FIX: Do not enable published page if secure media enabled (#11131)
There are issues around displaying images on published pages when secure media is enabled. This PR temporarily makes it appear as if published pages are enabled if secure media is also enabled.
This commit is contained in:
parent
2d4455161b
commit
00c8f520e9
|
@ -92,7 +92,9 @@ private
|
||||||
end
|
end
|
||||||
|
|
||||||
def ensure_publish_enabled
|
def ensure_publish_enabled
|
||||||
raise Discourse::NotFound unless SiteSetting.enable_page_publishing?
|
if !SiteSetting.enable_page_publishing? || SiteSetting.secure_media
|
||||||
|
raise Discourse::NotFound
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
def enforce_login_required!
|
def enforce_login_required!
|
||||||
|
|
|
@ -275,7 +275,10 @@ class TopicViewSerializer < ApplicationSerializer
|
||||||
end
|
end
|
||||||
|
|
||||||
def include_published_page?
|
def include_published_page?
|
||||||
SiteSetting.enable_page_publishing? && scope.is_staff? && object.published_page.present?
|
SiteSetting.enable_page_publishing? &&
|
||||||
|
scope.is_staff? &&
|
||||||
|
object.published_page.present? &&
|
||||||
|
!SiteSetting.secure_media
|
||||||
end
|
end
|
||||||
|
|
||||||
def thumbnails
|
def thumbnails
|
||||||
|
|
|
@ -190,6 +190,7 @@ en:
|
||||||
default_tags_already_selected: "You cannot select a tag used in another list."
|
default_tags_already_selected: "You cannot select a tag used in another list."
|
||||||
s3_upload_bucket_is_required: "You cannot enable uploads to S3 unless you've provided the 's3_upload_bucket'."
|
s3_upload_bucket_is_required: "You cannot enable uploads to S3 unless you've provided the 's3_upload_bucket'."
|
||||||
enable_s3_uploads_is_required: "You cannot enable inventory to S3 unless you've enabled the S3 uploads."
|
enable_s3_uploads_is_required: "You cannot enable inventory to S3 unless you've enabled the S3 uploads."
|
||||||
|
page_publishing_requirements: "Page publishing cannot be enabled if secure media is enabled."
|
||||||
s3_backup_requires_s3_settings: "You cannot use S3 as backup location unless you've provided the '%{setting_name}'."
|
s3_backup_requires_s3_settings: "You cannot use S3 as backup location unless you've provided the '%{setting_name}'."
|
||||||
s3_bucket_reused: "You cannot use the same bucket for 's3_upload_bucket' and 's3_backup_bucket'. Choose a different bucket or use a different path for each bucket."
|
s3_bucket_reused: "You cannot use the same bucket for 's3_upload_bucket' and 's3_backup_bucket'. Choose a different bucket or use a different path for each bucket."
|
||||||
secure_media_requirements: "S3 uploads must be enabled before enabling secure media."
|
secure_media_requirements: "S3 uploads must be enabled before enabling secure media."
|
||||||
|
|
|
@ -523,7 +523,8 @@ class Guardian
|
||||||
end
|
end
|
||||||
|
|
||||||
def can_publish_page?(topic)
|
def can_publish_page?(topic)
|
||||||
return false unless SiteSetting.enable_page_publishing?
|
return false if !SiteSetting.enable_page_publishing?
|
||||||
|
return false if SiteSetting.secure_media?
|
||||||
return false if topic.blank?
|
return false if topic.blank?
|
||||||
return false if topic.private_message?
|
return false if topic.private_message?
|
||||||
return false unless can_see_topic?(topic)
|
return false unless can_see_topic?(topic)
|
||||||
|
|
|
@ -144,6 +144,10 @@ module SiteSettings::Validations
|
||||||
validate_error :secure_media_requirements if new_val == "t" && !SiteSetting.Upload.enable_s3_uploads
|
validate_error :secure_media_requirements if new_val == "t" && !SiteSetting.Upload.enable_s3_uploads
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def validate_enable_page_publishing(new_val)
|
||||||
|
validate_error :page_publishing_requirements if new_val == "t" && SiteSetting.secure_media?
|
||||||
|
end
|
||||||
|
|
||||||
def validate_share_quote_buttons(new_val)
|
def validate_share_quote_buttons(new_val)
|
||||||
validate_error :share_quote_facebook_requirements if new_val.include?("facebook") && SiteSetting.facebook_app_id.blank?
|
validate_error :share_quote_facebook_requirements if new_val.include?("facebook") && SiteSetting.facebook_app_id.blank?
|
||||||
end
|
end
|
||||||
|
|
|
@ -3756,6 +3756,20 @@ describe Guardian do
|
||||||
post = Fabricate(:private_message_post, user: admin)
|
post = Fabricate(:private_message_post, user: admin)
|
||||||
expect(Guardian.new(admin).can_publish_page?(post.topic)).to eq(false)
|
expect(Guardian.new(admin).can_publish_page?(post.topic)).to eq(false)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context "when secure_media is also enabled" do
|
||||||
|
before do
|
||||||
|
setup_s3
|
||||||
|
SiteSetting.secure_media = true
|
||||||
|
end
|
||||||
|
|
||||||
|
it "is false for everyone" do
|
||||||
|
expect(Guardian.new(moderator).can_publish_page?(topic)).to eq(false)
|
||||||
|
expect(Guardian.new(user).can_publish_page?(topic)).to eq(false)
|
||||||
|
expect(Guardian.new.can_publish_page?(topic)).to eq(false)
|
||||||
|
expect(Guardian.new(admin).can_publish_page?(topic)).to eq(false)
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -205,6 +205,25 @@ describe SiteSettings::Validations do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
describe "#validate_enable_page_publishing" do
|
||||||
|
context "when the new value is true" do
|
||||||
|
it "is ok" do
|
||||||
|
expect { subject.validate_enable_page_publishing("t") }.not_to raise_error
|
||||||
|
end
|
||||||
|
|
||||||
|
context "if secure media is enabled" do
|
||||||
|
let(:error_message) { I18n.t("errors.site_settings.page_publishing_requirements") }
|
||||||
|
before do
|
||||||
|
enable_secure_media
|
||||||
|
end
|
||||||
|
|
||||||
|
it "is not ok" do
|
||||||
|
expect { subject.validate_enable_page_publishing("t") }.to raise_error(Discourse::InvalidParameters, error_message)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
describe "#validate_secure_media" do
|
describe "#validate_secure_media" do
|
||||||
let(:error_message) { I18n.t("errors.site_settings.secure_media_requirements") }
|
let(:error_message) { I18n.t("errors.site_settings.secure_media_requirements") }
|
||||||
|
|
||||||
|
|
|
@ -93,6 +93,18 @@ RSpec.describe PublishedPagesController do
|
||||||
published_page.topic.tags = [Fabricate(:tag, name: "recipes")]
|
published_page.topic.tags = [Fabricate(:tag, name: "recipes")]
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context "when secure media is enabled" do
|
||||||
|
before do
|
||||||
|
setup_s3
|
||||||
|
SiteSetting.secure_media = true
|
||||||
|
end
|
||||||
|
|
||||||
|
it "returns 404" do
|
||||||
|
get published_page.path
|
||||||
|
expect(response.status).to eq(404)
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
it "returns 200" do
|
it "returns 200" do
|
||||||
get published_page.path
|
get published_page.path
|
||||||
expect(response.status).to eq(200)
|
expect(response.status).to eq(200)
|
||||||
|
|
|
@ -399,6 +399,18 @@ describe TopicViewSerializer do
|
||||||
expect(json[:published_page]).to be_present
|
expect(json[:published_page]).to be_present
|
||||||
expect(json[:published_page][:slug]).to eq(published_page.slug)
|
expect(json[:published_page][:slug]).to eq(published_page.slug)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
context "secure media is enabled" do
|
||||||
|
before do
|
||||||
|
setup_s3
|
||||||
|
SiteSetting.secure_media = true
|
||||||
|
end
|
||||||
|
|
||||||
|
it "doesn't return the published page" do
|
||||||
|
json = serialize_topic(topic, admin)
|
||||||
|
expect(json[:published_page]).to be_blank
|
||||||
|
end
|
||||||
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
|
@ -13,6 +13,11 @@ module UploadsHelpers
|
||||||
stub_request(:head, "https://#{SiteSetting.s3_upload_bucket}.s3.#{SiteSetting.s3_region}.amazonaws.com/")
|
stub_request(:head, "https://#{SiteSetting.s3_upload_bucket}.s3.#{SiteSetting.s3_region}.amazonaws.com/")
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def enable_secure_media
|
||||||
|
setup_s3
|
||||||
|
SiteSetting.secure_media = true
|
||||||
|
end
|
||||||
|
|
||||||
def stub_upload(upload)
|
def stub_upload(upload)
|
||||||
url = "https://#{SiteSetting.s3_upload_bucket}.s3.#{SiteSetting.s3_region}.amazonaws.com/original/1X/#{upload.sha1}.#{upload.extension}?acl"
|
url = "https://#{SiteSetting.s3_upload_bucket}.s3.#{SiteSetting.s3_region}.amazonaws.com/original/1X/#{upload.sha1}.#{upload.extension}?acl"
|
||||||
stub_request(:put, url)
|
stub_request(:put, url)
|
||||||
|
|
Loading…
Reference in New Issue