Skip to content

DEV: Move tag related guardian tests to tag_guardian_spec #33817

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Jul 25, 2025
+119 −121
Merged

DEV: Move tag related guardian tests to tag_guardian_spec #33817

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion lib/guardian/tag_guardian.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ def can_tag_topics?

def can_tag_pms?
return false if !SiteSetting.tagging_enabled
return false if @user.blank?
return false if !authenticated?
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

More explicit.

return true if @user == Discourse.system_user

group_ids = SiteSetting.pm_tags_allowed_for_groups_map
Expand Down
118 changes: 118 additions & 0 deletions spec/lib/guardian/tag_guardian_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
# frozen_string_literal: true

RSpec.describe TagGuardian do
fab!(:user)
fab!(:admin)
fab!(:trust_level_0)
fab!(:trust_level_1)
fab!(:trust_level_2)
fab!(:trust_level_3)

###### VISIBILITY ######

describe "#can_see_tag?" do
it "returns true for everyone" do
expect(Guardian.new(nil).can_see_tag?(anything)).to be_truthy
end
end

###### CREATION ######

describe "#can_create_tag?" do
it "returns false when tagging is disabled" do
SiteSetting.tagging_enabled = false

expect(Guardian.new(admin).can_create_tag?).to be_falsey
end

it "returns false when user is not in an allowed group" do
expect(Guardian.new(trust_level_2).can_create_tag?).to be_falsey
end

it "returns true when user is in an allowed group" do
expect(Guardian.new(trust_level_3).can_create_tag?).to be_truthy
end
end

###### TAGGING ######

describe "#can_tag_topics?" do
it "returns false when tagging is disabled" do
SiteSetting.tagging_enabled = false

expect(Guardian.new(admin).can_create_tag?).to be_falsey
end

it "returns false when user is not in an allowed group" do
SiteSetting.tag_topic_allowed_groups = "1|2|11"

expect(Guardian.new(trust_level_0).can_tag_topics?).to be_falsey
end

it "returns true when user is in an allowed group" do
expect(Guardian.new(trust_level_1).can_tag_topics?).to be_truthy
end
end

describe "#can_tag_pms?" do
it "returns false when tagging is disabled" do
SiteSetting.tagging_enabled = false

expect(Guardian.new(admin).can_tag_pms?).to be_falsey
end

it "returns true when the actor is the system user" do
expect(Guardian.new(Discourse.system_user).can_tag_pms?).to be_truthy
end

it "returns false for a guest user" do
expect(Guardian.new(nil).can_tag_pms?).to be_falsey
end

it "returns false when user is not in an allowed group" do
SiteSetting.pm_tags_allowed_for_groups = "1|2|11"

expect(Guardian.new(trust_level_0).can_tag_pms?).to be_falsey
end

it "returns true when user is in an allowed group" do
SiteSetting.pm_tags_allowed_for_groups = "1|2|11"

expect(Guardian.new(trust_level_1).can_tag_pms?).to be_truthy
end
end

###### ADMIN ######

describe "#can_admin_tags?" do
it "returns false when tagging is disabled" do
SiteSetting.tagging_enabled = false

expect(Guardian.new(admin).can_admin_tags?).to be_falsey
end

it "returns false for a regular user" do
expect(Guardian.new(user).can_admin_tags?).to be_falsey
end

it "returns true for a staff user" do
expect(Guardian.new(admin).can_admin_tags?).to be_truthy
end
end

describe "#can_admin_tag_groups?" do
it "returns false when tagging is disabled" do
SiteSetting.tagging_enabled = false

expect(Guardian.new(admin).can_admin_tag_groups?).to be_falsey
end

it "returns false for a regular user" do
expect(Guardian.new(user).can_admin_tag_groups?).to be_falsey
end

it "returns true for a staff user" do
expect(Guardian.new(admin).can_admin_tag_groups?).to be_truthy
end
end
end
120 changes: 0 additions & 120 deletions spec/lib/guardian_spec.rb
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2698,126 +2698,6 @@
end
end

describe "Tags" do
context "with tagging disabled" do
before { SiteSetting.tagging_enabled = false }

it "can_create_tag returns false" do
expect(Guardian.new(admin).can_create_tag?).to be_falsey
end

it "can_admin_tags returns false" do
expect(Guardian.new(admin).can_admin_tags?).to be_falsey
end

it "can_admin_tag_groups returns false" do
expect(Guardian.new(admin).can_admin_tag_groups?).to be_falsey
end
end

context "when tagging is enabled" do
before do
SiteSetting.tagging_enabled = true
SiteSetting.tag_topic_allowed_groups = Group::AUTO_GROUPS[:trust_level_1]
end

context "when minimum trust level to create tags is 3" do
before do
SiteSetting.create_tag_allowed_groups = "1|3|#{Group::AUTO_GROUPS[:trust_level_3]}"
end

describe "#can_see_tag?" do
it "is always true" do
expect(Guardian.new.can_see_tag?(anything)).to be_truthy
end
end

describe "can_create_tag" do
it "returns false if trust level is too low" do
expect(Guardian.new(trust_level_2).can_create_tag?).to be_falsey
end

it "returns true if trust level is high enough" do
expect(Guardian.new(trust_level_3).can_create_tag?).to be_truthy
end

it "returns true for staff" do
expect(Guardian.new(admin).can_create_tag?).to be_truthy
expect(Guardian.new(moderator).can_create_tag?).to be_truthy
end
end

describe "can_tag_topics" do
it "returns false if trust level is too low" do
expect(
Guardian.new(
Fabricate(:user, trust_level: 0, refresh_auto_groups: true),
).can_tag_topics?,
).to be_falsey
end

it "returns true if trust level is high enough" do
expect(
Guardian.new(
Fabricate(:user, trust_level: 1, refresh_auto_groups: true),
).can_tag_topics?,
).to be_truthy
end

it "returns true for staff" do
expect(Guardian.new(admin).can_tag_topics?).to be_truthy
expect(Guardian.new(moderator).can_tag_topics?).to be_truthy
end
end
end

context "when staff and admin groups are allowed to create tags" do
before do
SiteSetting.min_trust_to_create_tag = "staff"
SiteSetting.create_tag_allowed_groups =
"#{Group::AUTO_GROUPS[:staff]}|#{Group::AUTO_GROUPS[:admins]}"
end

it "returns false if not staff" do
expect(Guardian.new(trust_level_4).can_create_tag?).to eq(false)
end

it "returns true if staff" do
expect(Guardian.new(admin).can_create_tag?).to be_truthy
expect(Guardian.new(moderator).can_create_tag?).to be_truthy
end
end

context "when only admin group is allowed to create tags" do
before do
SiteSetting.min_trust_to_create_tag = "admin"
SiteSetting.create_tag_allowed_groups = Group::AUTO_GROUPS[:admins]
end

it "returns true if admin or moderator" do
expect(Guardian.new(admin).can_create_tag?).to be_truthy
expect(Guardian.new(moderator).can_create_tag?).to be_truthy
end
end
end

context "when tagging PMs" do
it "pm_tags_allowed_for_groups contains everyone" do
SiteSetting.pm_tags_allowed_for_groups = "#{Group::AUTO_GROUPS[:everyone]}"

expect(Guardian.new(user).can_tag_pms?).to be_truthy
end

it "pm_tags_allowed_for_groups contains a group" do
SiteSetting.pm_tags_allowed_for_groups = "#{group.id}"
group.add(member)

expect(Guardian.new(user).can_tag_pms?).to be_falsey
expect(Guardian.new(member).can_tag_pms?).to be_truthy
end
end
end

describe "#can_see_group?" do
it "Correctly handles owner visible groups" do
group = Group.new(name: "group", visibility_level: Group.visibility_levels[:owners])
Expand Down
Loading