Fix moderator rights inconsistencies (#26729)
This commit is contained in:
parent
93d051e47d
commit
b83e487502
6 changed files with 47 additions and 9 deletions
9
app/lib/admin/account_statuses_filter.rb
Normal file
9
app/lib/admin/account_statuses_filter.rb
Normal file
|
@ -0,0 +1,9 @@
|
||||||
|
# frozen_string_literal: true
|
||||||
|
|
||||||
|
class Admin::AccountStatusesFilter < AccountStatusesFilter
|
||||||
|
private
|
||||||
|
|
||||||
|
def blocked?
|
||||||
|
false
|
||||||
|
end
|
||||||
|
end
|
|
@ -140,6 +140,6 @@ class Admin::StatusBatchAction
|
||||||
end
|
end
|
||||||
|
|
||||||
def allowed_status_ids
|
def allowed_status_ids
|
||||||
AccountStatusesFilter.new(@report.target_account, current_account).results.with_discarded.where(id: status_ids).pluck(:id)
|
Admin::AccountStatusesFilter.new(@report.target_account, current_account).results.with_discarded.where(id: status_ids).pluck(:id)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -12,7 +12,7 @@ class Admin::StatusPolicy < ApplicationPolicy
|
||||||
end
|
end
|
||||||
|
|
||||||
def show?
|
def show?
|
||||||
role.can?(:manage_reports, :manage_users) && (record.public_visibility? || record.unlisted_visibility? || record.reported?)
|
role.can?(:manage_reports, :manage_users) && (record.public_visibility? || record.unlisted_visibility? || record.reported? || viewable_through_normal_policy?)
|
||||||
end
|
end
|
||||||
|
|
||||||
def destroy?
|
def destroy?
|
||||||
|
@ -26,4 +26,10 @@ class Admin::StatusPolicy < ApplicationPolicy
|
||||||
def review?
|
def review?
|
||||||
role.can?(:manage_taxonomies)
|
role.can?(:manage_taxonomies)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
private
|
||||||
|
|
||||||
|
def viewable_through_normal_policy?
|
||||||
|
StatusPolicy.new(current_account, record, @preloaded_relations).show?
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -52,24 +52,36 @@ describe Admin::StatusesController do
|
||||||
end
|
end
|
||||||
|
|
||||||
describe 'POST #batch' do
|
describe 'POST #batch' do
|
||||||
before do
|
subject { post :batch, params: { :account_id => account.id, action => '', :admin_status_batch_action => { status_ids: status_ids } } }
|
||||||
post :batch, params: { :account_id => account.id, action => '', :admin_status_batch_action => { status_ids: status_ids } }
|
|
||||||
end
|
|
||||||
|
|
||||||
let(:status_ids) { [media_attached_status.id] }
|
let(:status_ids) { [media_attached_status.id] }
|
||||||
|
|
||||||
context 'when action is report' do
|
shared_examples 'when action is report' do
|
||||||
let(:action) { 'report' }
|
let(:action) { 'report' }
|
||||||
|
|
||||||
it 'creates a report' do
|
it 'creates a report' do
|
||||||
|
subject
|
||||||
|
|
||||||
report = Report.last
|
report = Report.last
|
||||||
expect(report.target_account_id).to eq account.id
|
expect(report.target_account_id).to eq account.id
|
||||||
expect(report.status_ids).to eq status_ids
|
expect(report.status_ids).to eq status_ids
|
||||||
end
|
end
|
||||||
|
|
||||||
it 'redirects to report page' do
|
it 'redirects to report page' do
|
||||||
|
subject
|
||||||
|
|
||||||
expect(response).to redirect_to(admin_report_path(Report.last.id))
|
expect(response).to redirect_to(admin_report_path(Report.last.id))
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
it_behaves_like 'when action is report'
|
||||||
|
|
||||||
|
context 'when the moderator is blocked by the author' do
|
||||||
|
before do
|
||||||
|
account.block!(user.account)
|
||||||
|
end
|
||||||
|
|
||||||
|
it_behaves_like 'when action is report'
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -7,7 +7,8 @@ describe Admin::StatusPolicy do
|
||||||
let(:policy) { described_class }
|
let(:policy) { described_class }
|
||||||
let(:admin) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')).account }
|
let(:admin) { Fabricate(:user, role: UserRole.find_by(name: 'Admin')).account }
|
||||||
let(:john) { Fabricate(:account) }
|
let(:john) { Fabricate(:account) }
|
||||||
let(:status) { Fabricate(:status) }
|
let(:status) { Fabricate(:status, visibility: status_visibility) }
|
||||||
|
let(:status_visibility) { :public }
|
||||||
|
|
||||||
permissions :index?, :update?, :review?, :destroy? do
|
permissions :index?, :update?, :review?, :destroy? do
|
||||||
context 'with an admin' do
|
context 'with an admin' do
|
||||||
|
@ -26,7 +27,7 @@ describe Admin::StatusPolicy do
|
||||||
permissions :show? do
|
permissions :show? do
|
||||||
context 'with an admin' do
|
context 'with an admin' do
|
||||||
context 'with a public visible status' do
|
context 'with a public visible status' do
|
||||||
before { allow(status).to receive(:public_visibility?).and_return(true) }
|
let(:status_visibility) { :public }
|
||||||
|
|
||||||
it 'permits' do
|
it 'permits' do
|
||||||
expect(policy).to permit(admin, status)
|
expect(policy).to permit(admin, status)
|
||||||
|
@ -34,11 +35,21 @@ describe Admin::StatusPolicy do
|
||||||
end
|
end
|
||||||
|
|
||||||
context 'with a not public visible status' do
|
context 'with a not public visible status' do
|
||||||
before { allow(status).to receive(:public_visibility?).and_return(false) }
|
let(:status_visibility) { :direct }
|
||||||
|
|
||||||
it 'denies' do
|
it 'denies' do
|
||||||
expect(policy).to_not permit(admin, status)
|
expect(policy).to_not permit(admin, status)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context 'when the status mentions the admin' do
|
||||||
|
before do
|
||||||
|
status.mentions.create!(account: admin)
|
||||||
|
end
|
||||||
|
|
||||||
|
it 'permits' do
|
||||||
|
expect(policy).to permit(admin, status)
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue