From 9b486da8235eee6ff544db00ffb0cc8ec1bc1787 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 15 Oct 2024 11:49:51 -0400 Subject: [PATCH 1/6] Use status.distributable? in policy (wraps logic) --- app/policies/admin/status_policy.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/policies/admin/status_policy.rb b/app/policies/admin/status_policy.rb index e9379c25ec..228a772c8c 100644 --- a/app/policies/admin/status_policy.rb +++ b/app/policies/admin/status_policy.rb @@ -12,7 +12,7 @@ class Admin::StatusPolicy < ApplicationPolicy end def show? - role.can?(:manage_reports, :manage_users) && (record.public_visibility? || record.unlisted_visibility? || record.reported? || viewable_through_normal_policy?) + role.can?(:manage_reports, :manage_users) && (record.distributable? || record.reported? || viewable_through_normal_policy?) end def destroy? From 9b5d86e751e2349867c96df22637604b4a7cdc63 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 15 Oct 2024 11:51:45 -0400 Subject: [PATCH 2/6] Extract private method to capture conditions of eligibility for status in policy --- app/policies/admin/status_policy.rb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/app/policies/admin/status_policy.rb b/app/policies/admin/status_policy.rb index 228a772c8c..c4ba5c2606 100644 --- a/app/policies/admin/status_policy.rb +++ b/app/policies/admin/status_policy.rb @@ -12,7 +12,7 @@ class Admin::StatusPolicy < ApplicationPolicy end def show? - role.can?(:manage_reports, :manage_users) && (record.distributable? || record.reported? || viewable_through_normal_policy?) + role.can?(:manage_reports, :manage_users) && eligible_to_show? end def destroy? @@ -29,6 +29,10 @@ class Admin::StatusPolicy < ApplicationPolicy private + def eligible_to_show? + record.distributable? || record.reported? || viewable_through_normal_policy? + end + def viewable_through_normal_policy? StatusPolicy.new(current_account, record, @preloaded_relations).show? end From 09970fa3fafee3185b80648540ec7c67a08e4582 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 15 Oct 2024 12:38:21 -0400 Subject: [PATCH 3/6] Extract private method in account warning policy --- app/policies/account_warning_policy.rb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/app/policies/account_warning_policy.rb b/app/policies/account_warning_policy.rb index 4f8df7420e..89df267a5b 100644 --- a/app/policies/account_warning_policy.rb +++ b/app/policies/account_warning_policy.rb @@ -6,11 +6,15 @@ class AccountWarningPolicy < ApplicationPolicy end def appeal? - target? && record.created_at >= Appeal::MAX_STRIKE_AGE.ago + target? && eligible_for_appeal? end private + def eligible_for_appeal? + record.created_at >= Appeal::MAX_STRIKE_AGE.ago + end + def target? record.target_account_id == current_account&.id end From d2460c347b5a58f6d36206d9622a6ce0a57660b8 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 15 Oct 2024 12:38:34 -0400 Subject: [PATCH 4/6] Extract private method in backup policy --- app/policies/backup_policy.rb | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/app/policies/backup_policy.rb b/app/policies/backup_policy.rb index 7a4c5b4347..591b99c8bc 100644 --- a/app/policies/backup_policy.rb +++ b/app/policies/backup_policy.rb @@ -4,6 +4,16 @@ class BackupPolicy < ApplicationPolicy MIN_AGE = 6.days def create? - user_signed_in? && current_user.backups.where(created_at: MIN_AGE.ago..).count.zero? + user_signed_in? && eligible_for_backup? + end + + private + + def eligible_for_backup? + current_user + .backups + .where(created_at: MIN_AGE.ago..) + .count + .zero? end end From 63b8d7dd2350f87e45bf53e4993168a8d9924d27 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 15 Oct 2024 12:38:50 -0400 Subject: [PATCH 5/6] Extract private method in poll policy --- app/policies/poll_policy.rb | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/app/policies/poll_policy.rb b/app/policies/poll_policy.rb index 9d69eb5bb8..4d585b6d94 100644 --- a/app/policies/poll_policy.rb +++ b/app/policies/poll_policy.rb @@ -2,6 +2,16 @@ class PollPolicy < ApplicationPolicy def vote? - StatusPolicy.new(current_account, record.status).show? && !current_account.blocking?(record.account) && !record.account.blocking?(current_account) + viewable_through_normal_policy? && accounts_not_blocking? + end + + private + + def viewable_through_normal_policy? + StatusPolicy.new(current_account, record.status).show? + end + + def accounts_not_blocking? + !current_account.blocking?(record.account) && !record.account.blocking?(current_account) end end From 5c30c34a4ca92f9c288ad8ea9eb890107c93d374 Mon Sep 17 00:00:00 2001 From: Matt Jankowski Date: Tue, 15 Oct 2024 12:39:02 -0400 Subject: [PATCH 6/6] Extract private method in user role policy --- app/policies/user_role_policy.rb | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/app/policies/user_role_policy.rb b/app/policies/user_role_policy.rb index 6144a0ec4a..44b5589581 100644 --- a/app/policies/user_role_policy.rb +++ b/app/policies/user_role_policy.rb @@ -10,10 +10,16 @@ class UserRolePolicy < ApplicationPolicy end def update? - role.can?(:manage_roles) && (role.overrides?(record) || role.id == record.id) + role.can?(:manage_roles) && (role.overrides?(record) || self_editing?) end def destroy? - !record.everyone? && role.can?(:manage_roles) && role.overrides?(record) && role.id != record.id + !record.everyone? && role.can?(:manage_roles) && role.overrides?(record) && !self_editing? + end + + private + + def self_editing? + role.id == record.id end end