github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-28 13:51:18 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: Ensure moderators_manage_categories_and_groups is respected (#18884)

Browse Source 
Currently, moderators are able to set primary group for users
irrespective of the of the `moderators_manage_categories_and_groups` site
setting value.

This change updates Guardian implementation to honour it.
This commit is contained in:
Selase Krakani
2022-11-11 11:06:05 +00:00
committed by GitHub
parent 4cd07627d5
commit 0b367216ae
6 changed files with 68 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/controllers/admin/users_controller.rb
View File

@ -241,11 +241,11 @@ class Admin::UsersController < Admin::StaffController
end
def primary_group
guardian.ensure_can_change_primary_group!(@user)
if params[:primary_group_id].present?
primary_group_id = params[:primary_group_id].to_i
if group = Group.find(primary_group_id)
guardian.ensure_can_change_primary_group!(@user, group)
if group.user_ids.include?(@user.id)
@user.primary_group_id = primary_group_id
end