From 108414e47c9fdec9108846b2cb92aae95efc1c08 Mon Sep 17 00:00:00 2001
From: Roman Rizzi <rizziromanalejandro@gmail.com>
Date: Tue, 13 Oct 2020 13:03:14 -0300
Subject: [PATCH] DEV: Users must be able to see a topic to moderate it.
 (#10906)

Follows-up a8c47e7c. It makes more sense to check if the user can see the topic inside the `can_moderate?` method instead of doing it separately.
---
 app/controllers/topics_controller.rb | 1 -
 lib/guardian.rb                      | 5 ++++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/controllers/topics_controller.rb b/app/controllers/topics_controller.rb
index 07a2a6b0397..9b453855b79 100644
--- a/app/controllers/topics_controller.rb
+++ b/app/controllers/topics_controller.rb
@@ -453,7 +453,6 @@ class TopicsController < ApplicationController
     params.require(:duration) if based_on_last_post
 
     topic = Topic.find_by(id: params[:topic_id])
-    guardian.ensure_can_see!(topic)
     guardian.ensure_can_moderate!(topic)
 
     options = {
diff --git a/lib/guardian.rb b/lib/guardian.rb
index bba577184e5..b67e34e29c5 100644
--- a/lib/guardian.rb
+++ b/lib/guardian.rb
@@ -170,7 +170,10 @@ class Guardian
   end
 
   def can_moderate?(obj)
-    obj && authenticated? && !is_silenced? && (is_staff? || (obj.is_a?(Topic) && @user.has_trust_level?(TrustLevel[4])))
+    obj && authenticated? && !is_silenced? && (
+      is_staff? ||
+      (obj.is_a?(Topic) && @user.has_trust_level?(TrustLevel[4]) && can_see_topic?(obj))
+    )
   end
   alias :can_see_flags? :can_moderate?