creator: user) unless forum_topic.present?
|
||||
self.forum_post = forum_topic.posts.create(body: reason_with_link, creator: user) unless forum_post.present?
|
||||
self.forum_post = forum_topic.forum_posts.create(body: reason_with_link, creator: user) unless forum_post.present?
|
||||
save
|
||||
end
|
||||
end
|
||||
|
||||
@@ -2,7 +2,7 @@ class ForumPost < ApplicationRecord
|
||||
attr_readonly :topic_id
|
||||
belongs_to :creator, class_name: "User"
|
||||
belongs_to_updater
|
||||
belongs_to :topic, :class_name => "ForumTopic"
|
||||
belongs_to :topic, class_name: "ForumTopic", inverse_of: :forum_posts
|
||||
has_many :dtext_links, as: :model, dependent: :destroy
|
||||
has_many :moderation_reports, as: :model
|
||||
has_many :votes, class_name: "ForumPostVote"
|
||||
@@ -16,8 +16,6 @@ class ForumPost < ApplicationRecord
|
||||
after_update :update_topic_updated_at_on_update_for_original_posts
|
||||
after_destroy :update_topic_updated_at_on_destroy
|
||||
validates_presence_of :body
|
||||
validate :validate_topic_is_unlocked
|
||||
validate :topic_is_not_restricted, :on => :create
|
||||
after_save :delete_topic_if_original_post
|
||||
after_update(:if => ->(rec) {rec.updater_id != rec.creator_id}) do |rec|
|
||||
ModAction.log("#{CurrentUser.name} updated forum ##{rec.id}", :forum_post_update)
|
||||
@@ -101,24 +99,8 @@ class ForumPost < ApplicationRecord
|
||||
end
|
||||
end
|
||||
|
||||
def validate_topic_is_unlocked
|
||||
if topic.is_locked? && !updater.is_moderator?
|
||||
errors[:topic] << "is locked"
|
||||
end
|
||||
end
|
||||
|
||||
def topic_is_not_restricted
|
||||
if topic && !topic.visible?(creator)
|
||||
errors[:topic] << "is restricted"
|
||||
end
|
||||
end
|
||||
|
||||
def editable_by?(user)
|
||||
(creator_id == user.id || user.is_moderator?) && visible?(user)
|
||||
end
|
||||
|
||||
def visible?(user, show_deleted_posts = false)
|
||||
user.is_moderator? || (topic.visible?(user) && (show_deleted_posts || !is_deleted?))
|
||||
user.is_moderator? || (user.level >= topic.min_level && (show_deleted_posts || !is_deleted?))
|
||||
end
|
||||
|
||||
def update_topic_updated_at_on_create
|
||||
|
||||
@@ -13,11 +13,11 @@ class ForumTopic < ApplicationRecord
|
||||
|
||||
belongs_to :creator, class_name: "User"
|
||||
belongs_to_updater
|
||||
has_many :posts, -> {order("forum_posts.id asc")}, :class_name => "ForumPost", :foreign_key => "topic_id", :dependent => :destroy
|
||||
has_many :forum_posts, foreign_key: "topic_id", dependent: :destroy, inverse_of: :topic
|
||||
has_many :forum_topic_visits
|
||||
has_one :forum_topic_visit_by_current_user, -> { where(user_id: CurrentUser.id) }, class_name: "ForumTopicVisit"
|
||||
has_many :moderation_reports, through: :posts
|
||||
has_one :original_post, -> {order("forum_posts.id asc")}, class_name: "ForumPost", foreign_key: "topic_id", inverse_of: :topic
|
||||
has_many :moderation_reports, through: :forum_posts
|
||||
has_one :original_post, -> { order(id: :asc) }, class_name: "ForumPost", foreign_key: "topic_id", inverse_of: :topic
|
||||
has_many :bulk_update_requests, :foreign_key => "forum_topic_id"
|
||||
|
||||
validates_presence_of :title
|
||||
@@ -147,14 +147,6 @@ class ForumTopic < ApplicationRecord
|
||||
include CategoryMethods
|
||||
include VisitMethods
|
||||
|
||||
def editable_by?(user)
|
||||
(creator_id == user.id || user.is_moderator?) && visible?(user)
|
||||
end
|
||||
|
||||
def visible?(user)
|
||||
user.level >= min_level
|
||||
end
|
||||
|
||||
# XXX forum_topic_visit_by_current_user is a hack to reduce queries on the forum index.
|
||||
def is_read?
|
||||
return true if CurrentUser.is_anonymous?
|
||||
@@ -179,7 +171,7 @@ class ForumTopic < ApplicationRecord
|
||||
end
|
||||
|
||||
def page_for(post_id)
|
||||
(posts.where("id < ?", post_id).count / Danbooru.config.posts_per_page.to_f).ceil
|
||||
(forum_posts.where("id < ?", post_id).count / Danbooru.config.posts_per_page.to_f).ceil
|
||||
end
|
||||
|
||||
def last_page
|
||||
|
||||
Reference in New Issue
Block a user