github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-22 04:31:10 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FEATURE: hidden site setting to suppress unsecured categories from admins (#19098)

Browse Source 
The hidden site setting `suppress_secured_categories_from_admin` will
suppress visibility of categories without explicit access from admins
in a few key areas (category drop downs and topic lists)

It is not intended to be a security wall since admins can amend any site
setting. Instead it is feature that allows hiding the categories from the
UI.

Admins will still be able to see topics in categories without explicit
access using direct URLs or flags.

Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
This commit is contained in:
Sam
2022-11-18 14:37:36 +11:00
committed by GitHub
parent a6c787345c
commit 4f63bc8ed2
5 changed files with 65 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
app/models/user.rb
View File

@ -1283,7 +1283,13 @@ class User < ActiveRecord::Base
end
def secure_category_ids
cats = self.admin? ? Category.unscoped.where(read_restricted: true) : secure_categories.references(:categories)
cats =
if self.admin? && !SiteSetting.suppress_secured_categories_from_admin
Category.unscoped.where(read_restricted: true)
else
secure_categories.references(:categories)
end
cats.pluck('categories.id').sort
end