From ed750cac39a3bb7e94a6f0f0215e52bb994024f3 Mon Sep 17 00:00:00 2001
From: Sam <sam.saffron@gmail.com>
Date: Tue, 29 Mar 2016 17:21:32 +1100
Subject: [PATCH] FIX: if badges are disabled badge pages should 404

---
 app/controllers/badges_controller.rb | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/app/controllers/badges_controller.rb b/app/controllers/badges_controller.rb
index 728a3dbf69f..4b15a7796e6 100644
--- a/app/controllers/badges_controller.rb
+++ b/app/controllers/badges_controller.rb
@@ -2,6 +2,8 @@ class BadgesController < ApplicationController
   skip_before_filter :check_xhr, only: [:index, :show]
 
   def index
+    raise Discourse::NotFound unless SiteSetting.enable_badges
+
     badges = Badge.all
 
     if (params[:only_listable] == "true") || !request.xhr?
@@ -28,6 +30,8 @@ class BadgesController < ApplicationController
   end
 
   def show
+    raise Discourse::NotFound unless SiteSetting.enable_badges
+
     params.require(:id)
     badge = Badge.enabled.find(params[:id])