github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2024-11-24 15:08:56 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
0221855ba7
discourse/app/controllers/published_pages_controller.rb
Martin Brennan 8ebd5edd1e
DEV: Rename secure_media to secure_uploads (#18376) 
This commit renames all secure_media related settings to secure_uploads_* along with the associated functionality.

This is being done because "media" does not really cover it, we aren't just doing this for images and videos etc. but for all uploads in the site.

Additionally, in future we want to secure more types of uploads, and enable a kind of "mixed mode" where some uploads are secure and some are not, so keeping media in the name is just confusing.

This also keeps compatibility with the `secure-media-uploads` path, and changes new
secure URLs to be `secure-uploads`.

Deprecated settings:

* secure_media -> secure_uploads
* secure_media_allow_embed_images_in_emails -> secure_uploads_allow_embed_images_in_emails
* secure_media_max_email_embed_image_size_kb -> secure_uploads_max_email_embed_image_size_kb
2022-09-29 09:24:33 +10:00

112 lines
2.6 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
class PublishedPagesController < ApplicationController
skip_before_action :preload_json
skip_before_action :check_xhr, :verify_authenticity_token, only: [:show]
before_action :ensure_publish_enabled
before_action :redirect_to_login_if_required, except: [:show]
def show
params.require(:slug)
pp = PublishedPage.find_by(slug: params[:slug])
raise Discourse::NotFound unless pp
return if enforce_login_required!
if !pp.public
begin
guardian.ensure_can_see!(pp.topic)
rescue Discourse::InvalidAccess => e
return rescue_discourse_actions(
:invalid_access,
403,
include_ember: false,
custom_message: e.custom_message,
group: e.group
)
end
end
@topic = pp.topic
@canonical_url = @topic.url
@logo = SiteSetting.logo_small || SiteSetting.logo
@site_url = Discourse.base_url
@border_color = "#" + ColorScheme.base_colors["tertiary"]
TopicViewItem.add(pp.topic.id, request.remote_ip, current_user ? current_user.id : nil)
@body_classes = Set.new([
'published-page',
params[:slug],
"topic-#{@topic.id}",
@topic.tags.pluck(:name)
].flatten.compact)
if @topic.category
@body_classes << @topic.category.slug
end
render layout: 'publish'
end
def details
pp = PublishedPage.find_by(topic: fetch_topic)
raise Discourse::NotFound if pp.blank?
render_serialized(pp, PublishedPageSerializer)
end
def upsert
pp_params = params.require(:published_page)
result, pp = PublishedPage.publish!(
current_user,
fetch_topic,
pp_params[:slug].strip,
pp_params.permit(:public)
)
json_result(pp, serializer: PublishedPageSerializer) { result }
end
def destroy
PublishedPage.unpublish!(current_user, fetch_topic)
render json: success_json
end
def check_slug
pp = PublishedPage.new(topic: Topic.new, slug: params[:slug].strip)
if pp.valid?
render json: { valid_slug: true }
else
render json: { valid_slug: false, reason: pp.errors.full_messages.first }
end
end
private
def fetch_topic
topic = Topic.find_by(id: params[:topic_id])
guardian.ensure_can_publish_page!(topic)
topic
end
def ensure_publish_enabled
if !SiteSetting.enable_page_publishing? || SiteSetting.secure_uploads
raise Discourse::NotFound
end
end
def enforce_login_required!
if SiteSetting.login_required? &&
!current_user &&
!SiteSetting.show_published_pages_login_required? &&
redirect_to_login
true
end
end
end
Reference in New Issue View Git Blame Copy Permalink