mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-08-21 07:41:49 +02:00
Code Issues Releases Wiki Activity

Update for visibility scoping API changes in core

Browse Source
This commit is contained in:
Toby Zerner
2018-01-11 12:35:59 +10:30
parent 60845eeee7
commit 77d33c8604
1 changed files with 11 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
extensions/tags/src/Access/DiscussionPolicy.php
View File

@@ -13,14 +13,11 @@ namespace Flarum\Tags\Access;
use Carbon\Carbon;
use Flarum\Discussion\Discussion;
use Flarum\Event\ScopeHiddenDiscussionVisibility;
use Flarum\Settings\SettingsRepositoryInterface;
use Flarum\Tags\Tag;
use Flarum\User\AbstractPolicy;
use Flarum\User\User;
use Illuminate\Contracts\Events\Dispatcher;
use Illuminate\Database\Eloquent\Builder;
use Illuminate\Database\Query\Expression;
class DiscussionPolicy extends AbstractPolicy
{
@@ -42,16 +39,6 @@ class DiscussionPolicy extends AbstractPolicy
$this->settings = $settings;
}
/**
* {@inheritdoc}
*/
public function subscribe(Dispatcher $events)
{
parent::subscribe($events);
$events->listen(ScopeHiddenDiscussionVisibility::class, [$this, 'scopeHiddenDiscussionVisibility']);
}
/**
* @param User $actor
* @param string $ability
@@ -106,20 +93,20 @@ class DiscussionPolicy extends AbstractPolicy
}
/**
* @param ScopeHiddenDiscussionVisibility $event
* @param User $actor
* @param Builder $query
* @param string $ability
*/
public function scopeHiddenDiscussionVisibility(ScopeHiddenDiscussionVisibility $event)
public function findWithPermission(User $actor, Builder $query, $ability)
{
// By default, discussions are not visible to the public if they are
// hidden or contain zero comments - unless the actor has a certain
// permission. Since we grant permissions per-tag, we will make
// discussions visible in the tags for which the user has that
// permission.
$event->query->orWhereExists(function ($query) use ($event) {
return $query->select(new Expression(1))
// If a discussion requires a certain permission in order for it to be
// visible, then we can check if the user has been granted that
// permission for any of the discussion's tags.
$query->whereExists(function ($query) use ($actor, $ability) {
return $query->selectRaw('1')
->from('discussions_tags')
->whereIn('tag_id', Tag::getIdsWhereCan($event->actor, $event->permission))
->where('discussions.id', new Expression('discussion_id'));
->whereIn('tag_id', Tag::getIdsWhereCan($actor, 'discussion.'.$ability))
->whereRaw('discussions.id = discussion_id');
});
}