FEATURE: Allow group moderators to close/archive topics (PR #10217)

Rename enable_category_group_review to enable_category_group_moderation

GitHub

Do we still need the user and canManageTopic checks here if we can check can_close, can_archive, etc?

Overall this is looking excellent :ok_man: - but I have a could comments and a question.

We needn’t check in these things for other languages - they will be automatically flagged in transifex when the keys change.

Could trust level 4 previously close and archive topics? I didn’t think they could!

I think so. Please double check the following for me.

canManageTopic is true for isStaff or isElder, where isElder is someone with a trust level of 4:

https://github.com/discourse/discourse/blob/33554e5cbc58463190a8257eb3bd8875b4c3479f/app/assets/javascripts/discourse/app/models/user.js#L218

Having canManageTopic exposes many admin options to someone with a trust level of 4:

https://github.com/discourse/discourse/blob/0d6b638dac161980ee39631271fd5b3f00fe9b14/app/assets/javascripts/discourse/app/widgets/topic-admin-menu.js#L133

Many of these actions (ie, pinned pinned_globally visible closed archived) end up hitting TopicsController#status, with the work happening around lines 413-416:

https://github.com/discourse/discourse/blob/0d6b638dac161980ee39631271fd5b3f00fe9b14/app/controllers/topics_controller.rb#L413-L416

which ends up calling the following:

https://github.com/discourse/discourse/blob/33554e5cbc58463190a8257eb3bd8875b4c3479f/lib/guardian.rb#L163-L165

where trust level 4 is checked against.

You’re right, canManageTopic is redundant when used alongside can_close_topic or can_archive_topic. I will remove them.

Well that is very convincing evidence! Thanks for the leg work.