mirror of
https://github.com/discourse/discourse.git
synced 2024-11-23 08:53:41 +08:00
57a3d4e0d2
In some restricted setups all JS payloads need tight control. This setting bans admins from making changes to JS on the site and requires all themes be whitelisted to be used. There are edge cases we still need to work through in this mode hence this is still not supported in production and experimental. Use an example like this to enable: `DISCOURSE_WHITELISTED_THEME_REPOS="https://repo.com/repo.git,https://repo.com/repo2.git"` By default this feature is not enabled and no changes are made. One exception is that default theme id was missing a security check this was added for correctness.
77 lines
2.0 KiB
Ruby
77 lines
2.0 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
require 'yaml'
|
|
|
|
#
|
|
# 2 different formats are accepted:
|
|
#
|
|
# == JSON format
|
|
#
|
|
# bin/rake themes:install -- '--{"discourse-something": "https://github.com/discourse/discourse-something"}'
|
|
# OR
|
|
# bin/rake themes:install -- '--{"discourse-something": {"url": "https://github.com/discourse/discourse-something", default: true}}'
|
|
#
|
|
# == YAML file formats
|
|
#
|
|
# theme_name: https://github.com/example/theme.git
|
|
# OR
|
|
# theme_name:
|
|
# url: https://github.com/example/theme_name.git
|
|
# branch: "master"
|
|
# private_key: ""
|
|
# default: false
|
|
# add_to_all_themes: false # only for components - install on every theme
|
|
#
|
|
# In the first form, only the url is required.
|
|
#
|
|
desc "Install themes & theme components"
|
|
task "themes:install" => :environment do |task, args|
|
|
theme_args = (STDIN.tty?) ? '' : STDIN.read
|
|
use_json = theme_args == ''
|
|
|
|
theme_args = begin
|
|
use_json ? JSON.parse(ARGV.last.gsub('--', '')) : YAML::load(theme_args)
|
|
rescue
|
|
puts use_json ? "Invalid JSON input. \n#{ARGV.last}" : "Invalid YML: \n#{theme_args}"
|
|
exit 1
|
|
end
|
|
|
|
log, counts = ThemesInstallTask.install(theme_args)
|
|
|
|
puts log
|
|
|
|
puts
|
|
puts "Results:"
|
|
puts " Installed: #{counts[:installed]}"
|
|
puts " Updated: #{counts[:updated]}"
|
|
puts " Errors: #{counts[:errors]}"
|
|
|
|
if counts[:errors] > 0
|
|
exit 1
|
|
end
|
|
end
|
|
|
|
desc "List all the installed themes on the site"
|
|
task "themes:audit" => :environment do
|
|
components = Set.new
|
|
puts "Selectable themes"
|
|
puts "-----------------"
|
|
|
|
Theme.where("(enabled OR user_selectable) AND NOT component").each do |theme|
|
|
puts theme.remote_theme&.remote_url || theme.name
|
|
theme.child_themes.each do |child|
|
|
if child.enabled
|
|
repo = child.remote_theme&.remote_url || child.name
|
|
components << repo
|
|
end
|
|
end
|
|
end
|
|
|
|
puts
|
|
puts "Selectable components"
|
|
puts "---------------------"
|
|
components.each do |repo|
|
|
puts repo
|
|
end
|
|
end
|