Skip to content
Permalink
Browse files

Merge remote-tracking branch 'origin/stable' into pkgr

  • Loading branch information...
crohr committed Dec 14, 2017
2 parents 2fd2a17 + 56b79ff commit 6c955ab34c77d30b7139ac25aec331ecd953f85e
Showing with 77 additions and 37 deletions.
  1. +28 −20 .travis.yml
  2. +1 −1 app/controllers/topics_controller.rb
  3. +5 −0 lib/guardian.rb
  4. +42 −16 spec/controllers/topics_controller_spec.rb
  5. +1 −0 spec/models/invite_spec.rb
@@ -5,10 +5,9 @@ env:
- DISCOURSE_HOSTNAME=www.example.com
- RUBY_GC_MALLOC_LIMIT=50000000
matrix:
- "RAILS_MASTER=0 QUNIT_RUN=0"
- "RAILS_MASTER=1 QUNIT_RUN=0"
- "RAILS_MASTER=0 QUNIT_RUN=1"
- "RAILS_MASTER=1 QUNIT_RUN=1"
- "RAILS_MASTER=0 QUNIT_RUN=0 RUN_LINT=0"
- "RAILS_MASTER=0 QUNIT_RUN=1 RUN_LINT=0"
- "RAILS_MASTER=0 QUNIT_RUN=0 RUN_LINT=1"

addons:
postgresql: 9.5
@@ -20,14 +19,11 @@ addons:
- jhead

matrix:
allow_failures:
- env: "RAILS_MASTER=1 QUNIT_RUN=0"
- env: "RAILS_MASTER=1 QUNIT_RUN=1"
fast_finish: true

rvm:
- 2.4.1
- 2.3.3
- 2.4.2
- 2.3.4

services:
- redis-server
@@ -46,20 +42,32 @@ before_install:
- git clone --depth=1 https://github.com/discourse/discourse-spoiler-alert.git plugins/discourse-spoiler-alert
- git clone --depth=1 https://github.com/discourse/discourse-cakeday.git plugins/discourse-cakeday
- git clone --depth=1 https://github.com/discourse/discourse-canned-replies.git plugins/discourse-canned-replies
- git clone --depth=1 https://github.com/discourse/discourse-slack-official.git plugins/discourse-slack-official
- yarn global add eslint@3 babel-eslint
- eslint app/assets/javascripts
- eslint --ext .es6 app/assets/javascripts
- eslint --ext .es6 test/javascripts
- eslint --ext .es6 plugins/**/assets/javascripts
- eslint test/javascripts

before_script:
- bundle exec rake db:create db:migrate
- git clone --depth=1 https://github.com/discourse/discourse-chat-integration.git plugins/discourse-chat-integration
- git clone --depth=1 https://github.com/discourse/discourse-assign.git plugins/discourse-assign
- export PATH=$HOME/.yarn/bin:$PATH

install:
- bash -c "if [ '$RAILS_MASTER' == '1' ]; then bundle update --retry=3 --jobs=3 arel rails seed-fu; fi"
- bash -c "if [ '$RAILS_MASTER' == '0' ]; then bundle install --without development --deployment --retry=3 --jobs=3; fi"
- bash -c "if [ '$RUN_LINT' == '1' ]; then yarn global add eslint babel-eslint; fi"

script:
- bash -c "if [ '$QUNIT_RUN' == '0' ]; then bundle exec rspec && bundle exec rake plugin:spec; else bundle exec rake qunit:test['200000']; fi"
- |
bash -c "
if [ '$RUN_LINT' == '1' ]; then
bundle exec rubocop --parallel && \
eslint --ext .es6 app/assets/javascripts && \
eslint --ext .es6 test/javascripts && \
eslint --ext .es6 plugins/**/assets/javascripts && \
eslint --ext .es6 plugins/**/test/javascripts && \
eslint app/assets/javascripts test/javascripts
else
bundle exec rake db:create db:migrate
if [ '$QUNIT_RUN' == '1' ]; then
LOAD_PLUGINS=1 bundle exec rake qunit:test['400000']
else
bundle exec rspec && bundle exec rake plugin:spec
fi
fi
"
@@ -471,7 +471,7 @@ def invite_group
topic = Topic.find_by(id: params[:topic_id])

if topic.private_message?
guardian.ensure_can_send_private_message!(group)
guardian.ensure_can_invite_group_to_private_message!(group, topic)
topic.invite_group(current_user, group)
render_json_dump BasicGroupSerializer.new(group, scope: guardian, root: 'group')
else
@@ -269,6 +269,11 @@ def can_see_private_messages?(user_id)
is_admin? || (authenticated? && @user.id == user_id)
end

def can_invite_group_to_private_message?(group, topic)
can_see_topic?(topic) &&
can_send_private_message?(group)
end

def can_send_private_message?(target)
(target.is_a?(Group) || target.is_a?(User)) &&
# User is authenticated
@@ -1011,31 +1011,57 @@ def topics_controller_show_gen_perm_tests(expected, ctx)
end

describe 'invite_group' do
let :admins do
Group[:admins]
end
let(:admins) { Group[:admins] }
let(:pm) { Fabricate(:private_message_topic) }

let! :admin do
log_in :admin
def invite_group(topic, expected_status)
xhr :post, :invite_group, topic_id: topic.id, group: admins.name
expect(response.status).to eq(expected_status)
end

before do
admins.alias_level = Group::ALIAS_LEVELS[:everyone]
admins.save!
admins.update!(alias_level: Group::ALIAS_LEVELS[:everyone])
end

it "disallows inviting a group to a topic" do
topic = Fabricate(:topic)
xhr :post, :invite_group, topic_id: topic.id, group: 'admins'
expect(response.status).to eq(422)
describe 'as an anon user' do
it 'should be forbidden' do
invite_group(pm, 403)
end
end

it "allows inviting a group to a PM" do
topic = Fabricate(:private_message_topic)
xhr :post, :invite_group, topic_id: topic.id, group: 'admins'
describe 'as a normal user' do
let!(:user) { log_in }

expect(response.status).to eq(200)
expect(topic.allowed_groups.first.id).to eq(admins.id)
describe 'when user does not have permission to view the topic' do
it 'should be forbidden' do
invite_group(pm, 403)
end
end

describe 'when user has permission to view the topic' do
before do
pm.allowed_users << user
end

it 'should allow user to invite group to topic' do
invite_group(pm, 200)
expect(pm.allowed_groups.first.id).to eq(admins.id)
end
end
end

describe 'as an admin user' do
let!(:admin) { log_in(:admin) }

it "disallows inviting a group to a topic" do
topic = Fabricate(:topic)
invite_group(topic, 422)
end

it "allows inviting a group to a PM" do
invite_group(pm, 200)
expect(pm.allowed_groups.first.id).to eq(admins.id)
end
end
end

@@ -141,6 +141,7 @@
let(:inviter) { group_private_topic.user }

before do
group.add_owner(inviter)
@invite = group_private_topic.invite_by_email(inviter, iceking)
end

0 comments on commit 6c955ab

Please sign in to comment.
You can’t perform that action at this time.