Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactor requires login logic, reduce duplicate code 

This also corrects the positioning in the chain of the check
and removes misuse of prepend_before_action
This commit is contained in:
Sam 2018-02-01 15:17:59 +11:00
parent ee0d3f15c1
commit 41986cdb2f
24 changed files with 57 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/controllers/about_controller.rb
View File

@ -1,7 +1,9 @@
require_dependency 'rate_limiter' require_dependency 'rate_limiter'
class AboutController < ApplicationController class AboutController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in, only: [:live_post_counts]
requires_login only: [:live_post_counts]
skip_before_action :check_xhr, only: [:index] skip_before_action :check_xhr, only: [:index]
def index def index

4
app/controllers/admin/admin_controller.rb
View File

@ -1,7 +1,7 @@
class Admin::AdminController < ApplicationController class Admin::AdminController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in requires_login
prepend_before_action :check_xhr, :ensure_staff before_action :ensure_staff
def index def index
render body: nil render body: nil

25
app/controllers/application_controller.rb
View File

@ -48,8 +48,9 @@ class ApplicationController < ActionController::Base
before_action :set_mobile_view before_action :set_mobile_view
before_action :block_if_readonly_mode before_action :block_if_readonly_mode
before_action :authorize_mini_profiler before_action :authorize_mini_profiler
before_action :preload_json
before_action :redirect_to_login_if_required before_action :redirect_to_login_if_required
before_action :block_if_requires_login
before_action :preload_json
before_action :check_xhr before_action :check_xhr
after_action :add_readonly_header after_action :add_readonly_header
after_action :perform_refresh_session after_action :perform_refresh_session
@ -570,6 +571,28 @@ class ApplicationController < ActionController::Base
raise RenderEmpty.new unless ((request.format && request.format.json?) || request.xhr?) raise RenderEmpty.new unless ((request.format && request.format.json?) || request.xhr?)
end end
def self.requires_login(arg = {})
@requires_login_arg = arg
end
def self.requires_login_arg
@requires_login_arg
end
def block_if_requires_login
if arg = self.class.requires_login_arg
check =
if except = arg[:except]
!except.include?(action_name.to_sym)
elsif only = arg[:only]
only.include?(action_name.to_sym)
else
true
end
ensure_logged_in if check
end
end
def ensure_logged_in def ensure_logged_in
raise Discourse::NotLoggedIn.new unless current_user.present? raise Discourse::NotLoggedIn.new unless current_user.present?
end end

3
app/controllers/categories_controller.rb
View File

@ -2,7 +2,8 @@ require_dependency 'category_serializer'
class CategoriesController < ApplicationController class CategoriesController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in, except: [:index, :categories_and_latest, :show, :redirect, :find_by_slug] requires_login except: [:index, :categories_and_latest, :show, :redirect, :find_by_slug]
before_action :fetch_category, only: [:show, :update, :destroy] before_action :fetch_category, only: [:show, :update, :destroy]
before_action :initialize_staff_action_logger, only: [:create, :update, :destroy] before_action :initialize_staff_action_logger, only: [:create, :update, :destroy]
skip_before_action :check_xhr, only: [:index, :categories_and_latest, :redirect] skip_before_action :check_xhr, only: [:index, :categories_and_latest, :redirect]

2
app/controllers/category_hashtags_controller.rb
View File

@ -1,5 +1,5 @@
class CategoryHashtagsController < ApplicationController class CategoryHashtagsController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in requires_login
def check def check
category_slugs = params[:category_slugs] category_slugs = params[:category_slugs]

2
app/controllers/composer_controller.rb
View File

@ -2,7 +2,7 @@ require_dependency 'html_to_markdown'
class ComposerController < ApplicationController class ComposerController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in requires_login
def parse_html def parse_html
markdown_text = HtmlToMarkdown.new(params[:html]).to_markdown markdown_text = HtmlToMarkdown.new(params[:html]).to_markdown

2
app/controllers/composer_messages_controller.rb
View File

@ -2,7 +2,7 @@ require_dependency 'composer_messages_finder'
class ComposerMessagesController < ApplicationController class ComposerMessagesController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in requires_login
def index def index
finder = ComposerMessagesFinder.new(current_user, params.slice(:composer_action, :topic_id, :post_id)) finder = ComposerMessagesFinder.new(current_user, params.slice(:composer_action, :topic_id, :post_id))

3
app/controllers/draft_controller.rb
View File

@ -1,5 +1,6 @@
class DraftController < ApplicationController class DraftController < ApplicationController
prepend_before_action :ensure_logged_in requires_login
skip_before_action :check_xhr, :preload_json skip_before_action :check_xhr, :preload_json
def show def show

2
app/controllers/groups_controller.rb
View File

@ -1,6 +1,6 @@
class GroupsController < ApplicationController class GroupsController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in, only: [ requires_login only: [
:set_notifications, :set_notifications,
:mentionable, :mentionable,
:messageable, :messageable,

2
app/controllers/inline_onebox_controller.rb
View File

@ -1,7 +1,7 @@
require_dependency 'inline_oneboxer' require_dependency 'inline_oneboxer'
class InlineOneboxController < ApplicationController class InlineOneboxController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in requires_login
def show def show
oneboxes = InlineOneboxer.new(params[:urls] || []).process oneboxes = InlineOneboxer.new(params[:urls] || []).process

2
app/controllers/invites_controller.rb
View File

@ -2,7 +2,7 @@ require_dependency 'rate_limiter'
class InvitesController < ApplicationController class InvitesController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in, only: [ requires_login only: [
:destroy, :create, :create_invite_link, :rescind_all_invites, :destroy, :create, :create_invite_link, :rescind_all_invites,
:resend_invite, :resend_all_invites, :upload_csv :resend_invite, :resend_all_invites, :upload_csv
] ]

2
app/controllers/notifications_controller.rb
View File

@ -2,7 +2,7 @@ require_dependency 'notification_serializer'
class NotificationsController < ApplicationController class NotificationsController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in requires_login
def index def index
user = user =

2
app/controllers/onebox_controller.rb
View File

@ -1,7 +1,7 @@
require_dependency 'oneboxer' require_dependency 'oneboxer'
class OneboxController < ApplicationController class OneboxController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in requires_login
def show def show
unless params[:refresh] == 'true' unless params[:refresh] == 'true'

3
app/controllers/post_actions_controller.rb
View File

@ -1,7 +1,8 @@
require_dependency 'discourse' require_dependency 'discourse'
class PostActionsController < ApplicationController class PostActionsController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in requires_login
before_action :fetch_post_from_params before_action :fetch_post_from_params
before_action :fetch_post_action_type_id_from_params before_action :fetch_post_action_type_id_from_params

2
app/controllers/posts_controller.rb
View File

@ -8,7 +8,7 @@ require_dependency 'post_locker'
class PostsController < ApplicationController class PostsController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in, except: [ requires_login except: [
:show, :show,
:replies, :replies,
:by_number, :by_number,

2
app/controllers/steps_controller.rb
View File

@ -3,9 +3,9 @@ require_dependency 'wizard/builder'
require_dependency 'wizard/step_updater' require_dependency 'wizard/step_updater'
class StepsController < ApplicationController class StepsController < ApplicationController
requires_login
before_action :ensure_wizard_enabled before_action :ensure_wizard_enabled
prepend_before_action :check_xhr, :ensure_logged_in
before_action :ensure_admin before_action :ensure_admin
def update def update

3
app/controllers/tag_groups_controller.rb
View File

@ -1,5 +1,6 @@
class TagGroupsController < ApplicationController class TagGroupsController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in, except: [:index, :show] requires_login except: [:index, :show]
skip_before_action :check_xhr, only: [:index, :show] skip_before_action :check_xhr, only: [:index, :show]
before_action :fetch_tag_group, only: [:show, :update, :destroy] before_action :fetch_tag_group, only: [:show, :update, :destroy]

2
app/controllers/tags_controller.rb
View File

@ -7,7 +7,7 @@ class TagsController < ::ApplicationController
before_action :ensure_tags_enabled before_action :ensure_tags_enabled
prepend_before_action :check_xhr, :ensure_logged_in, except: [ requires_login except: [
:index, :index,
:show, :show,
:tag_feed, :tag_feed,

2
app/controllers/topics_controller.rb
View File

@ -6,7 +6,7 @@ require_dependency 'discourse_event'
require_dependency 'rate_limiter' require_dependency 'rate_limiter'
class TopicsController < ApplicationController class TopicsController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in, only: [ requires_login only: [
:timings, :timings,
:destroy_timings, :destroy_timings,
:update, :update,

3
app/controllers/uploads_controller.rb
View File

@ -2,7 +2,8 @@ require "mini_mime"
require_dependency 'upload_creator' require_dependency 'upload_creator'
class UploadsController < ApplicationController class UploadsController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in, except: [:show] requires_login except: [:show]
skip_before_action :preload_json, :check_xhr, :redirect_to_login_if_required, only: [:show] skip_before_action :preload_json, :check_xhr, :redirect_to_login_if_required, only: [:show]
def create def create

2
app/controllers/user_api_keys_controller.rb
View File

@ -2,7 +2,7 @@ class UserApiKeysController < ApplicationController
layout 'no_ember' layout 'no_ember'
prepend_before_action :check_xhr, :ensure_logged_in, only: [:create, :revoke, :undo_revoke] requires_login only: [:create, :revoke, :undo_revoke]
skip_before_action :redirect_to_login_if_required, only: [:new] skip_before_action :redirect_to_login_if_required, only: [:new]
skip_before_action :check_xhr, :preload_json skip_before_action :check_xhr, :preload_json

2
app/controllers/users_controller.rb
View File

@ -9,7 +9,7 @@ class UsersController < ApplicationController
skip_before_action :authorize_mini_profiler, only: [:avatar] skip_before_action :authorize_mini_profiler, only: [:avatar]
prepend_before_action :check_xhr, :ensure_logged_in, only: [ requires_login only: [
:username, :update, :user_preferences_redirect, :upload_user_image, :username, :update, :user_preferences_redirect, :upload_user_image,
:pick_avatar, :destroy_user_image, :destroy, :check_emails, :topic_tracking_state, :pick_avatar, :destroy_user_image, :destroy, :check_emails, :topic_tracking_state,
:preferences :preferences

2
app/controllers/users_email_controller.rb
View File

@ -4,7 +4,7 @@ require_dependency 'email_updater'
class UsersEmailController < ApplicationController class UsersEmailController < ApplicationController
prepend_before_action :check_xhr, :ensure_logged_in, only: [:index, :update] requires_login only: [:index, :update]
skip_before_action :check_xhr, only: [:confirm] skip_before_action :check_xhr, only: [:confirm]
skip_before_action :redirect_to_login_if_required, only: [:confirm] skip_before_action :redirect_to_login_if_required, only: [:confirm]

5
app/controllers/wizard_controller.rb
View File

@ -2,8 +2,9 @@ require_dependency 'wizard'
require_dependency 'wizard/builder' require_dependency 'wizard/builder'
class WizardController < ApplicationController class WizardController < ApplicationController
prepend_before_action :check_xhr, :ensure_admin, except: [:qunit] requires_login except: [:qunit]
prepend_before_action :check_xhr, :ensure_logged_in, except: [:qunit]
before_action :ensure_admin, except: [:qunit]
before_action :ensure_wizard_enabled, only: [:index] before_action :ensure_wizard_enabled, only: [:index]
skip_before_action :check_xhr, :preload_json skip_before_action :check_xhr, :preload_json