discourse/lib/staff_constraint.rb

require_dependency 'current_user'

class StaffConstraint

  def matches?(request)
    provider = Discourse.current_user_provider.new(request.env, rate_limit: false)

    provider.current_user &&
      provider.current_user.staff? &&
      custom_staff_check(request)
  rescue Discourse::InvalidAccess
    false
  end

  # Extensibility point: plugins can overwrite this to add additional checks
  # if they require.
  def custom_staff_check(request)
    true
  end

end