From 2d88cd2578d0884e36d23bbacb33ed2423a77c01 Mon Sep 17 00:00:00 2001
From: lynnfaraday <lynn@wordsmyth.org>
Date: Sat, 28 Apr 2018 09:36:18 -0400
Subject: [PATCH] Wiki permission tweaks.

---
 plugins/website/web/edit_wiki_page_handler.rb |  2 +-
 plugins/website/web/get_wiki_page_handler.rb  | 10 ++++++----
 plugins/website/web_helpers.rb                |  4 ++++
 3 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/plugins/website/web/edit_wiki_page_handler.rb b/plugins/website/web/edit_wiki_page_handler.rb
index feb56567d5..872ffa1638 100644
--- a/plugins/website/web/edit_wiki_page_handler.rb
+++ b/plugins/website/web/edit_wiki_page_handler.rb
@@ -18,7 +18,7 @@ def handle(request)
           return { error: t('webportal.not_found') }
         end
         
-        if ((WebHelpers.is_restricted_wiki_page?(page) && !enactor.is_admin?) ||
+        if ((WebHelpers.is_restricted_wiki_page?(page) && !WebHelpers.can_manage_wiki?(enactor)) ||
           !enactor.is_approved?)
           return { error: t('dispatcher.not_allowed') }
         end
diff --git a/plugins/website/web/get_wiki_page_handler.rb b/plugins/website/web/get_wiki_page_handler.rb
index e242d31ae5..8b6a95461b 100644
--- a/plugins/website/web/get_wiki_page_handler.rb
+++ b/plugins/website/web/get_wiki_page_handler.rb
@@ -23,7 +23,7 @@ def handle(request)
         lock_info = page.get_lock_info(enactor)
         restricted_page = WebHelpers.is_restricted_wiki_page?(page)
         if (edit_mode)
-          if (restricted_page && !enactor.is_admin?)
+          if (restricted_page && !WebHelpers.can_manage_wiki?(enactor))
             return { error: t('dispatcher.not_allowed') }
           end
           if (!lock_info)
@@ -34,7 +34,9 @@ def handle(request)
         else
           text = WebHelpers.format_markdown_for_html page.text
         end
-            
+        
+        can_edit = enactor && enactor.is_approved? && !lock_info && ( WebHelpers.can_manage_wiki?(enactor) || !restricted_page )
+                    
         {
           id: page.id,
           heading: page.heading,
@@ -44,9 +46,9 @@ def handle(request)
           tags: page.tags,
           lock_info: lock_info,
           can_delete: enactor && enactor.is_admin? && !restricted_page,
-          can_edit: enactor && enactor.is_approved? && !lock_info && ( enactor.is_admin? || !restricted_page ),
+          can_edit: can_edit,
           current_version_id: page.current_version.id,
-          can_change_name: !WebHelpers.is_restricted_wiki_page?(page)
+          can_change_name: can_edit
         }
       end
     end
diff --git a/plugins/website/web_helpers.rb b/plugins/website/web_helpers.rb
index 341eb5a503..06db88f9e6 100644
--- a/plugins/website/web_helpers.rb
+++ b/plugins/website/web_helpers.rb
@@ -14,6 +14,10 @@ def self.is_restricted_wiki_page?(page)
       restricted_pages = Global.read_config("website", "restricted_pages") || ['home']
       restricted_pages.map { |p| WikiPage.sanitize_page_name(p.downcase) }.include?(page.name.downcase)
     end
+    
+    def self.can_manage_wiki?(actor)
+      actor && actor.has_permission?("manage_wiki")
+    end
       
     def self.format_output_for_html(output)
       return nil if !output