Merge pull request #890 from Hylozoic/889-allow-in-public-flag-on-groups

Add allow_in_public column to groups
Hylozoic · Nov 13, 2022 · 20bd64f · 20bd64f
2 parents c1736f4 + 689d21a
commit 20bd64f
Show file tree

Hide file tree

Showing 7 changed files with 53 additions and 21 deletions.
diff --git a/api/controllers/PostController.js b/api/controllers/PostController.js
@@ -44,11 +44,14 @@ const PostController = {
  }
  }))
  .then(stop => stop || createPost(userId, attributes)
- .tap(() => Analytics.track({
- userId,
- event: 'Add Post by Email Form',
- properties: {group: group.get('name')}
- }))
+ .then(post => {
+ Analytics.track({
+ userId,
+ event: 'Add Post by Email Form',
+ properties: {group: group.get('name')}
+ })
+ return post
+ })
  .then(post => res.redirect(Frontend.Route.post(post, group))))
  .catch(res.serverError)
  },

diff --git a/api/graphql/filters.js b/api/graphql/filters.js
@@ -25,6 +25,8 @@ export const groupFilter = userId => relation => {
  // non authenticated queries can only see public groups
  if (!userId) {
  q.where('groups.visibility', Group.Visibility.PUBLIC)
+ // Only show groups that are allowed to be show in public
+ q.andWhere('allow_in_public', true)
  } else {
  // the effect of using `where` like this is to wrap everything within its
  // callback in parentheses -- this is necessary to keep `or` from "leaking"
@@ -38,7 +40,7 @@ export const groupFilter = userId => relation => {
 
  // Can see groups you are a member of...
  q2.whereIn('groups.id', selectIdsForMember)
- // + their parent group
+ // + their parent groups
  q2.orWhereIn('groups.id', parentGroupIds)
  // + child groups that are not hidden, except moderators of a group can see its hidden children
  q2.orWhere(q3 => {
@@ -49,7 +51,11 @@ export const groupFilter = userId => relation => {
  q3.orWhereIn('groups.id', childrenOfModeratedGroupIds)
  })
  // + all public groups
- q2.orWhere('groups.visibility', Group.Visibility.PUBLIC)
+ q2.orWhere(q5 => {
+ q5.where('groups.visibility', Group.Visibility.PUBLIC)
+ // Only show groups that are allowed to be show in public
+ q5.andWhere('allow_in_public', true)
+ })
  })
  }
  })

diff --git a/api/models/Group.js b/api/models/Group.js
@@ -534,7 +534,7 @@ module.exports = bookshelf.Model.extend(merge({
  throw new GraphQLYogaError("A group with that URL slug already exists")
  }
 
- var attrs = defaults(
+ let attrs = defaults(
  pick(data,
  'about_video_uri', 'accessibility', 'avatar_url', 'description', 'slug', 'category',
  'access_code', 'banner_url', 'location_id', 'location', 'group_data_type', 'moderator_descriptor',
@@ -549,6 +549,11 @@ module.exports = bookshelf.Model.extend(merge({
  }
  )
 
+ // XXX: temporary, by default show all farms in public. These can only be created via API right now
+ if (attrs.type === 'farm') {
+ attrs.allow_in_public = true
+ }
+
  // eslint-disable-next-line camelcase
  const access_code = attrs.access_code || await Group.getNewAccessCode()
  const group = new Group(merge(attrs, {

diff --git a/api/models/post/createPost.js b/api/models/post/createPost.js
@@ -3,18 +3,25 @@ import setupPostAttrs from './setupPostAttrs'
 import updateChildren from './updateChildren'
 import { groupRoom, pushToSockets } from '../../services/Websockets'
 
-export default function createPost (userId, params) {
+export default async function createPost (userId, params) {
+ if (params.isPublic) {
+ // Don't allow creating a public post unless at least one of the post's groups has allow_in_public set to true
+ const groups = await Group.query(q => q.whereIn('id', params.group_ids)).fetchAll()
+ const allowedToMakePublic = groups.find(g => g.get('allow_in_public'))
+ if (!allowedToMakePublic) params.isPublic = false
+ }
+
  return setupPostAttrs(userId, merge(Post.newPostAttrs(), params))
- .then(attrs => bookshelf.transaction(transacting =>
- Post.create(attrs, { transacting })
- .tap(post => afterCreatingPost(post, merge(
- pick(params, 'group_ids', 'imageUrl', 'videoUrl', 'docs', 'topicNames', 'memberIds', 'eventInviteeIds', 'imageUrls', 'fileUrls', 'announcement', 'location', 'location_id'),
- {children: params.requests, transacting}
- )))).then(function(inserts) {
- return inserts
- }).catch(function(error) {
- throw error
- })
+  .then(attrs => bookshelf.transaction(transacting =>
+  Post.create(attrs, { transacting })
+  .tap(post => afterCreatingPost(post, merge(
+  pick(params, 'group_ids', 'imageUrl', 'videoUrl', 'docs', 'topicNames', 'memberIds', 'eventInviteeIds', 'imageUrls', 'fileUrls', 'announcement', 'location', 'location_id'),
+  {children: params.requests, transacting}
+  )))).then(function(inserts) {
+  return inserts
+  }).catch(function(error) {
+  throw error
+  })
  )
 }
 

diff --git a/api/models/post/setupPostAttrs.js b/api/models/post/setupPostAttrs.js
@@ -4,7 +4,6 @@ import { getOr } from 'lodash/fp'
 export default function setupPostAttrs (userId, params) {
  const attrs = merge({
  user_id: userId,
- visibility: params.public ? Post.Visibility.PUBLIC_READABLE : Post.Visibility.DEFAULT,
  link_preview_id: params.link_preview_id || getOr(null, 'id', params.linkPreview),
  parent_post_id: params.parent_post_id,
  updated_at: new Date(),

diff --git a/migrations/20221110125837_show-in-public-flag-to-groups.js b/migrations/20221110125837_show-in-public-flag-to-groups.js
@@ -0,0 +1,11 @@
+exports.up = function (knex) {
+ return knex.schema.table('groups', table => {
+ table.boolean('allow_in_public').defaultTo(false)
+ })
+}
+
+exports.down = function (knex) {
+ return knex.schema.table('groups', table => {
+ table.dropColumn('allow_in_public')
+ })
+}
diff --git a/migrations/schema.sql b/migrations/schema.sql
@@ -1042,7 +1042,8 @@ CREATE TABLE public.groups (
  type_descriptor_plural character varying(255) DEFAULT NULL::character varying,
  moderator_descriptor character varying(255) DEFAULT NULL::character varying,
  moderator_descriptor_plural character varying(255) DEFAULT NULL::character varying,
- about_video_uri character varying(255)
+ about_video_uri character varying(255),
+ allow_in_public boolean DEFAULT false
 );