github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-06-01 02:34:28 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

SECURITY: only show user suggestions with regular post (#15436)

Browse Source
This commit is contained in:
Arpit Jalan
2022-01-03 13:37:40 +05:30
committed by GitHub
parent 494033225e
commit 702685b6a0
2 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/models/user_search.rb
View File

@ -83,7 +83,7 @@ class UserSearch
# 2. in topic
if @topic_id
in_topic = filtered_by_term_users
.where('users.id IN (SELECT user_id FROM posts WHERE topic_id = ?)', @topic_id)
.where('users.id IN (SELECT user_id FROM posts WHERE topic_id = ? AND post_type = ?)', @topic_id, Post.types[:regular])
if @searching_user.present?
in_topic = in_topic.where('users.id <> ?', @searching_user.id)