2024-10-18 17:13:34 +08:00
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
class SiteSetting::Update
|
|
|
|
include Service::Base
|
|
|
|
|
DEV: Provide user input to services using `params` key
Currently in services, we don’t make a distinction between input
parameters, options and dependencies.
This can lead to user input modifying the service behavior, whereas it
was not the developer intention.
This patch addresses the issue by changing how data is provided to
services:
- `params` is now used to hold all data coming from outside (typically
user input from a controller) and a contract will take its values from
`params`.
- `options` is a new key to provide options to a service. This typically
allows changing a service behavior at runtime. It is, of course,
totally optional.
- `dependencies` is actually anything else provided to the service (like
`guardian`) and available directly from the context object.
The `service_params` helper in controllers has been updated to reflect
those changes, so most of the existing services didn’t need specific
changes.
The options block has the same DSL as contracts, as it’s also based on
`ActiveModel`. There aren’t any validations, though. Here’s an example:
```ruby
options do
attribute :allow_changing_hidden, :boolean, default: false
end
```
And here’s an example of how to call a service with the new keys:
```ruby
MyService.call(params: { key1: value1, … }, options: { my_option: true }, guardian:, …)
```
2024-10-18 23:45:47 +08:00
|
|
|
options { attribute :allow_changing_hidden, :boolean, default: false }
|
|
|
|
|
2024-10-18 17:13:34 +08:00
|
|
|
policy :current_user_is_admin
|
|
|
|
contract do
|
|
|
|
attribute :setting_name
|
|
|
|
attribute :new_value
|
|
|
|
|
|
|
|
before_validation do
|
|
|
|
self.setting_name = setting_name&.to_sym
|
|
|
|
self.new_value = new_value.to_s.strip
|
|
|
|
end
|
|
|
|
|
|
|
|
validates :setting_name, presence: true
|
|
|
|
|
|
|
|
after_validation do
|
|
|
|
next if setting_name.blank?
|
|
|
|
self.new_value =
|
|
|
|
case SiteSetting.type_supervisor.get_type(setting_name)
|
|
|
|
when :integer
|
|
|
|
new_value.tr("^-0-9", "").to_i
|
|
|
|
when :file_size_restriction
|
|
|
|
new_value.tr("^0-9", "").to_i
|
|
|
|
when :uploaded_image_list
|
|
|
|
new_value.blank? ? "" : Upload.get_from_urls(new_value.split("|")).to_a
|
|
|
|
when :upload
|
|
|
|
Upload.get_from_url(new_value) || ""
|
|
|
|
else
|
|
|
|
new_value
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
policy :setting_is_visible
|
|
|
|
policy :setting_is_configurable
|
|
|
|
step :save
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def current_user_is_admin(guardian:)
|
|
|
|
guardian.is_admin?
|
|
|
|
end
|
|
|
|
|
DEV: Provide user input to services using `params` key
Currently in services, we don’t make a distinction between input
parameters, options and dependencies.
This can lead to user input modifying the service behavior, whereas it
was not the developer intention.
This patch addresses the issue by changing how data is provided to
services:
- `params` is now used to hold all data coming from outside (typically
user input from a controller) and a contract will take its values from
`params`.
- `options` is a new key to provide options to a service. This typically
allows changing a service behavior at runtime. It is, of course,
totally optional.
- `dependencies` is actually anything else provided to the service (like
`guardian`) and available directly from the context object.
The `service_params` helper in controllers has been updated to reflect
those changes, so most of the existing services didn’t need specific
changes.
The options block has the same DSL as contracts, as it’s also based on
`ActiveModel`. There aren’t any validations, though. Here’s an example:
```ruby
options do
attribute :allow_changing_hidden, :boolean, default: false
end
```
And here’s an example of how to call a service with the new keys:
```ruby
MyService.call(params: { key1: value1, … }, options: { my_option: true }, guardian:, …)
```
2024-10-18 23:45:47 +08:00
|
|
|
def setting_is_visible(contract:, options:)
|
|
|
|
options.allow_changing_hidden || !SiteSetting.hidden_settings.include?(contract.setting_name)
|
2024-10-18 17:13:34 +08:00
|
|
|
end
|
|
|
|
|
|
|
|
def setting_is_configurable(contract:)
|
|
|
|
return true if !SiteSetting.plugins[contract.setting_name]
|
|
|
|
|
|
|
|
Discourse.plugins_by_name[SiteSetting.plugins[contract.setting_name]].configurable?
|
|
|
|
end
|
|
|
|
|
|
|
|
def save(contract:, guardian:)
|
|
|
|
SiteSetting.set_and_log(contract.setting_name, contract.new_value, guardian.user)
|
|
|
|
end
|
|
|
|
end
|