mirror of
https://github.com/discourse/discourse.git
synced 2024-11-26 04:56:18 +08:00
FEATURE: Allow API requests to specify the DISCOURSE_VISIBLE
header
This allows API consumers to automatically update the user's last_seen time. The default behaviour is unchanged.
This commit is contained in:
parent
a37181ab30
commit
af86cf46dc
|
@ -249,10 +249,10 @@ class Auth::DefaultCurrentUserProvider
|
|||
def should_update_last_seen?
|
||||
return false if Discourse.pg_readonly_mode?
|
||||
|
||||
if @request.xhr?
|
||||
api = !!(@env[API_KEY_ENV]) || !!(@env[USER_API_KEY_ENV])
|
||||
|
||||
if @request.xhr? || api
|
||||
@env["HTTP_DISCOURSE_VISIBLE".freeze] == "true".freeze
|
||||
elsif !!(@env[API_KEY_ENV]) || !!(@env[USER_API_KEY_ENV])
|
||||
false
|
||||
else
|
||||
true
|
||||
end
|
||||
|
|
|
@ -365,13 +365,6 @@ describe Auth::DefaultCurrentUserProvider do
|
|||
|
||||
end
|
||||
|
||||
it "should not update last seen for ajax calls without Discourse-Visible header" do
|
||||
expect(provider("/topic/anything/goes",
|
||||
:method => "POST",
|
||||
"HTTP_X_REQUESTED_WITH" => "XMLHttpRequest"
|
||||
).should_update_last_seen?).to eq(false)
|
||||
end
|
||||
|
||||
describe "#current_user" do
|
||||
let(:user) { Fabricate(:user) }
|
||||
|
||||
|
@ -426,6 +419,11 @@ describe Auth::DefaultCurrentUserProvider do
|
|||
end
|
||||
end
|
||||
|
||||
it "should update last seen for non ajax" do
|
||||
expect(provider("/topic/anything/goes", method: "POST").should_update_last_seen?).to eq(true)
|
||||
expect(provider("/topic/anything/goes", method: "GET").should_update_last_seen?).to eq(true)
|
||||
end
|
||||
|
||||
it "should update ajax reqs with discourse visible" do
|
||||
expect(provider("/topic/anything/goes",
|
||||
:method => "POST",
|
||||
|
@ -434,9 +432,23 @@ describe Auth::DefaultCurrentUserProvider do
|
|||
).should_update_last_seen?).to eq(true)
|
||||
end
|
||||
|
||||
it "should update last seen for non ajax" do
|
||||
expect(provider("/topic/anything/goes", method: "POST").should_update_last_seen?).to eq(true)
|
||||
expect(provider("/topic/anything/goes", method: "GET").should_update_last_seen?).to eq(true)
|
||||
it "should not update last seen for ajax calls without Discourse-Visible header" do
|
||||
expect(provider("/topic/anything/goes",
|
||||
:method => "POST",
|
||||
"HTTP_X_REQUESTED_WITH" => "XMLHttpRequest"
|
||||
).should_update_last_seen?).to eq(false)
|
||||
end
|
||||
|
||||
it "should update last seen for API calls with Discourse-Visible header" do
|
||||
user = Fabricate(:user)
|
||||
ApiKey.create!(key: "hello", user_id: user.id, created_by_id: -1)
|
||||
params = { :method => "POST",
|
||||
"HTTP_X_REQUESTED_WITH" => "XMLHttpRequest",
|
||||
"HTTP_API_KEY" => "hello"
|
||||
}
|
||||
|
||||
expect(provider("/topic/anything/goes", params).should_update_last_seen?).to eq(false)
|
||||
expect(provider("/topic/anything/goes", params.merge("HTTP_DISCOURSE_VISIBLE" => "true")).should_update_last_seen?).to eq(true)
|
||||
end
|
||||
|
||||
it "correctly rotates tokens" do
|
||||
|
|
Loading…
Reference in New Issue
Block a user