Allow reviewers to reopen comment threads (#23075)

GitOrigin-RevId: 065acf5931213c288dbdcb3bc06da988b094a1f4
2026-05-31 12:51:35 +02:00 · 2025-01-24 14:07:56 +01:00
parent d3d7f948d3
commit faad25646c
4 changed files with 29 additions and 17 deletions
--- a/services/web/app/src/Features/Authorization/AuthorizationManager.js
+++ b/services/web/app/src/Features/Authorization/AuthorizationManager.js
@@ -273,7 +273,7 @@ async function canUserDeleteOrResolveThread(
  return comment.metadata.user_id === userId
 }

-async function canUserSendComment(userId, projectId, token) {
+async function canUserSendOrReopenComment(userId, projectId, token) {
  const privilegeLevel = await getPrivilegeLevelForProject(
    userId,
    projectId,
@@ -289,8 +289,8 @@ async function canUserSendComment(userId, projectId, token) {
 module.exports = {
  canUserReadProject: callbackify(canUserReadProject),
  canUserWriteProjectContent: callbackify(canUserWriteProjectContent),
+  canUserSendOrReopenComment: callbackify(canUserSendOrReopenComment),
  canUserDeleteOrResolveThread: callbackify(canUserDeleteOrResolveThread),
-  canUserSendComment: callbackify(canUserSendComment),
  canUserWriteProjectSettings: callbackify(canUserWriteProjectSettings),
  canUserRenameProject: callbackify(canUserRenameProject),
  canUserAdminProject: callbackify(canUserAdminProject),
@@ -301,8 +301,8 @@ module.exports = {
  promises: {
    canUserReadProject,
    canUserWriteProjectContent,
+    canUserSendOrReopenComment,
    canUserDeleteOrResolveThread,
-    canUserSendComment,
    canUserWriteProjectSettings,
    canUserRenameProject,
    canUserAdminProject,
--- a/services/web/app/src/Features/Authorization/AuthorizationMiddleware.js
+++ b/services/web/app/src/Features/Authorization/AuthorizationMiddleware.js
@@ -132,22 +132,29 @@ async function ensureUserCanDeleteOrResolveThread(req, res, next) {
  return HttpErrorHandler.forbidden(req, res)
 }

-async function ensureUserCanSendComment(req, res, next) {
+async function ensureUserCanSendOrReopenComment(req, res, next) {
  const projectId = _getProjectId(req)
  const userId = _getUserId(req)
  const token = TokenAccessHandler.getRequestToken(req, projectId)

-  const canSendComment = await AuthorizationManager.promises.canUserSendComment(
-    userId,
-    projectId,
-    token
-  )
-  if (canSendComment) {
-    logger.debug({ userId, projectId }, 'allowing user to send a comment')
+  const canSendOrReopenComment =
+    await AuthorizationManager.promises.canUserSendOrReopenComment(
+      userId,
+      projectId,
+      token
+    )
+  if (canSendOrReopenComment) {
+    logger.debug(
+      { userId, projectId },
+      'allowing user to send or reopen a comment'
+    )
    return next()
  }

-  logger.debug({ userId, projectId }, 'denying user to send a comment')
+  logger.debug(
+    { userId, projectId },
+    'denying user to send or reopen a comment'
+  )
  return HttpErrorHandler.forbidden(req, res)
 }

@@ -270,10 +277,12 @@ module.exports = {
  ensureUserCanWriteProjectSettings: expressify(
    ensureUserCanWriteProjectSettings
  ),
+  ensureUserCanSendOrReopenComment: expressify(
+    ensureUserCanSendOrReopenComment
+  ),
  ensureUserCanDeleteOrResolveThread: expressify(
    ensureUserCanDeleteOrResolveThread
  ),
-  ensureUserCanSendComment: expressify(ensureUserCanSendComment),
  ensureUserCanWriteProjectContent: expressify(
    ensureUserCanWriteProjectContent
  ),
--- a/services/web/test/unit/src/Authorization/AuthorizationManagerTests.js
+++ b/services/web/test/unit/src/Authorization/AuthorizationManagerTests.js
@@ -453,7 +453,7 @@ describe('AuthorizationManager', function () {
    tokenReadOnly: true,
  })

-  testPermission('canUserSendComment', {
+  testPermission('canUserSendOrReopenComment', {
    siteAdmin: true,
    owner: true,
    readAndWrite: true,
--- a/services/web/test/unit/src/Authorization/AuthorizationMiddlewareTests.js
+++ b/services/web/test/unit/src/Authorization/AuthorizationMiddlewareTests.js
@@ -25,8 +25,8 @@ describe('AuthorizationMiddleware', function () {
        canUserReadProject: sinon.stub(),
        canUserWriteProjectSettings: sinon.stub(),
        canUserWriteProjectContent: sinon.stub(),
+        canUserSendOrReopenComment: sinon.stub(),
        canUserDeleteOrResolveThread: sinon.stub(),
-        canUserSendComment: sinon.stub(),
        canUserAdminProject: sinon.stub(),
        canUserRenameProject: sinon.stub(),
        isUserSiteAdmin: sinon.stub(),
@@ -86,8 +86,11 @@ describe('AuthorizationMiddleware', function () {
    )
  })

-  describe('ensureUserCanSendComment', function () {
-    testMiddleware('ensureUserCanSendComment', 'canUserSendComment')
+  describe('ensureUserCanSendOrReopenComment', function () {
+    testMiddleware(
+      'ensureUserCanSendOrReopenComment',
+      'canUserSendOrReopenComment'
+    )
  })

  describe('ensureUserCanDeleteOrResolveThread', function () {