mirror of
https://github.com/discourse/discourse.git
synced 2025-01-18 14:52:46 +08:00
e9ebadb414
Secure all messages triggered by post creation and all user actions so they don't leak (meaning, if you have a browser open and secure topics are created you will only get them if you are allowed to see them)
40 lines
1.0 KiB
Ruby
40 lines
1.0 KiB
Ruby
MessageBus.site_id_lookup do
|
|
RailsMultisite::ConnectionManagement.current_db
|
|
end
|
|
|
|
MessageBus.user_id_lookup do |env|
|
|
user = CurrentUser.lookup_from_env(env)
|
|
user.id if user
|
|
end
|
|
|
|
MessageBus.group_ids_lookup do |env|
|
|
user = CurrentUser.lookup_from_env(env)
|
|
user.groups.select('groups.id').map{|g| g.id} if user
|
|
end
|
|
|
|
MessageBus.on_connect do |site_id|
|
|
RailsMultisite::ConnectionManagement.establish_connection(db: site_id)
|
|
end
|
|
|
|
MessageBus.on_disconnect do |site_id|
|
|
ActiveRecord::Base.connection_handler.clear_active_connections!
|
|
end
|
|
|
|
# Point at our redis
|
|
MessageBus.redis_config = YAML.load(ERB.new(File.new("#{Rails.root}/config/redis.yml").read).result)[Rails.env].symbolize_keys
|
|
|
|
MessageBus.long_polling_enabled = SiteSetting.enable_long_polling
|
|
MessageBus.long_polling_interval = SiteSetting.long_polling_interval
|
|
|
|
MessageBus.is_admin_lookup do |env|
|
|
user = CurrentUser.lookup_from_env(env)
|
|
if user && user.admin
|
|
true
|
|
else
|
|
false
|
|
end
|
|
end
|
|
|
|
MessageBus.cache_assets = !Rails.env.development?
|
|
MessageBus.enable_diagnostics
|