DEV: Change min_trust_level_to_allow_profile_background to trust leve…

…l setting (discourse#25721) New setting name is profile_background_allowed_groups c.f. https://meta.discourse.org/t/changes-coming-to-settings-for-giving-access-to-features-from-trust-levels-to-groups/283408
RickyC0626-forks · Feb 19, 2024 · a57280c · a57280c
1 parent 9372404
commit a57280c
Show file tree

Hide file tree

Showing 7 changed files with 49 additions and 14 deletions.
diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml
@@ -1988,6 +1988,7 @@ en:
     min_trust_to_post_embedded_media: "The minimum trust level required to embed media items in a post"
     embedded_media_post_allowed_groups: "The users in these groups are allowed to embed media items in a post"
     min_trust_level_to_allow_profile_background: "The minimum trust level required to upload a profile background"
+    profile_background_allowed_groups: "Groups that are allowed to upload a profile background."
     min_trust_level_to_allow_user_card_background: "The minimum trust level required to upload a user card background"
     user_card_background_allowed_groups: "Groups that are allowed to upload a user card background."
     min_trust_level_to_allow_invite: "The minimum trust level required to invite users"
@@ -2598,6 +2599,7 @@ en:
       post_links_allowed_groups: "min_trust_to_post_links"
       user_api_key_allowed_groups: "min_trust_level_for_user_api_key"
       tag_topic_allowed_groups: "min_trust_level_to_tag_topics"
+      profile_background_allowed_groups: "min_trust_level_to_allow_profile_background"
 
     placeholder:
       discourse_connect_provider_secrets:

diff --git a/config/site_settings.yml b/config/site_settings.yml
@@ -1778,6 +1778,11 @@ trust:
     default: 0
     client: true
     enum: "TrustLevelSetting"
+  profile_background_allowed_groups:
+    default: "3|10" # auto group staff and trust_level_0
+    type: group_list
+    allow_any: false
+    refresh: true
   min_trust_level_to_allow_user_card_background:
     default: 0
     client: true
@@ -1788,7 +1793,6 @@ trust:
     type: group_list
     allow_any: false
     refresh: true
-    validator: "AtLeastOneGroupValidator"
   min_trust_level_to_allow_invite:
     default: 2
     enum: "TrustLevelSetting"

diff --git a/...rate/20240216073624_fill_profile_background_allowed_groups_based_on_deprecated_setting.rb b/...rate/20240216073624_fill_profile_background_allowed_groups_based_on_deprecated_setting.rb
@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+class FillProfileBackgroundAllowedGroupsBasedOnDeprecatedSetting < ActiveRecord::Migration[7.0]
+  def up
+    old_setting_trust_level =
+      DB.query_single(
+        "SELECT value FROM site_settings WHERE name = 'min_trust_level_to_allow_profile_background' LIMIT 1",
+      ).first
+
+    if old_setting_trust_level.present?
+      allowed_groups = "3|1#{old_setting_trust_level}" # allow staff and the TL auto group
+
+      DB.exec(
+        "INSERT INTO site_settings(name, value, data_type, created_at, updated_at)
+        VALUES('profile_background_allowed_groups', :setting, '20', NOW(), NOW())",
+        setting: allowed_groups,
+      )
+    end
+  end
+
+  def down
+    raise ActiveRecord::IrreversibleMigration
+  end
+end
diff --git a/lib/guardian/user_guardian.rb b/lib/guardian/user_guardian.rb
@@ -182,10 +182,8 @@ def can_see_summary_stats?(target_user)
   end
 
   def can_upload_profile_header?(user)
-    (
-      is_me?(user) &&
-        user.has_trust_level?(SiteSetting.min_trust_level_to_allow_profile_background.to_i)
-    ) || is_staff?
+    (is_me?(user) && user.in_any_groups?(SiteSetting.profile_background_allowed_groups_map)) ||
+      is_staff?
   end
 
   def can_upload_user_card_background?(user)

diff --git a/lib/site_settings/deprecated_settings.rb b/lib/site_settings/deprecated_settings.rb
@@ -41,6 +41,12 @@ module SiteSettings::DeprecatedSettings
     ["min_trust_to_post_links", "post_links_allowed_groups", false, "3.3"],
     ["min_trust_level_for_user_api_key", "user_api_key_allowed_groups", false, "3.3"],
     ["min_trust_level_to_tag_topics", "tag_topic_allowed_groups", false, "3.3"],
+    [
+      "min_trust_level_to_allow_profile_background",
+      "profile_background_allowed_groups",
+      false,
+      "3.3",
+    ],
   ]
 
   OVERRIDE_TL_GROUP_SETTINGS = %w[
@@ -66,6 +72,7 @@ module SiteSettings::DeprecatedSettings
     min_trust_to_post_links
     min_trust_level_for_user_api_key
     min_trust_level_to_tag_topics
+    min_trust_level_to_allow_profile_background
   ]
 
   def group_to_tl(old_setting, new_setting)

diff --git a/spec/lib/guardian/user_guardian_spec.rb b/spec/lib/guardian/user_guardian_spec.rb
@@ -451,15 +451,15 @@
       expect(guardian.can_upload_profile_header?(admin)).to eq(true)
     end
 
-    it "returns true if the trust level of user matches site setting" do
+    it "returns true if the group of user matches site setting" do
       guardian = Guardian.new(trust_level_2)
-      SiteSetting.min_trust_level_to_allow_profile_background = 2
+      SiteSetting.profile_background_allowed_groups = Group::AUTO_GROUPS[:trust_level_2]
       expect(guardian.can_upload_profile_header?(trust_level_2)).to eq(true)
     end
 
-    it "returns false if the trust level of user does not matches site setting" do
+    it "returns false if the group of user does not matches site setting" do
       guardian = Guardian.new(trust_level_1)
-      SiteSetting.min_trust_level_to_allow_profile_background = 2
+      SiteSetting.profile_background_allowed_groups = Group::AUTO_GROUPS[:trust_level_2]
       expect(guardian.can_upload_profile_header?(trust_level_1)).to eq(false)
     end
   end

diff --git a/spec/services/user_updater_spec.rb b/spec/services/user_updater_spec.rb
@@ -211,11 +211,11 @@
       expect(user.date_of_birth).to eq(date_of_birth.to_date)
     end
 
-    it "allows user to update profile header when the user has required trust level" do
-      user = Fabricate(:user, trust_level: 2)
+    it "allows user to update profile header when the user has required group" do
+      user = Fabricate(:user, trust_level: TrustLevel[2])
       updater = UserUpdater.new(user, user)
       upload = Fabricate(:upload)
-      SiteSetting.min_trust_level_to_allow_profile_background = 2
+      SiteSetting.profile_background_allowed_groups = Group::AUTO_GROUPS[:trust_level_2]
       val = updater.update(profile_background_upload_url: upload.url)
       expect(val).to be_truthy
       user.reload
@@ -226,11 +226,11 @@
       expect(user.profile_background_upload).to eq(nil)
     end
 
-    it "allows user to update user card background when the user has required trust level" do
+    it "allows user to update user card background when the user has required group" do
       user = Fabricate(:user, trust_level: TrustLevel[2])
       updater = UserUpdater.new(user, user)
       upload = Fabricate(:upload)
-      SiteSetting.min_trust_level_to_allow_user_card_background = 2
+      SiteSetting.user_card_background_allowed_groups = Group::AUTO_GROUPS[:trust_level_2]
       val = updater.update(card_background_upload_url: upload.url)
       expect(val).to be_truthy
       user.reload