mirror/php-flarum
1
0
Fork 0
mirror of https://github.com/flarum/core.git synced 2025-10-10 06:24:26 +02:00
Code Issues Releases Wiki Activity

Overhaul permissions

Browse Source 
Get rid of Permissible - too complex and inefficient. Replace with:
- a “Locked” trait which works similarly but only evaluates logic on
hydrated models.
- a “VisibleScope” trait which also works similarly but only scopes
queries

This is all we need, Permissible is overkill. There is only one
instance where we have to duplicate some logic
(Discussion::scopeVisiblePosts and Post::allow(‘view’, …)) but it’s
barely anything.

Haven’t decoupled for now, we can definitely look at doing that later.

Permissions table seeder slightly updated.

Also did a bit of a query audit, there’s still a lot to be done but
it’s much better than it was. Some relatively low-hanging fruit
detailed in EloquentPostRepository.
This commit is contained in:
Toby Zerner
2015-06-16 17:33:56 +09:30
parent 27b9dbe4c4
commit f0df751465
16 changed files with 247 additions and 122 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/Api/Actions/Discussions/ShowAction.php
View File

@@ -93,7 +93,7 @@ class ShowAction extends SerializeResourceAction
$discussion = $this->discussions->findOrFail($request->get('id'), $user);
$discussion->posts_ids = $discussion->posts()->whereCan($user, 'view')->get(['id'])->fetch('id')->all();
$discussion->posts_ids = $discussion->visiblePosts($user)->lists('id');
if (in_array('posts', $request->include)) {
$length = strlen($prefix = 'posts.');