Merge pull request #343 from topcoder-platform/issues-311_2

Issues-342, Issues-301, get a list of category view permissions for any user

Author: jmgasper

config/vanilla/bootstrap.before.php

@@ -364,17 +364,18 @@ function watchButton($categoryID) {
 
 if (!function_exists('checkGroupPermission')) {
     /**
-     * Check group permission for the current user
+     * Check group permission for an user
+     * @param $userID
      * @param $groupID
-     * @param null $category
+     * @param null $categoryID
      * @param null $permissionCategoryID
      * @param null $permission null - any permission for a group
      * @param bool $fullMatch
      * @return bool return true if user has a permission
      */
-   function checkGroupPermission($groupID, $category = null , $permissionCategoryID = null , $permission = null, $fullMatch = true) {
+   function checkGroupPermission($userID,$groupID, $categoryID = null , $permissionCategoryID = null , $permission = null, $fullMatch = true) {
        $groupModel = new GroupModel();
-       return $groupModel->checkPermission(Gdn::session()->UserID,$groupID, $category,$permissionCategoryID , $permission, $fullMatch);
+       return $groupModel->checkPermission($userID,$groupID, $categoryID,$permissionCategoryID , $permission, $fullMatch);
    }
 }
 

vanilla/applications/dashboard/models/class.permissionmodel.php

@@ -1477,4 +1477,23 @@ public function getNamespaces() {
     }
 
 
+    // Original: checkPermission from package/library/core/class.session.php works only with signed-in user
+    // In REST API, we need to check permissions for any user, not only current user
+    public static function checkPermission($allUserPermissions, $permission, $fullMatch = true, $junctionTable = '', $junctionID = '') {
+        if ($junctionID === 'any' || $junctionID === '' || empty($junctionTable) ||
+            c("Garden.Permissions.Disabled.{$junctionTable}")) {
+            $junctionID = null;
+        }
+
+        if (is_array($permission)) {
+            if ($fullMatch) {
+                return $allUserPermissions->hasAll($permission, $junctionID);
+            } else {
+                return $allUserPermissions->hasAny($permission, $junctionID);
+            }
+        } else {
+            return $allUserPermissions->has($permission, $junctionID);
+        }
+    }
+
 }

vanilla/applications/vanilla/models/class.categorymodel.php

@@ -889,9 +889,16 @@ public static function filterCategoryPermissions($categoryIDs) {
      * @param int|array|object $category The category to check.
      * @param string|array $permission The permission(s) to check.
      * @param bool $fullMatch Whether or not the permission has to be a full match.
+     * @param null $userID if userID is not set then the current user is used by default
      * @return bool Returns **true** if the current user has the permission or **false** otherwise.
      */
-    public static function checkPermission($category, $permission, $fullMatch = true) {
+    public static function checkPermission($category, $permission, $fullMatch = true, $userID = null) {
+        if(!$userID) {
+           $userID = Gdn::session()->UserID;
+           $userPermissions = Gdn::session()->getPermissions();
+        } else {
+           $userPermissions = Gdn::userModel()->getPermissions($userID);
+        }
         if (is_numeric($category)) {
             $category = static::categories($category);
         }
@@ -906,10 +913,10 @@ public static function checkPermission($category, $permission, $fullMatch = true
         }
 
         if($groupID && $groupID > 0) {
-           $result = checkGroupPermission($groupID, $category, $permissionCategoryID,  $permission, $fullMatch);
+           $result = checkGroupPermission($userID, $groupID, $categoryID, $permissionCategoryID,  $permission, $fullMatch);
         } else {
-           $result = Gdn::session()->checkPermission($permission, $fullMatch, 'Category', $permissionCategoryID)
-                    || Gdn::session()->checkPermission($permission, $fullMatch, 'Category', $categoryID);
+           $result = PermissionModel::checkPermission($userPermissions,$permission, $fullMatch, 'Category', $permissionCategoryID)
+                    || PermissionModel::checkPermission($userPermissions,$permission, $fullMatch, 'Category', $categoryID);
         }
 
         return $result;

vanilla/applications/vanilla/models/class.discussionmodel.php

@@ -2575,7 +2575,7 @@ public function incrementNewDiscussion($discussion) {
 
     /**
      * Update a user's discussion count.
-     *
+     * FIX: https://github.com/topcoder-platform/forums/issues/301
      * @param int $userID The user to calculate.
      * @param bool $inc Whether to increment of recalculate from scratch.
      */
@@ -2596,16 +2596,85 @@ public function updateUserDiscussionCount($userID, $inc = false) {
             }
         }
 
-        $countDiscussions = $this->SQL
-            ->select('DiscussionID', 'count', 'CountDiscussions')
-            ->from('Discussion')
-            ->where('InsertUserID', $userID)
-            ->get()->value('CountDiscussions', 0);
+        // FIX: https://github.com/topcoder-platform/forums/issues/301
+        $discussionModel = new DiscussionModel();
+        $countDiscussions = $discussionModel->getMyDiscussionsCount($userID);
 
         // Save the count to the user table
         Gdn::userModel()->setField($userID, 'CountDiscussions', $countDiscussions);
     }
 
+    // FIX: https://github.com/topcoder-platform/forums/issues/301
+    // Get all Category View Permissions for an user. This method works for any UserID.
+    // We can't use some Vanilla methods due to they are implemented for signed-in user only.
+    // return array|true arrays of CategoryIDs. or true if user has access to all categories
+    private function getCategoryPermissions($userID, $escape = false) {
+        $user = Gdn::userModel()->getID($userID);
+        $isAdmin = val('Admin', $user, false);
+        if ($isAdmin) {
+            $categoryPermissions = true;
+        } elseif (c('Garden.Permissions.Disabled.Category')) {
+            $categoryPermissions = true;
+        } else {
+            // Get Current Tree from cache
+            $categories = CategoryModel::categories();
+
+            // Clone  it to avoid changing category tree for current user
+            $iDs = array_column($categories, 'CategoryID');
+
+            $categoryPermissions = [];
+            // Add User permissions.
+            foreach ($iDs as $cID) {
+                $hasViewPermission = CategoryModel::checkPermission($cID, 'Vanilla.Discussions.View', true, $userID);
+                if ($hasViewPermission) {
+                    $categoryPermissions[] = ($escape ? '@' : '') . $cID;
+                }
+            }
+
+            // Check to see if the user has permission to all categories. This is for speed.
+            $categoryCount = count($categories);
+            if (count($categoryPermissions) == $categoryCount) {
+                $categoryPermissions = true;
+            }
+        }
+        return $categoryPermissions;
+    }
+
+    /**
+     * Calculate count of discussions (respecting user category (group) permissions).
+     * @param $userID
+     * @return array|int|mixed|string|null
+     */
+    public function getMyDiscussionsCount($userID) {
+        // Get permissions.
+        $perms = $this->getCategoryPermissions($userID);
+
+        // No permissions
+        if (!$perms) {
+            return 0;
+        }
+
+        // We have permission to everything.
+        if ($perms === true) {
+            //default query
+            return Gdn::sql()
+                ->select('DiscussionID', 'count', 'CountDiscussions')
+                ->from('Discussion')
+                ->where('InsertUserID', $userID)
+                ->get()->value('CountDiscussions', 0);
+        }
+
+        return Gdn::sql()
+            ->select('d.DiscussionID', 'count', 'CountDiscussions')
+            ->from('Discussion d')
+            ->join('Category c', 'd.CategoryID = c.CategoryID')
+            ->where('c.CategoryID', $perms)
+            ->where('d.InsertUserID', $userID)
+            ->get()
+            ->firstRow()
+            ->CountDiscussions;
+    }
+
     /**
      * Update and get bookmark count for the specified user.
      *

vanilla/applications/vanilla/views/categories/helper_functions.php

@@ -1,4 +1,6 @@
-<?php if (!defined('APPLICATION')) exit();
+<?php use Vanilla\Formatting\DateTimeFormatter;
+
+if (!defined('APPLICATION')) exit();
 
 if (!function_exists('CategoryHeading')):
 
@@ -121,8 +123,9 @@ function mostRecentString($row) {
 
             $r .= '<span class="MostRecentOn">';
             $r .= t('on').' ';
+            $dateFormatted = Gdn::getContainer()->get(DateTimeFormatter::class)->formatDate($lastDate, false, DateTimeFormatter::FORCE_FULL_FORMAT);
             $r .= anchor(
-                Gdn_Format::date( $lastDate, 'html'),
+                $dateFormatted,
                 $row['LastUrl'],
                 'CommentDate');
             $r .= '</span>';

vanilla/applications/vanilla/views/discussions/helper_functions.php

@@ -1,4 +1,6 @@
-<?php if (!defined('APPLICATION')) exit();
+<?php use Vanilla\Formatting\DateTimeFormatter;
+
+if (!defined('APPLICATION')) exit();
 
 if (!function_exists('AdminCheck')) {
     /**
@@ -204,11 +206,13 @@ function writeDiscussion($discussion, $sender, $session) {
                     $sender->fireEvent('AfterCountMeta');
 
                     if ($discussion->LastDiscussionCommentsUserID != '') {
+                        $dateFormatted = Gdn::getContainer()->get(DateTimeFormatter::class)->formatDate($lastDate, false, DateTimeFormatter::FORCE_FULL_FORMAT);
                         echo ' <span class="MItem LastCommentBy">'.sprintf(t('Most recent by %1$s'), userAnchor($last)).'</span> ';
-                        echo ' <span class="MItem LastCommentDate">'.Gdn_Format::date($lastDate, 'html').'</span>';
+                        echo ' <span class="MItem LastCommentDate">'.$dateFormatted.'</span>';
                     } else {
+                        $dateFormatted = Gdn::getContainer()->get(DateTimeFormatter::class)->formatDate($discussion->FirstDate, false, DateTimeFormatter::FORCE_FULL_FORMAT);
                         echo ' <span class="MItem LastCommentBy">'.sprintf(t('Started by %1$s'), userAnchor($first)).'</span> ';
-                        echo ' <span class="MItem LastCommentDate">'.Gdn_Format::date($discussion->FirstDate, 'html');
+                        echo ' <span class="MItem LastCommentDate">'.$dateFormatted;
                         if ($source = val('Source', $discussion)) {
                             echo ' '.sprintf(t('via %s'), t($source.' Source', $source));
                         }