2013-02-05 14:16:51 -05:00
|
|
|
class Admin::SiteSettingsController < Admin::AdminController
|
2017-08-06 21:43:09 -04:00
|
|
|
rescue_from Discourse::InvalidParameters do |e|
|
|
|
|
render_json_error e.message, status: 422
|
|
|
|
end
|
2013-02-05 14:16:51 -05:00
|
|
|
|
|
|
|
def index
|
2015-03-02 12:12:19 -05:00
|
|
|
render_json_dump(site_settings: SiteSetting.all_settings, diags: SiteSetting.diags)
|
2013-02-05 14:16:51 -05:00
|
|
|
end
|
|
|
|
|
2013-02-07 10:45:24 -05:00
|
|
|
def update
|
2014-01-06 07:03:53 -05:00
|
|
|
params.require(:id)
|
|
|
|
id = params[:id]
|
|
|
|
value = params[id]
|
2014-04-08 04:59:48 -04:00
|
|
|
value.strip! if value.is_a?(String)
|
2017-08-06 21:43:09 -04:00
|
|
|
raise_access_hidden_setting(id)
|
2018-11-14 02:03:02 -05:00
|
|
|
|
|
|
|
if SiteSetting.type_supervisor.get_type(id) == :upload
|
|
|
|
value = Upload.get_from_url(value) || ''
|
|
|
|
end
|
|
|
|
|
2017-08-06 21:43:09 -04:00
|
|
|
SiteSetting.set_and_log(id, value, current_user)
|
2017-08-31 00:06:56 -04:00
|
|
|
render body: nil
|
2017-08-06 21:43:09 -04:00
|
|
|
end
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
def raise_access_hidden_setting(id)
|
|
|
|
# note, as of Ruby 2.3 symbols are GC'd so this is considered safe
|
|
|
|
if SiteSetting.hidden_settings.include?(id.to_sym)
|
|
|
|
raise Discourse::InvalidParameters, "You are not allowed to change hidden settings"
|
2014-06-09 15:17:36 -04:00
|
|
|
end
|
2013-02-07 10:45:24 -05:00
|
|
|
end
|
2013-02-05 14:16:51 -05:00
|
|
|
|
|
|
|
end
|