From 2cb304100c678df824399c682a801d338792873f Mon Sep 17 00:00:00 2001
From: natsutteatsuiyone <natsutteatsuiyone@gmail.com>
Date: Tue, 8 Nov 2022 06:47:42 +0900
Subject: [PATCH] fix: Page Rules based on Tag Matches do not work for comment
 permissions (#5819)

---
 server/graph/resolvers/comment.js | 15 ++++++++++++---
 server/models/comments.js         |  9 ++++++---
 2 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/server/graph/resolvers/comment.js b/server/graph/resolvers/comment.js
index ff30b55c..1c894943 100644
--- a/server/graph/resolvers/comment.js
+++ b/server/graph/resolvers/comment.js
@@ -40,9 +40,13 @@ module.exports = {
      * Fetch list of comments for a page
      */
     async list (obj, args, context) {
-      const page = await WIKI.models.pages.query().select('id').findOne({ localeCode: args.locale, path: args.path })
+      const page = await WIKI.models.pages.query().select('pages.id').findOne({ localeCode: args.locale, path: args.path })
+        .withGraphJoined('tags')
+        .modifyGraph('tags', builder => {
+          builder.select('tag')
+        })
       if (page) {
-        if (WIKI.auth.checkAccess(context.req.user, ['read:comments'], args)) {
+        if (WIKI.auth.checkAccess(context.req.user, ['read:comments'], { tags: page.tags, ...args })) {
           const comments = await WIKI.models.comments.query().where('pageId', page.id).orderBy('createdAt')
           return comments.map(c => ({
             ...c,
@@ -66,10 +70,15 @@ module.exports = {
         throw new WIKI.Error.CommentNotFound()
       }
       const page = await WIKI.models.pages.query().select('localeCode', 'path').findById(cm.pageId)
+        .withGraphJoined('tags')
+        .modifyGraph('tags', builder => {
+          builder.select('tag')
+        })
       if (page) {
         if (WIKI.auth.checkAccess(context.req.user, ['read:comments'], {
           path: page.path,
-          locale: page.localeCode
+          locale: page.localeCode,
+          tags: page.tags
         })) {
           return {
             ...cm,
diff --git a/server/models/comments.js b/server/models/comments.js
index aeaa94db..0ec5f5c9 100644
--- a/server/models/comments.js
+++ b/server/models/comments.js
@@ -99,7 +99,8 @@ module.exports = class Comment extends Model {
     if (page) {
       if (!WIKI.auth.checkAccess(user, ['write:comments'], {
         path: page.path,
-        locale: page.localeCode
+        locale: page.localeCode,
+        tags: page.tags
       })) {
         throw new WIKI.Error.CommentPostForbidden()
       }
@@ -136,7 +137,8 @@ module.exports = class Comment extends Model {
     if (page) {
       if (!WIKI.auth.checkAccess(user, ['manage:comments'], {
         path: page.path,
-        locale: page.localeCode
+        locale: page.localeCode,
+        tags: page.tags
       })) {
         throw new WIKI.Error.CommentManageForbidden()
       }
@@ -169,7 +171,8 @@ module.exports = class Comment extends Model {
     if (page) {
       if (!WIKI.auth.checkAccess(user, ['manage:comments'], {
         path: page.path,
-        locale: page.localeCode
+        locale: page.localeCode,
+        tags: page.tags
       })) {
         throw new WIKI.Error.CommentManageForbidden()
       }