pundit: convert forum topics / forum posts to pundit.

Fix it being possible for users to delete or undelete their own forum
posts and topics, even if they were deleted by a mod.

app/views/forum_posts/_forum_post.html.erb

@@ -1,4 +1,4 @@
-<% if forum_post.visible?(CurrentUser.user, ActiveModel::Type::Boolean.new.cast(params.dig(:search, :is_deleted))) %>
+<% if policy(forum_post).show_deleted? %>
   <article class="forum-post message" id="forum_post_<%= forum_post.id %>" 
            data-forum-post-id="<%= forum_post.id %>"
            <% if CurrentUser.is_moderator? %>
@@ -20,17 +20,17 @@
       </div>
       <%= render "application/update_notice", record: forum_post %>
       <menu>
-        <% if CurrentUser.is_member? && @forum_topic %>
+        <% if policy(forum_post).create? %>
           <li><%= link_to "Reply", new_forum_post_path(:post_id => forum_post.id), :method => :get, :remote => true %></li>
         <% end %>
-        <% if CurrentUser.is_moderator? && !forum_post.is_original_post?(original_forum_post_id) %>
+        <% if policy(forum_post).destroy? && !forum_post.is_original_post?(original_forum_post_id) %>
           <% if forum_post.is_deleted %>
             <li><%= link_to "Undelete", undelete_forum_post_path(forum_post.id), :method => :post, :remote => true %></li>
           <% else %>
             <li><%= link_to "Delete", forum_post_path(forum_post.id), :data => {:confirm => "Are you sure you want to delete this forum post?"}, :method => :delete, :remote => true %></li>
           <% end %>
         <% end %>
-        <% if forum_post.editable_by?(CurrentUser.user) %>
+        <% if policy(forum_post).update? %>
           <% if forum_post.is_original_post?(original_forum_post_id) %>
             <li><%= link_to "Edit", edit_forum_topic_path(forum_post.topic), :id => "edit_forum_topic_link_#{forum_post.topic.id}", :class => "edit_forum_topic_link" %></li>
           <% else %>
@@ -46,7 +46,7 @@
           </ul>
         <% end %>
       </menu>
-      <% if forum_post.editable_by?(CurrentUser.user) %>
+      <% if policy(forum_post).update? %>
         <% if forum_post.is_original_post?(original_forum_post_id) %>
           <%= render "forum_topics/form", :forum_topic => forum_post.topic %>
         <% else %>

app/views/forum_posts/new.html.erb

@@ -1,7 +1,7 @@
 <div id="c-forum-posts">
   <div id="a-new">
-    <% if @forum_topic %>
-      <h1>Reply to <%= @forum_topic.title %></h1>
+    <% if @forum_post.topic.present? %>
+      <h1>Reply to <%= @forum_post.topic.title %></h1>
     <% else %>
       <h1>New Forum Post</h1>
     <% end %>

app/views/forum_posts/partials/new/_form.html.erb

@@ -1,7 +1,7 @@
 <%= error_messages_for("forum_post") %>
 
 <%= edit_form_for(forum_post) do |f| %>
-  <% if @forum_topic %>
+  <% if forum_post.topic_id.present? %>
     <%= f.input :topic_id, :as => :hidden %>
   <% else %>
     <%= f.input :topic_id, :label => "Topic ID" %>

app/views/forum_topics/_form.html.erb

@@ -13,7 +13,7 @@
       <%= dtext_field "forum_post", "body", :classes => "autocomplete-mentions", :input_name => "forum_topic[original_post_attributes][body]", :value => forum_topic.original_post.body, :input_id => "forum_post_body_for_#{forum_topic.original_post.id}", :preview_id => "dtext-preview-for-#{forum_topic.original_post.id}" %>
     <% end %>
 
-    <% if CurrentUser.is_moderator? %>
+    <% if policy(forum_topic).moderate? %>
       <%= f.input :min_level, :include_blank => false, :collection => available_min_user_levels %>
       <%= f.input :is_sticky, :label => "Sticky" %>
       <%= f.input :is_locked, :label => "Locked" %>

app/views/forum_topics/_secondary_links.html.erb

@@ -18,9 +18,9 @@
   <% if CurrentUser.is_member? && @forum_topic && !@forum_topic.new_record? %>
     <li>|</li>
     <%= subnav_link_to "Reply", new_forum_post_path(:topic_id => @forum_topic.id) %>
-    <% if !@forum_topic.new_record? && @forum_topic.editable_by?(CurrentUser.user) %>
+    <% if !@forum_topic.new_record? && policy(@forum_topic).update? %>
       <%= subnav_link_to "Edit", edit_forum_topic_path(@forum_topic), "data-shortcut": "e" %>
-      <% if CurrentUser.is_moderator? %>
+      <% if policy(@forum_topic).destroy? # XXX %>
         <% if @forum_topic.is_deleted? %>
           <%= subnav_link_to "Undelete", undelete_forum_topic_path(@forum_topic), :method => :post %>
         <% else %>

app/views/forum_topics/index.html.erb

@@ -11,7 +11,7 @@
       Categories:
       <%= link_to "All", forum_topics_path %>, 
       <%= link_to "New", forum_topics_path(search: { is_read: false }) %>,
-      <% if CurrentUser.is_moderator? %>
+      <% if policy(ForumTopic).moderate? %>
         <%= link_to "Private", forum_topics_path(search: { is_private: true }) %>,
       <% end %>
       <%= ForumTopic::CATEGORIES.map {|id, name| link_to_unless_current(name, forum_topics_path(:search => {:category_id => id}))}.join(", ").html_safe %>

app/views/forum_topics/show.html.erb

@@ -28,14 +28,12 @@
 
     <%= render "forum_posts/listing", forum_posts: @forum_posts, original_forum_post_id: @forum_topic.original_post&.id, dtext_data: DText.preprocess(@forum_posts.map(&:body)), moderation_reports: @forum_topic.moderation_reports.visible.recent %>
 
-    <% if CurrentUser.is_member? %>
-      <% if CurrentUser.is_moderator? || !@forum_topic.is_locked? %>
-        <p><%= link_to "Post reply", new_forum_post_path(topic_id: @forum_topic.id), id: "new-response-link" %></p>
+    <% if policy(ForumPost.new(topic: @forum_topic)).create? %>
+      <p><%= link_to "Post reply", new_forum_post_path(topic_id: @forum_topic.id), id: "new-response-link" %></p>
 
-        <div style="display: none;" id="topic-response">
-          <%= render "forum_posts/partials/new/form", :forum_post => ForumPost.new(:topic_id => @forum_topic.id) %>
-        </div>
-      <% end %>
+      <div style="display: none;" id="topic-response">
+        <%= render "forum_posts/partials/new/form", forum_post: ForumPost.new(topic_id: @forum_topic.id) %>
+      </div>
     <% end %>
 
     <%= numbered_paginator(@forum_posts) %>