Merge branch 'develop'

Author: jmgasper

config/vanilla/bootstrap.before.php

@@ -374,8 +374,7 @@ function watchButton($categoryID) {
      * @return bool return true if user has a permission
      */
    function checkGroupPermission($userID,$groupID, $categoryID = null , $permissionCategoryID = null , $permission = null, $fullMatch = true) {
-       $groupModel = new GroupModel();
-       return $groupModel->checkPermission($userID,$groupID, $categoryID,$permissionCategoryID , $permission, $fullMatch);
+       return GroupModel::checkPermission($userID,$groupID, $categoryID,$permissionCategoryID , $permission, $fullMatch);
    }
 }
 

config/vanilla/bootstrap.late.php

@@ -55,4 +55,16 @@
        $CategoryModel->recalculateTree();
        unset($CategoryModel);
     }
+
+
+   // Define some permissions for the Vanilla categories.
+   // FIX: https://github.com/topcoder-platform/forums/issues/373
+   $PermissionModel->define(
+        [
+            'Vanilla.Discussions.Uploads' => 0,
+            'Vanilla.Comments.Uploads' => 0],
+        'tinyint',
+        'Category',
+        'PermissionCategoryID'
+    );
 }

config/vanilla/config.php

@@ -134,7 +134,7 @@
     0 => 'staticcontent/container',
     1 => 'Internal',
 );
-$Configuration['Routes']['DefaultController'] = 'discussions';
+$Configuration['Routes']['DefaultController'] = 'categories';
 $Configuration['Routes']['XmZpbGVzdGFjaygvLiopPyQ='] = array (
     0 => 'vanilla/filestack$1',
     1 => 'Internal',
@@ -144,7 +144,10 @@
 $Configuration['Vanilla']['SSO']['Debug'] = true;
 $Configuration['Vanilla']['Activity']['ShowDiscussionBody'] = true;
 $Configuration['Vanilla']['Activity']['ShowCommentBody'] = true;
-$Configuration['Vanilla']['EnableCategoryFollowing'] = true;
+// Show 'My Discussions' in the left nav
+$Configuration['Vanilla']['Discussions']['ShowMineTab'] = false;
+// Allow users to follow categories. Users will be able to see a feed of discussions of only their followed categories.
+$Configuration['Vanilla']['EnableCategoryFollowing'] = false;
 $Configuration['Vanilla']['Version'] = '3.0';
 
 
@@ -193,7 +196,7 @@
 $Configuration['Vanilla']['Comment']['MinLength'] = 2;
 
 // File handling.
-$Configuration['Garden']['Upload']['MaxFileSize'] = '5M';
+$Configuration['Garden']['Upload']['MaxFileSize'] = '50M';
 $Configuration['Garden']['Upload']['AllowedFileExtensions'] = [
     'txt', 'jpg', 'jpeg', 'gif', 'png', 'bmp', 'tiff', 'ico', 'zip', 'gz', 'tar.gz', 'tgz', 'psd', 'ai', 'pdf', 'doc', 'xls', 'ppt', 'docx', 'xlsx', 'pptx', 'log', 'rar', '7z', 'xml', 'json'
 ];

vanilla/applications/dashboard/controllers/api/MediaApiController.php

@@ -364,12 +364,6 @@ public function patch_attachment(int $id, array $body): array {
      * @return array
      */
     public function post(array $body) {
-        if(!Gdn::session()->checkPermission('Garden.Uploads.Add')) {
-            throw new ClientException('You don\'t have permission to upload files', 403);
-        }
-
-        //$this->permission('Garden.Uploads.Add');
-
         $allowedExtensions = $this->config->get('Garden.Upload.AllowedFileExtensions', []);
         $uploadSchema = new UploadedFileSchema([
             UploadedFileSchema::OPTION_ALLOWED_EXTENSIONS => $allowedExtensions,
@@ -380,10 +374,69 @@ public function post(array $body) {
 
         $in = $this->schema([
             'file' => $uploadSchema,
+            'categoryID:i?' => "CategoryID",
+            'discussionID:i?' => "DiscussionID",
+            'commentID:i?' => "CommentID",
+            'actionType:s?' => "ActionType"
         ], 'in')->setDescription('Add a media item.');
-        $out = $this->schema($this->fullSchema(), 'out');
-
         $body = $in->validate($body);
+        $categoryID = $body['categoryID'];
+        $discussionID = $body['discussionID'];
+        $commentID = $body['commentID'];
+        $actionType = $body['actionType'];
+
+        if(!$categoryID && !$discussionID && !Gdn::session()->checkPermission('Garden.Uploads.Add')) {
+             throw new ClientException("You don't have permission to upload files", 403);
+        }
+
+        if(!Gdn::session()->checkPermission('Garden.Uploads.Add')) {
+            switch ($actionType) {
+                case 'NewDiscussion':
+                    if(!$categoryID) {
+                        throw new ClientException("You don't have permission to upload files", 403);
+                    }
+                    $permissionCategory = CategoryModel::permissionCategory($categoryID);
+                    $discussionsUploads = CategoryModel::checkPermission($permissionCategory, 'Vanilla.Discussions.Uploads');
+                    if(!$discussionsUploads) {
+                        throw new ClientException("You don't have permission to upload files", 403);
+                    }
+                    break;
+                case 'EditDiscussion':
+                    $discussionModel = new DiscussionModel();
+                    $discussion =  $discussionModel->getID($discussionID);
+                    if (!$discussion) {
+                        throw new NotFoundException('Discussion');
+                    }
+                    $categoryID = val('CategoryID', $discussion, false);
+                    $permissionCategory = CategoryModel::permissionCategory($categoryID);
+                    $discussionsUploads = CategoryModel::checkPermission($permissionCategory, 'Vanilla.Discussions.Uploads');
+                    if(!$discussionsUploads) {
+                        throw new ClientException("You don't have permission to upload files", 403);
+                    }
+                    break;
+                case 'NewComment':
+                case 'EditComment':
+                    $discussionModel = new DiscussionModel();
+                    $discussion =  $discussionModel->getID($discussionID);
+                    if (!$discussion) {
+                        throw new NotFoundException('Discussion');
+                    }
+
+                    $categoryID = val('CategoryID', $discussion, false);
+                    $permissionCategory = CategoryModel::permissionCategory($categoryID);
+                    $commentsUploads =  CategoryModel::checkPermission($permissionCategory, 'Vanilla.Comments.Uploads');
+                    // No permissions
+                    if(!$commentsUploads) {
+                        throw new ClientException("You don't have permission to upload files", 403);
+                    }
+                    break;
+                default:
+                    throw new ClientException("You don't have permission to upload files", 403);
+            }
+
+        }
+
+        $out = $this->schema($this->fullSchema(), 'out');
 
         $imageExtensions = array_keys(ImageResizer::getExtType());
         /** @var UploadedFile $file */

vanilla/applications/dashboard/controllers/class.searchcontroller.php

@@ -58,9 +58,9 @@ public function initialize() {
         $this->addCssFile('style.css');
         $this->addCssFile('vanillicon.css', 'static');
         $this->addModule('GuestModule');
-        $this->addModule('NewDiscussionModule');
+        //$this->addModule('NewDiscussionModule');
         $this->addModule('DiscussionFilterModule');
-        $this->addModule('CategoriesModule');
+        //$this->addModule('CategoriesModule');
         $this->addModule('BookmarkedModule');
         parent::initialize();
         $this->setData('Breadcrumbs', [['Name' => t('Search'), 'Url' => '/search']]);

vanilla/applications/dashboard/modules/class.guestmodule.php

@@ -0,0 +1,58 @@
+<?php
+/**
+ * Guest module.
+ *
+ * @copyright 2009-2019 Vanilla Forums Inc.
+ * @license GPL-2.0-only
+ * @package Dashboard
+ * @since 2.0
+ */
+
+/**
+ * Renders the "You should register or sign in" panel box.
+ */
+class GuestModule extends Gdn_Module {
+
+    /** @var string  */
+    public $MessageCode = 'GuestModule.Message';
+
+    /** @var string  */
+    public $MessageDefault = "Looks like you are new or aren't currently signed in.";
+
+    /**
+     *
+     *
+     * @param string $sender
+     * @param bool $applicationFolder
+     */
+    public function __construct($sender = '', $applicationFolder = false) {
+        if (!$applicationFolder) {
+            $applicationFolder = 'Dashboard';
+        }
+        parent::__construct($sender, $applicationFolder);
+
+        $this->Visible = c('Garden.Modules.ShowGuestModule');
+    }
+
+    /**
+     *
+     *
+     * @return string
+     */
+    public function assetTarget() {
+        return 'Panel';
+    }
+
+    /**
+     * Render.
+     *
+     * @return string
+     */
+    public function toString() {
+        if (!Gdn::session()->isValid()) {
+            return parent::toString();
+        }
+
+        return '';
+    }
+}

vanilla/applications/dashboard/views/modules/guest.php

@@ -0,0 +1,25 @@
+<?php if (!defined('APPLICATION')) exit(); ?>
+<div class="Box GuestBox">
+    <h4><?php echo t('Welcome to Topcoder!'); ?></h4>
+
+    <p><?php echo t($this->MessageCode, $this->MessageDefault); ?></p>
+
+    <p><?php $this->fireEvent('BeforeSignInButton'); ?></p>
+
+    <?php
+    $signInUrl = signInUrl($this->_Sender->SelfUrl);
+
+    if ($signInUrl) {
+        echo '<div class="P">';
+
+        echo anchor(t('Login'), signInUrl($this->_Sender->SelfUrl), 'Button Primary SignIn BigButton'.(signInPopup() ? ' SignInPopup' : ''), ['rel' => 'nofollow']);
+       // $Url = registerUrl($this->_Sender->SelfUrl);
+       // if (!empty($Url)) {
+           // echo ' '.anchor(t('Register', t('Apply for Membership', 'Register')), $Url, 'Button ApplyButton', ['rel' => 'nofollow']);
+        // }
+
+        echo '</div>';
+    }
+    ?>
+    <?php $this->fireEvent('AfterSignInButton'); ?>
+</div>

vanilla/applications/dashboard/views/search/index.php

@@ -0,0 +1,17 @@
+<?php if (!defined('APPLICATION')) exit(); ?>
+    <h1 class="H HomepageTitle">Search</h1>
+    <div class="SearchForm">
+        <?php
+        $Form = $this->Form;
+        echo $Form->open(['action' => url('/search'), 'method' => 'get']),
+        '<div class="SiteSearch InputAndButton">',
+        $Form->textBox('Search', ['aria-label' => t('Enter your search term.'), 'title' => t('Enter your search term.') ]),
+        $Form->button('Search', ['aria-label' => t('Search'), 'Name' => '']),
+        '</div>',
+        $Form->errors(),
+        $Form->close();
+        ?>
+    </div>
+<?php
+$ViewLocation = $this->fetchViewLocation('results');
+include($ViewLocation);