Skip to content

DEV: Remove now-redundant is_staff check in can_invite_to_forum #33742

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 23, 2025
Merged

DEV: Remove now-redundant is_staff check in can_invite_to_forum #33742

merged 1 commit into from
Jul 23, 2025

Conversation

Drenmi
Copy link
Contributor

@Drenmi Drenmi commented Jul 22, 2025
edited
Loading

What is this change?

We check for membership in invite_allowed_groups, which has admins and moderators as a mandatory value, so it's redundant to check is_staff? as well.

I also unfurled this one long conditional into multiple guard clauses.

The refactoring is covered by existing tests in invite_guardian_spec.rb.

Drenmi
Drenmi commented Jul 22, 2025
View reviewed changes
lib/guardian/invite_guardian.rb
return false if !@user.in_any_groups?(SiteSetting.invite_allowed_groups_map)
return false if !SiteSetting.max_invites_per_day.to_i.positive? && !is_staff?

groups.blank? || groups.all? { |g| can_edit_group?(g) }
Copy link
Contributor Author

@Drenmi Drenmi Jul 22, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is_admin? is already checked for in can_edit_group?, no need to leak the logic into here.

Drenmi
Drenmi commented Jul 22, 2025
View reviewed changes
lib/guardian/invite_guardian.rb
(is_admin? || groups.blank? || groups.all? { |g| can_edit_group?(g) })
return false if !authenticated?
return false if !@user.in_any_groups?(SiteSetting.invite_allowed_groups_map)
return false if !SiteSetting.max_invites_per_day.to_i.positive? && !is_staff?
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure this escape hatch for staff works in practice, because I didn't see any conditional in the rate-limiting logic, but leaving it here for now and can investigate separately.

martin-brennan
martin-brennan reviewed Jul 22, 2025
View reviewed changes
martin-brennan
martin-brennan approved these changes Jul 22, 2025
View reviewed changes
Copy link
Contributor

@martin-brennan martin-brennan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I also unfurled this one long conditional into multiple guard clauses.

Thank you! 🙏

@Drenmi Drenmi force-pushed the dev/extract-invite-guardian branch 3 times, most recently from af6e0de to 59ce6ed Compare July 23, 2025 03:06
@Drenmi Drenmi force-pushed the dev/remove-redundant-staff-check-4 branch from 5592d5e to 7c827d3 Compare July 23, 2025 03:08
Base automatically changed from dev/extract-invite-guardian to main July 23, 2025 05:14
@Drenmi Drenmi force-pushed the dev/remove-redundant-staff-check-4 branch 2 times, most recently from eee6853 to 5dd2c53 Compare July 23, 2025 07:22
@Drenmi Drenmi force-pushed the dev/remove-redundant-staff-check-4 branch from 5dd2c53 to bd8d4ec Compare July 23, 2025 07:36
@Drenmi Drenmi merged commit a214302 into main Jul 23, 2025
15 of 16 checks passed
@Drenmi Drenmi deleted the dev/remove-redundant-staff-check-4 branch July 23, 2025 07:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@martin-brennan martin-brennan martin-brennan approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Drenmi @martin-brennan