mirror of
https://github.com/discourse/discourse.git
synced 2024-11-29 17:04:36 +08:00
FIX: Allowed URLs for API scopes added by plugins (#15662)
This commit is contained in:
parent
2dc0f36e07
commit
688be607c9
|
@ -101,7 +101,14 @@ class ApiKeyScope < ActiveRecord::Base
|
||||||
urls = []
|
urls = []
|
||||||
|
|
||||||
if actions.present?
|
if actions.present?
|
||||||
Rails.application.routes.routes.each do |route|
|
routes = Rails.application.routes.routes.to_a
|
||||||
|
Rails::Engine.descendants.each do |engine|
|
||||||
|
next if engine == Rails::Application # abstract engine, can't call routes on it
|
||||||
|
next if engine == Discourse::Application # equiv. to Rails.application
|
||||||
|
routes.concat(engine.routes.routes.to_a)
|
||||||
|
end
|
||||||
|
|
||||||
|
routes.each do |route|
|
||||||
defaults = route.defaults
|
defaults = route.defaults
|
||||||
action = "#{defaults[:controller].to_s}##{defaults[:action]}"
|
action = "#{defaults[:controller].to_s}##{defaults[:action]}"
|
||||||
path = route.path.spec.to_s.gsub(/\(\.:format\)/, '')
|
path = route.path.spec.to_s.gsub(/\(\.:format\)/, '')
|
||||||
|
|
Loading…
Reference in New Issue
Block a user