diff --git a/lib/philomena_web/controllers/image/comment_controller.ex b/lib/philomena_web/controllers/image/comment_controller.ex index 1348bbd6..5d443903 100644 --- a/lib/philomena_web/controllers/image/comment_controller.ex +++ b/lib/philomena_web/controllers/image/comment_controller.ex @@ -16,7 +16,12 @@ defmodule PhilomenaWeb.Image.CommentController do edit: :create_comment, update: :create_comment - plug :load_and_authorize_resource, model: Image, id_name: "image_id", persisted: true, preload: [:tags] + plug :load_and_authorize_resource, + model: Image, + id_name: "image_id", + persisted: true, + preload: [:tags] + plug :verify_authorized when action in [:show] plug PhilomenaWeb.FilterForcedUsersPlug when action in [:create, :edit, :update] diff --git a/lib/philomena_web/controllers/image/fave_controller.ex b/lib/philomena_web/controllers/image/fave_controller.ex index 033f1f27..26c2fb8f 100644 --- a/lib/philomena_web/controllers/image/fave_controller.ex +++ b/lib/philomena_web/controllers/image/fave_controller.ex @@ -8,7 +8,13 @@ defmodule PhilomenaWeb.Image.FaveController do plug PhilomenaWeb.FilterBannedUsersPlug plug PhilomenaWeb.CanaryMapPlug, create: :vote, delete: :vote - plug :load_and_authorize_resource, model: Image, id_name: "image_id", persisted: true, preload: [:tags] + + plug :load_and_authorize_resource, + model: Image, + id_name: "image_id", + persisted: true, + preload: [:tags] + plug PhilomenaWeb.FilterForcedUsersPlug def create(conn, _params) do diff --git a/lib/philomena_web/controllers/image/vote_controller.ex b/lib/philomena_web/controllers/image/vote_controller.ex index 8b39748a..53275371 100644 --- a/lib/philomena_web/controllers/image/vote_controller.ex +++ b/lib/philomena_web/controllers/image/vote_controller.ex @@ -8,7 +8,13 @@ defmodule PhilomenaWeb.Image.VoteController do plug PhilomenaWeb.FilterBannedUsersPlug plug PhilomenaWeb.CanaryMapPlug, create: :vote, delete: :vote - plug :load_and_authorize_resource, model: Image, id_name: "image_id", persisted: true, preload: [:tags] + + plug :load_and_authorize_resource, + model: Image, + id_name: "image_id", + persisted: true, + preload: [:tags] + plug PhilomenaWeb.FilterForcedUsersPlug def create(conn, params) do diff --git a/lib/philomena_web/controllers/staff_controller.ex b/lib/philomena_web/controllers/staff_controller.ex index fbda82cb..43c0645b 100644 --- a/lib/philomena_web/controllers/staff_controller.ex +++ b/lib/philomena_web/controllers/staff_controller.ex @@ -22,8 +22,17 @@ defmodule PhilomenaWeb.StaffController do "Public Relations": Enum.filter(users, &(&1.role != "admin" and &1.secondary_role == "Public Relations")), Moderators: - Enum.filter(users, &(&1.role == "moderator" and &1.secondary_role in [nil, ""] and &1.hide_default_role == false)), - Assistants: Enum.filter(users, &(&1.role == "assistant" and &1.secondary_role in [nil, ""] and &1.hide_default_role == false)) + Enum.filter( + users, + &(&1.role == "moderator" and &1.secondary_role in [nil, ""] and + &1.hide_default_role == false) + ), + Assistants: + Enum.filter( + users, + &(&1.role == "assistant" and &1.secondary_role in [nil, ""] and + &1.hide_default_role == false) + ) ] render(conn, "index.html", title: "Site Staff", categories: categories) diff --git a/lib/philomena_web/plugs/filter_forced_users_plug.ex b/lib/philomena_web/plugs/filter_forced_users_plug.ex index 6a102e90..17d1886c 100644 --- a/lib/philomena_web/plugs/filter_forced_users_plug.ex +++ b/lib/philomena_web/plugs/filter_forced_users_plug.ex @@ -9,7 +9,7 @@ defmodule PhilomenaWeb.FilterForcedUsersPlug do alias Philomena.Search.String, as: SearchString alias Philomena.Search.Evaluator alias Philomena.Images.Query - alias PhilomenaWeb.ImageView + alias PhilomenaWeb.ImageView def init(_opts) do [] @@ -20,11 +20,13 @@ defmodule PhilomenaWeb.FilterForcedUsersPlug do end defp maybe_fetch_forced(conn, nil), do: conn + defp maybe_fetch_forced(conn, forced) do maybe_halt(conn, matches_filter?(conn.assigns.current_user, conn.assigns.image, forced)) end defp maybe_halt(conn, false), do: conn + defp maybe_halt(conn, true) do conn |> put_flash(:error, "You have been blocked from performing this action on this image.") diff --git a/lib/philomena_web/plugs/image_filter_plug.ex b/lib/philomena_web/plugs/image_filter_plug.ex index 4a960a4a..24351e12 100644 --- a/lib/philomena_web/plugs/image_filter_plug.ex +++ b/lib/philomena_web/plugs/image_filter_plug.ex @@ -16,6 +16,7 @@ defmodule PhilomenaWeb.ImageFilterPlug do tag_exclusion = %{terms: %{tag_ids: filter.hidden_tag_ids ++ forced.hidden_tag_ids}} query_spoiler = invalid_filter_guard(user, filter.spoilered_complex_str) + query_exclusion = %{ bool: %{ should: [ diff --git a/lib/philomena_web/router.ex b/lib/philomena_web/router.ex index 615a8b74..129f3ab6 100644 --- a/lib/philomena_web/router.ex +++ b/lib/philomena_web/router.ex @@ -366,7 +366,10 @@ defmodule PhilomenaWeb.Router do resources "/downvotes", User.DownvoteController, only: [:delete], singleton: true resources "/votes", User.VoteController, only: [:delete], singleton: true resources "/wipe", User.WipeController, only: [:create], singleton: true - resources "/force_filter", User.ForceFilterController, only: [:new, :create, :delete], singleton: true + + resources "/force_filter", User.ForceFilterController, + only: [:new, :create, :delete], + singleton: true end resources "/batch/tags", Batch.TagController, only: [:update], singleton: true