Class: Guardian
Overview
The guardian is responsible for confirming access to various site resources and operations
Defined Under Namespace
Classes: AnonymousUser
Instance Attribute Summary collapse
Instance Method Summary
collapse
-
#allow_themes?(theme_ids, include_preview: false) ⇒ Boolean
-
#allowed_theme_repo_import?(repo) ⇒ Boolean
-
#anonymous? ⇒ Boolean
-
#auth_token ⇒ Object
-
#authenticated? ⇒ Boolean
-
#can_access_forum? ⇒ Boolean
Support sites that have to approve users.
-
#can_activate?(target) ⇒ Boolean
-
#can_approve?(target) ⇒ Boolean
-
#can_bulk_invite_to_forum?(user) ⇒ Boolean
-
#can_change_primary_group?(user, group) ⇒ Boolean
-
#can_change_trust_level?(user) ⇒ Boolean
-
#can_create?(klass, parent = nil) ⇒ Boolean
-
#can_delete?(obj) ⇒ Boolean
Can we delete the object.
-
#can_delete_reviewable_queued_post?(reviewable) ⇒ Boolean
-
#can_destroy_all_invites?(user) ⇒ Boolean
-
#can_edit?(obj) ⇒ Boolean
Can the user edit the obj.
-
#can_enable_safe_mode? ⇒ Boolean
-
#can_export_entity?(entity) ⇒ Boolean
-
#can_grant_admin?(user) ⇒ Boolean
-
#can_grant_badges?(_user) ⇒ Boolean
-
#can_grant_moderation?(user) ⇒ Boolean
-
#can_grant_title?(user, title = nil) ⇒ Boolean
-
#can_ignore_user?(target_user) ⇒ Boolean
-
#can_ignore_users? ⇒ Boolean
-
#can_impersonate?(target) ⇒ Boolean
Can we impersonate this user?.
-
#can_invite_group_to_private_message?(group, topic) ⇒ Boolean
-
#can_invite_to?(object, groups = nil) ⇒ Boolean
-
#can_invite_to_forum?(groups = nil) ⇒ Boolean
-
#can_invite_via_email?(object) ⇒ Boolean
-
#can_mention_here? ⇒ Boolean
-
#can_moderate?(obj) ⇒ Boolean
(also: #can_see_flags?)
-
#can_mute_user?(target_user) ⇒ Boolean
-
#can_mute_users? ⇒ Boolean
-
#can_permanently_delete?(obj) ⇒ Boolean
-
#can_publish_page?(topic) ⇒ Boolean
-
#can_resend_all_invites?(user) ⇒ Boolean
-
#can_revoke_admin?(admin) ⇒ Boolean
-
#can_revoke_moderation?(moderator) ⇒ Boolean
-
#can_see?(obj) ⇒ Boolean
Can the user see the object?.
-
#can_see_about_stats? ⇒ Boolean
-
#can_see_group?(group) ⇒ Boolean
-
#can_see_group_members?(group) ⇒ Boolean
-
#can_see_groups?(groups) ⇒ Boolean
-
#can_see_groups_members?(groups) ⇒ Boolean
-
#can_see_invite_details?(user) ⇒ Boolean
-
#can_see_invite_emails?(user) ⇒ Boolean
-
#can_see_private_messages?(user_id) ⇒ Boolean
-
#can_see_site_contact_details? ⇒ Boolean
-
#can_see_tags?(topic) ⇒ Boolean
-
#can_send_activation_email?(user) ⇒ Boolean
-
#can_send_private_message?(target, notify_moderators: false) ⇒ Boolean
This should be used as a final check for when a user is sending a message to a target user or group.
-
#can_send_private_messages?(notify_moderators: false) ⇒ Boolean
This should be used as a general, but not definitive, check for whether the user can send private messages generally, which is mostly useful for changing the UI.
-
#can_send_private_messages_to_email? ⇒ Boolean
-
#can_suspend?(user) ⇒ Boolean
(also: #can_deactivate?)
-
#can_tag?(topic) ⇒ Boolean
-
#can_use_flair_group?(user, group_id = nil) ⇒ Boolean
-
#can_use_primary_group?(user, group_id = nil) ⇒ Boolean
-
#can_view_action_logs?(target) ⇒ Boolean
-
#initialize(user = nil, request = nil) ⇒ Guardian
constructor
A new instance of Guardian.
-
#is_admin? ⇒ Boolean
-
#is_anonymous? ⇒ Boolean
-
#is_category_group_moderator?(category) ⇒ Boolean
-
#is_developer? ⇒ Boolean
-
#is_me?(other) ⇒ Boolean
-
#is_moderator? ⇒ Boolean
-
#is_silenced? ⇒ Boolean
-
#is_staff? ⇒ Boolean
-
#is_staged? ⇒ Boolean
-
#is_whisperer? ⇒ Boolean
-
#user ⇒ Object
(also: #current_user)
#allowed_user_field_ids, #can_anonymize_user?, #can_change_tracking_preferences?, #can_check_emails?, #can_check_sso_details?, #can_claim_reviewable_topic?, #can_delete_sso_record?, #can_delete_user?, #can_disable_second_factor?, #can_edit_email?, #can_edit_name?, #can_edit_user?, #can_edit_username?, #can_feature_topic?, #can_merge_user?, #can_merge_users?, #can_pick_avatar?, #can_reset_bounce_score?, #can_see_notifications?, #can_see_profile?, #can_see_review_queue?, #can_see_staff_info?, #can_see_summary_stats?, #can_see_suspension_reason?, #can_see_user?, #can_see_user_actions?, #can_see_warnings?, #can_silence_user?, #can_unsilence_user?, #can_upload_external?, #can_upload_profile_header?, #can_upload_user_card_background?, #restrict_user_fields?
#affected_by_slow_mode?, #can_banner_topic?, #can_convert_topic?, #can_create_post_on_topic?, #can_create_shared_draft?, #can_create_topic?, #can_create_topic_on_category?, #can_create_whisper?, #can_delete_topic?, #can_edit_featured_link?, #can_edit_tags?, #can_edit_topic?, #can_get_access_to_topic?, #can_moderate_topic?, #can_move_posts?, #can_move_topic_to_category?, #can_perform_action_available_to_group_moderators?, #can_permanently_delete_topic?, #can_publish_topic?, #can_recover_topic?, #can_remove_allowed_users?, #can_reply_as_new_topic?, #can_review_topic?, #can_see_deleted_topics?, #can_see_shared_draft?, #can_see_topic?, #can_see_topic_ids, #can_see_unlisted_topics?, #can_see_whispers?, #can_toggle_topic_visibility?, #can_update_bumped_at?, #filter_allowed_categories, #is_in_edit_topic_groups?
#can_admin_tag_groups?, #can_admin_tags?, #can_create_tag?, #can_see_tag?, #can_tag_pms?, #can_tag_topics?, #hidden_tag_names
#can_create_public_sidebar_section?, #can_delete_sidebar_section?, #can_edit_sidebar_section?
#can_hide_post_revision?, #can_permanently_delete_post_revisions?, #can_see_post_revision?, #can_show_post_revision?, #can_view_hidden_post_revisions?
#can_change_post_owner?, #can_change_post_timestamps?, #can_change_post_type?, #can_create_post?, #can_delete_all_posts?, #can_delete_post?, #can_delete_post_action?, #can_delete_post_or_topic?, #can_edit_hidden_post?, #can_edit_post?, #can_lock_post?, #can_permanently_delete_post?, #can_post_link?, #can_rebake?, #can_receive_post_notifications?, #can_recover_post?, #can_see_deleted_post?, #can_see_deleted_posts?, #can_see_flagged_posts?, #can_see_hidden_post?, #can_see_post?, #can_see_post_actors?, #can_skip_bump?, #can_unhide?, #can_view_edit_history?, #can_view_raw_email?, #can_wiki?, #is_in_edit_post_groups?, #link_posting_access, #post_can_act?, #unrestricted_link_posting?
#can_admin_group?, #can_associate_groups?, #can_create_group?, #can_edit_group?, #can_see_group_messages?
#ensure_can_see!, #method_missing
#allowed_category_ids, #can_create_category?, #can_delete_category?, #can_edit_category?, #can_edit_category_description?, #can_edit_serialized_category?, #can_post_in_category?, #can_see_category?, #can_see_serialized_category?, #secure_category_ids, #topic_featured_link_allowed_category_ids
#can_delete_bookmark?, #can_edit_bookmark?, #can_see_bookmarkable?
Constructor Details
#initialize(user = nil, request = nil) ⇒ Guardian
Returns a new instance of Guardian.
83
84
85
86
|
# File 'lib/guardian.rb', line 83
def initialize(user = nil, request = nil)
@user = user.presence || AnonymousUser.new
@request = request
end
|
Dynamic Method Handling
This class handles dynamic methods through the method_missing method
in the class EnsureMagic
Instance Attribute Details
#request ⇒ Object
Returns the value of attribute request.
81
82
83
|
# File 'lib/guardian.rb', line 81
def request
@request
end
|
Instance Method Details
#allow_themes?(theme_ids, include_preview: false) ⇒ Boolean
559
560
561
562
563
564
565
566
567
568
569
570
571
572
|
# File 'lib/guardian.rb', line 559
def allow_themes?(theme_ids, include_preview: false)
return true if theme_ids.blank?
if allowed_theme_ids = Theme.allowed_remote_theme_ids
return false if (theme_ids - allowed_theme_ids).present?
end
return true if include_preview && is_staff? && (theme_ids - Theme.theme_ids).blank?
parent = theme_ids.first
components = theme_ids[1..-1] || []
Theme.user_theme_ids.include?(parent) && (components - Theme.components_for(parent)).empty?
end
|
#allowed_theme_repo_import?(repo) ⇒ Boolean
547
548
549
550
551
552
553
554
555
556
557
|
# File 'lib/guardian.rb', line 547
def allowed_theme_repo_import?(repo)
return false if !@user.admin?
allowed_repos = GlobalSetting.allowed_theme_repos
if !allowed_repos.blank?
urls = allowed_repos.split(",").map(&:strip)
return urls.include?(repo)
end
true
end
|
#anonymous? ⇒ Boolean
93
94
95
|
# File 'lib/guardian.rb', line 93
def anonymous?
!authenticated?
end
|
#authenticated? ⇒ Boolean
97
98
99
|
# File 'lib/guardian.rb', line 97
def authenticated?
@user.present?
end
|
#can_access_forum? ⇒ Boolean
Support sites that have to approve users
385
386
387
388
389
390
391
392
393
|
# File 'lib/guardian.rb', line 385
def can_access_forum?
return true unless SiteSetting.must_approve_users?
return false if anonymous?
return true if is_staff?
@user.approved?
end
|
#can_activate?(target) ⇒ Boolean
321
322
323
|
# File 'lib/guardian.rb', line 321
def can_activate?(target)
is_staff? && target && not(target.active?)
end
|
#can_approve?(target) ⇒ Boolean
317
318
319
|
# File 'lib/guardian.rb', line 317
def can_approve?(target)
is_staff? && target && target.active? && !target.approved?
end
|
#can_bulk_invite_to_forum?(user) ⇒ Boolean
438
439
440
|
# File 'lib/guardian.rb', line 438
def can_bulk_invite_to_forum?(user)
user.admin?
end
|
#can_change_primary_group?(user, group) ⇒ Boolean
376
377
378
|
# File 'lib/guardian.rb', line 376
def can_change_primary_group?(user, group)
user && can_edit_group?(group)
end
|
#can_change_trust_level?(user) ⇒ Boolean
380
381
382
|
# File 'lib/guardian.rb', line 380
def can_change_trust_level?(user)
user && is_staff?
end
|
#can_create?(klass, parent = nil) ⇒ Boolean
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
|
# File 'lib/guardian.rb', line 166
def can_create?(klass, parent = nil)
return false unless authenticated? && klass
target = klass.name.underscore
if parent.present?
return false unless can_see?(parent)
target << "_on_#{parent.class.name.underscore}"
end
create_method = :"can_create_#{target}?"
return public_send(create_method, parent) if respond_to?(create_method)
true
end
|
#can_delete?(obj) ⇒ Boolean
196
197
198
|
# File 'lib/guardian.rb', line 196
def can_delete?(obj)
can_do?(:delete, obj)
end
|
#can_delete_reviewable_queued_post?(reviewable) ⇒ Boolean
231
232
233
234
235
236
237
|
# File 'lib/guardian.rb', line 231
def can_delete_reviewable_queued_post?(reviewable)
return false if reviewable.blank?
return false if !authenticated?
return true if is_api? && is_admin?
reviewable.target_created_by_id == @user.id
end
|
#can_destroy_all_invites?(user) ⇒ Boolean
446
447
448
|
# File 'lib/guardian.rb', line 446
def can_destroy_all_invites?(user)
user.staff?
end
|
#can_edit?(obj) ⇒ Boolean
Can the user edit the obj
191
192
193
|
# File 'lib/guardian.rb', line 191
def can_edit?(obj)
can_do?(:edit, obj)
end
|
#can_enable_safe_mode? ⇒ Boolean
186
187
188
|
# File 'lib/guardian.rb', line 186
def can_enable_safe_mode?
SiteSetting.enable_safe_mode? || is_staff?
end
|
#can_export_entity?(entity) ⇒ Boolean
516
517
518
519
520
521
522
523
524
525
526
527
|
# File 'lib/guardian.rb', line 516
def can_export_entity?(entity)
return false if anonymous?
return true if is_admin?
return entity != "user_list" if is_moderator?
return false unless entity == "user_archive"
UserExport.where(
user_id: @user.id,
created_at: (Time.zone.now.beginning_of_day..Time.zone.now.end_of_day),
).count == 0
end
|
#can_grant_admin?(user) ⇒ Boolean
334
335
336
|
# File 'lib/guardian.rb', line 334
def can_grant_admin?(user)
can_administer_user?(user) && !user.admin?
end
|
#can_grant_badges?(_user) ⇒ Boolean
227
228
229
|
# File 'lib/guardian.rb', line 227
def can_grant_badges?(_user)
SiteSetting.enable_badges && is_staff?
end
|
#can_grant_moderation?(user) ⇒ Boolean
342
343
344
|
# File 'lib/guardian.rb', line 342
def can_grant_moderation?(user)
can_administer?(user) && !user.moderator?
end
|
#can_grant_title?(user, title = nil) ⇒ Boolean
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
|
# File 'lib/guardian.rb', line 346
def can_grant_title?(user, title = nil)
return true if user && is_staff?
return false if title.nil?
return true if title.empty? return false if user != @user
if user
.badges
.where(allow_title: true)
.pluck(:name)
.any? { |name| Badge.display_name(name) == title }
return true
end
user.groups.where(title: title).exists?
end
|
#can_ignore_user?(target_user) ⇒ Boolean
538
539
540
|
# File 'lib/guardian.rb', line 538
def can_ignore_user?(target_user)
can_ignore_users? && @user.id != target_user.id && !target_user.staff?
end
|
#can_ignore_users? ⇒ Boolean
542
543
544
545
|
# File 'lib/guardian.rb', line 542
def can_ignore_users?
return false if anonymous?
@user.staff? || @user.has_trust_level?(SiteSetting.min_trust_level_to_allow_ignore.to_i)
end
|
#can_impersonate?(target) ⇒ Boolean
Can we impersonate this user?
300
301
302
303
304
305
306
307
308
309
310
|
# File 'lib/guardian.rb', line 300
def can_impersonate?(target)
GlobalSetting.allow_impersonation && target &&
is_admin? &&
(!target.admin? || is_developer?)
end
|
#can_invite_group_to_private_message?(group, topic) ⇒ Boolean
454
455
456
|
# File 'lib/guardian.rb', line 454
def can_invite_group_to_private_message?(group, topic)
can_see_topic?(topic) && can_send_private_message?(group)
end
|
#can_invite_to?(object, groups = nil) ⇒ Boolean
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
|
# File 'lib/guardian.rb', line 409
def can_invite_to?(object, groups = nil)
return false if !authenticated?
return false if !object.is_a?(Topic) || !can_see?(object)
return false if groups.present?
if object.is_a?(Topic)
if object.private_message?
return true if is_admin?
return false if !@user.in_any_groups?(SiteSetting.personal_message_enabled_groups_map)
return false if object.reached_recipients_limit? && !is_staff?
end
if (category = object.category) && category.read_restricted
return category.groups&.where(automatic: false).any? { |g| can_edit_group?(g) }
end
end
true
end
|
#can_invite_to_forum?(groups = nil) ⇒ Boolean
403
404
405
406
407
|
# File 'lib/guardian.rb', line 403
def can_invite_to_forum?(groups = nil)
authenticated? && (is_staff? || SiteSetting.max_invites_per_day.to_i.positive?) &&
(is_staff? || @user.has_trust_level?(SiteSetting.min_trust_level_to_allow_invite.to_i)) &&
(is_admin? || groups.blank? || groups.all? { |g| can_edit_group?(g) })
end
|
#can_invite_via_email?(object) ⇒ Boolean
430
431
432
433
434
435
436
|
# File 'lib/guardian.rb', line 430
def can_invite_via_email?(object)
return false if !can_invite_to_forum?
return false if !can_invite_to?(object)
(SiteSetting.enable_local_logins || SiteSetting.enable_discourse_connect) &&
(!SiteSetting.must_approve_users? || is_staff?)
end
|
#can_mention_here? ⇒ Boolean
604
605
606
607
608
609
610
611
|
# File 'lib/guardian.rb', line 604
def can_mention_here?
return false if SiteSetting.here_mention.blank?
return false if SiteSetting.max_here_mentioned < 1
return false if !authenticated?
return false if User.where(username_lower: SiteSetting.here_mention).exists?
@user.has_trust_level_or_staff?(SiteSetting.min_trust_level_for_here_mention)
end
|
#can_moderate?(obj) ⇒ Boolean
Also known as:
can_see_flags?
204
205
206
207
208
209
210
|
# File 'lib/guardian.rb', line 204
def can_moderate?(obj)
obj && authenticated? && !is_silenced? &&
(
is_staff? ||
(obj.is_a?(Topic) && @user.has_trust_level?(TrustLevel[4]) && can_see_topic?(obj))
)
end
|
#can_mute_user?(target_user) ⇒ Boolean
529
530
531
|
# File 'lib/guardian.rb', line 529
def can_mute_user?(target_user)
can_mute_users? && @user.id != target_user.id && !target_user.staff?
end
|
#can_mute_users? ⇒ Boolean
533
534
535
536
|
# File 'lib/guardian.rb', line 533
def can_mute_users?
return false if anonymous?
@user.staff? || @user.trust_level >= TrustLevel.levels[:basic]
end
|
#can_permanently_delete?(obj) ⇒ Boolean
200
201
202
|
# File 'lib/guardian.rb', line 200
def can_permanently_delete?(obj)
can_do?(:permanently_delete, obj)
end
|
#can_publish_page?(topic) ⇒ Boolean
574
575
576
577
578
579
580
581
|
# File 'lib/guardian.rb', line 574
def can_publish_page?(topic)
return false if !SiteSetting.enable_page_publishing?
return false if SiteSetting.secure_uploads?
return false if topic.blank?
return false if topic.private_message?
return false unless can_see_topic?(topic)
is_staff?
end
|
#can_resend_all_invites?(user) ⇒ Boolean
442
443
444
|
# File 'lib/guardian.rb', line 442
def can_resend_all_invites?(user)
user.staff?
end
|
#can_revoke_admin?(admin) ⇒ Boolean
330
331
332
|
# File 'lib/guardian.rb', line 330
def can_revoke_admin?(admin)
can_administer_user?(admin) && admin.admin?
end
|
#can_revoke_moderation?(moderator) ⇒ Boolean
338
339
340
|
# File 'lib/guardian.rb', line 338
def can_revoke_moderation?(moderator)
can_administer?(moderator) && moderator.moderator?
end
|
#can_see?(obj) ⇒ Boolean
Can the user see the object?
159
160
161
162
163
164
|
# File 'lib/guardian.rb', line 159
def can_see?(obj)
if obj
see_method = method_name_for :see, obj
see_method && public_send(see_method, obj)
end
end
|
#can_see_about_stats? ⇒ Boolean
583
584
585
|
# File 'lib/guardian.rb', line 583
def can_see_about_stats?
true
end
|
#can_see_group?(group) ⇒ Boolean
239
240
241
|
# File 'lib/guardian.rb', line 239
def can_see_group?(group)
group.present? && can_see_groups?([group])
end
|
#can_see_group_members?(group) ⇒ Boolean
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
|
# File 'lib/guardian.rb', line 243
def can_see_group_members?(group)
return false if group.blank?
return true if is_admin? || group.members_visibility_level == Group.visibility_levels[:public]
return true if is_staff? && group.members_visibility_level == Group.visibility_levels[:staff]
return true if is_staff? && group.members_visibility_level == Group.visibility_levels[:members]
if authenticated? && group.members_visibility_level == Group.visibility_levels[:logged_on_users]
return true
end
return false if user.blank?
return false unless membership = GroupUser.find_by(group_id: group.id, user_id: user.id)
return true if membership.owner
return false if group.members_visibility_level == Group.visibility_levels[:owners]
return false if group.members_visibility_level == Group.visibility_levels[:staff]
true
end
|
#can_see_groups?(groups) ⇒ Boolean
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
|
# File 'lib/guardian.rb', line 262
def can_see_groups?(groups)
return false if groups.blank?
if is_admin? || groups.all? { |g| g.visibility_level == Group.visibility_levels[:public] }
return true
end
if is_staff? && groups.all? { |g| g.visibility_level == Group.visibility_levels[:staff] }
return true
end
if is_staff? && groups.all? { |g| g.visibility_level == Group.visibility_levels[:members] }
return true
end
if authenticated? &&
groups.all? { |g| g.visibility_level == Group.visibility_levels[:logged_on_users] }
return true
end
return false if user.blank?
memberships = GroupUser.where(group: groups, user_id: user.id).pluck(:owner)
return false if memberships.size < groups.size
return true if memberships.all?
return false if groups.all? { |g| g.visibility_level == Group.visibility_levels[:owners] }
return false if groups.all? { |g| g.visibility_level == Group.visibility_levels[:staff] }
true
end
|
#can_see_groups_members?(groups) ⇒ Boolean
289
290
291
292
293
294
295
296
297
|
# File 'lib/guardian.rb', line 289
def can_see_groups_members?(groups)
return false if groups.blank?
requested_group_ids = groups.map(&:id) matching_group_ids =
Group.where(id: requested_group_ids).members_visible_groups(user).pluck(:id)
matching_group_ids.sort == requested_group_ids.sort
end
|
#can_see_invite_details?(user) ⇒ Boolean
395
396
397
|
# File 'lib/guardian.rb', line 395
def can_see_invite_details?(user)
is_staff? || is_me?(user)
end
|
#can_see_invite_emails?(user) ⇒ Boolean
399
400
401
|
# File 'lib/guardian.rb', line 399
def can_see_invite_emails?(user)
is_staff? || is_me?(user)
end
|
#can_see_private_messages?(user_id) ⇒ Boolean
450
451
452
|
# File 'lib/guardian.rb', line 450
def can_see_private_messages?(user_id)
is_admin? || (authenticated? && @user.id == user_id)
end
|
587
588
589
|
# File 'lib/guardian.rb', line 587
def can_see_site_contact_details?
!SiteSetting.login_required? || authenticated?
end
|
219
220
221
|
# File 'lib/guardian.rb', line 219
def can_see_tags?(topic)
SiteSetting.tagging_enabled && topic.present? && (!topic.private_message? || can_tag_pms?)
end
|
#can_send_activation_email?(user) ⇒ Boolean
223
224
225
|
# File 'lib/guardian.rb', line 223
def can_send_activation_email?(user)
user && is_staff? && !SiteSetting.must_approve_users?
end
|
#can_send_private_message?(target, notify_moderators: false) ⇒ Boolean
This should be used as a final check for when a user is sending a message to a target user or group.
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
|
# File 'lib/guardian.rb', line 482
def can_send_private_message?(target, notify_moderators: false)
target_is_user = target.is_a?(User)
target_is_group = target.is_a?(Group)
from_system = @user.is_system_user?
return false if !(target_is_group || target_is_user)
group_is_messageable = target_is_group && Group.messageable(@user).where(id: target.id).exists?
(can_send_private_messages?(notify_moderators: notify_moderators) || group_is_messageable) &&
(is_staff? || target_is_group || target.user_option.allow_private_messages) &&
(is_staff? || target_is_group || !target.suspended?) &&
(from_system || target_is_user || group_is_messageable || notify_moderators) &&
(!is_silenced? || target.staff?)
end
|
#can_send_private_messages?(notify_moderators: false) ⇒ Boolean
This should be used as a general, but not definitive, check for whether the user can send private messages generally, which is mostly useful for changing the UI.
Please otherwise use can_send_private_message?(target, notify_moderators) to check if a single target can be messaged.
465
466
467
468
469
470
471
472
473
474
475
476
477
|
# File 'lib/guardian.rb', line 465
def can_send_private_messages?(notify_moderators: false)
from_system = @user.is_system_user?
from_bot = @user.bot?
authenticated? &&
(
is_staff? || from_bot || from_system ||
(@user.in_any_groups?(SiteSetting.personal_message_enabled_groups_map)) ||
notify_moderators
)
end
|
#can_send_private_messages_to_email? ⇒ Boolean
506
507
508
509
510
511
512
513
514
|
# File 'lib/guardian.rb', line 506
def can_send_private_messages_to_email?
return false if !SiteSetting.enable_staged_users
return false if !authenticated?
@user.in_any_groups?(SiteSetting.personal_message_enabled_groups_map) &&
@user.has_trust_level_or_staff?(SiteSetting.min_trust_to_send_email_messages)
end
|
#can_suspend?(user) ⇒ Boolean
Also known as:
can_deactivate?
325
326
327
|
# File 'lib/guardian.rb', line 325
def can_suspend?(user)
user && is_staff? && user.regular?
end
|
#can_tag?(topic) ⇒ Boolean
213
214
215
216
217
|
# File 'lib/guardian.rb', line 213
def can_tag?(topic)
return false if topic.blank?
topic.private_message? ? can_tag_pms? : can_tag_topics?
end
|
#can_use_flair_group?(user, group_id = nil) ⇒ Boolean
370
371
372
373
374
|
# File 'lib/guardian.rb', line 370
def can_use_flair_group?(user, group_id = nil)
return false if !user || !group_id || !user.group_ids.include?(group_id.to_i)
flair_icon, flair_upload_id = Group.where(id: group_id.to_i).pick(:flair_icon, :flair_upload_id)
flair_icon.present? || flair_upload_id.present?
end
|
#can_use_primary_group?(user, group_id = nil) ⇒ Boolean
363
364
365
366
367
368
|
# File 'lib/guardian.rb', line 363
def can_use_primary_group?(user, group_id = nil)
return false if !user || !group_id
group = Group.find_by(id: group_id.to_i)
user.group_ids.include?(group_id.to_i) && (group ? !group.automatic : false)
end
|
#can_view_action_logs?(target) ⇒ Boolean
312
313
314
|
# File 'lib/guardian.rb', line 312
def can_view_action_logs?(target)
target.present? && is_staff?
end
|
#is_admin? ⇒ Boolean
101
102
103
|
# File 'lib/guardian.rb', line 101
def is_admin?
@user.admin?
end
|
#is_anonymous? ⇒ Boolean
154
155
156
|
# File 'lib/guardian.rb', line 154
def is_anonymous?
@user.anonymous?
end
|
#is_category_group_moderator?(category) ⇒ Boolean
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
# File 'lib/guardian.rb', line 117
def is_category_group_moderator?(category)
return false if !category
return false if !category_group_moderation_allowed?
reviewable_by_group_id = category.reviewable_by_group_id
return false if reviewable_by_group_id.blank?
@category_group_moderator_groups ||= {}
if @category_group_moderator_groups.key?(reviewable_by_group_id)
@category_group_moderator_groups[reviewable_by_group_id]
else
@category_group_moderator_groups[
reviewable_by_group_id
] = category_group_moderator_scope.exists?("categories.id": category.id)
end
end
|
#is_developer? ⇒ Boolean
139
140
141
142
143
144
145
146
147
148
|
# File 'lib/guardian.rb', line 139
def is_developer?
@user && is_admin? &&
(
Rails.env.development? || Developer.user_ids.include?(@user.id) ||
(
Rails.configuration.respond_to?(:developer_emails) &&
Rails.configuration.developer_emails.include?(@user.email)
)
)
end
|
#is_me?(other) ⇒ Boolean
613
614
615
|
# File 'lib/guardian.rb', line 613
def is_me?(other)
other && authenticated? && other.is_a?(User) && @user == other
end
|
#is_moderator? ⇒ Boolean
109
110
111
|
# File 'lib/guardian.rb', line 109
def is_moderator?
@user.moderator?
end
|
#is_silenced? ⇒ Boolean
135
136
137
|
# File 'lib/guardian.rb', line 135
def is_silenced?
@user.silenced?
end
|
#is_staff? ⇒ Boolean
105
106
107
|
# File 'lib/guardian.rb', line 105
def is_staff?
@user.staff?
end
|
#is_staged? ⇒ Boolean
150
151
152
|
# File 'lib/guardian.rb', line 150
def is_staged?
@user.staged?
end
|
#is_whisperer? ⇒ Boolean
113
114
115
|
# File 'lib/guardian.rb', line 113
def is_whisperer?
@user.whisperer?
end
|
#user ⇒ Object
Also known as:
current_user
88
89
90
|
# File 'lib/guardian.rb', line 88
def user
@user.presence
end
|