mirror of
https://github.com/discourse/discourse.git
synced 2025-02-07 20:08:26 +00:00
FIX: Don't update User#last_seen_at when PG is readonly take 2.
This commit is contained in:
Guo Xiang Tan
parent
c732ae9ca9
commit
4466fcf1bc
@ -12,7 +12,7 @@ class AdminConstraint
|
|||||||
provider.current_user &&
|
provider.current_user &&
|
||||||
provider.current_user.admin? &&
|
provider.current_user.admin? &&
|
||||||
custom_admin_check(request)
|
custom_admin_check(request)
|
||||||
rescue Discourse::InvalidAccess
|
rescue Discourse::InvalidAccess, Discourse::ReadOnly
|
||||||
false
|
false
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|||||||
@ -25,6 +25,7 @@ class Auth::DefaultCurrentUserProvider
|
|||||||
# our current user, return nil if none is found
|
# our current user, return nil if none is found
|
||||||
def current_user
|
def current_user
|
||||||
return @env[CURRENT_USER_KEY] if @env.key?(CURRENT_USER_KEY)
|
return @env[CURRENT_USER_KEY] if @env.key?(CURRENT_USER_KEY)
|
||||||
|
raise Discourse::ReadOnly if Discourse.pg_readonly_mode?
|
||||||
|
|
||||||
# bypass if we have the shared session header
|
# bypass if we have the shared session header
|
||||||
if shared_key = @env['HTTP_X_SHARED_SESSION_KEY']
|
if shared_key = @env['HTTP_X_SHARED_SESSION_KEY']
|
||||||
@ -241,8 +242,6 @@ class Auth::DefaultCurrentUserProvider
|
|||||||
end
|
end
|
||||||
|
|
||||||
def should_update_last_seen?
|
def should_update_last_seen?
|
||||||
return false if Discourse.pg_readonly_mode?
|
|
||||||
|
|
||||||
if @request.xhr?
|
if @request.xhr?
|
||||||
@env["HTTP_DISCOURSE_VISIBLE".freeze] == "true".freeze
|
@env["HTTP_DISCOURSE_VISIBLE".freeze] == "true".freeze
|
||||||
elsif !!(@env[API_KEY_ENV]) || !!(@env[USER_API_KEY_ENV])
|
elsif !!(@env[API_KEY_ENV]) || !!(@env[USER_API_KEY_ENV])
|
||||||
|
|||||||
@ -9,7 +9,7 @@ class HomePageConstraint
|
|||||||
provider = Discourse.current_user_provider.new(request.env)
|
provider = Discourse.current_user_provider.new(request.env)
|
||||||
homepage = provider&.current_user&.user_option&.homepage || SiteSetting.anonymous_homepage
|
homepage = provider&.current_user&.user_option&.homepage || SiteSetting.anonymous_homepage
|
||||||
homepage == @filter
|
homepage == @filter
|
||||||
rescue Discourse::InvalidAccess
|
rescue Discourse::InvalidAccess, Discourse::ReadOnly
|
||||||
false
|
false
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
@ -7,7 +7,7 @@ class StaffConstraint
|
|||||||
provider.current_user &&
|
provider.current_user &&
|
||||||
provider.current_user.staff? &&
|
provider.current_user.staff? &&
|
||||||
custom_staff_check(request)
|
custom_staff_check(request)
|
||||||
rescue Discourse::InvalidAccess
|
rescue Discourse::InvalidAccess, Discourse::ReadOnly
|
||||||
false
|
false
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|||||||
@ -161,20 +161,13 @@ describe Auth::DefaultCurrentUserProvider do
|
|||||||
end
|
end
|
||||||
|
|
||||||
describe "#current_user" do
|
describe "#current_user" do
|
||||||
let(:unhashed_token) do
|
|
||||||
provider = provider('/')
|
|
||||||
cookies = {}
|
|
||||||
provider.log_on_user(Fabricate(:user), {}, cookies)
|
|
||||||
cookies["_t"][:value]
|
|
||||||
end
|
|
||||||
|
|
||||||
after do
|
after do
|
||||||
$redis.flushall
|
$redis.flushall
|
||||||
end
|
end
|
||||||
|
|
||||||
it "should not update last seen for suspended users" do
|
it "should not update last seen for suspended users" do
|
||||||
user = Fabricate(:user)
|
|
||||||
provider = provider('/')
|
provider = provider('/')
|
||||||
|
user = Fabricate(:user)
|
||||||
cookies = {}
|
cookies = {}
|
||||||
provider.log_on_user(user, {}, cookies)
|
provider.log_on_user(user, {}, cookies)
|
||||||
unhashed_token = cookies["_t"][:value]
|
unhashed_token = cookies["_t"][:value]
|
||||||
@ -201,7 +194,11 @@ describe Auth::DefaultCurrentUserProvider do
|
|||||||
end
|
end
|
||||||
|
|
||||||
describe "when readonly mode is enabled due to postgres" do
|
describe "when readonly mode is enabled due to postgres" do
|
||||||
|
let(:test_provider) { provider("/") }
|
||||||
|
let(:user) { Fabricate(:user) }
|
||||||
|
|
||||||
before do
|
before do
|
||||||
|
test_provider.log_on_user(user, {}, {})
|
||||||
Discourse.enable_readonly_mode(Discourse::PG_READONLY_MODE_KEY)
|
Discourse.enable_readonly_mode(Discourse::PG_READONLY_MODE_KEY)
|
||||||
end
|
end
|
||||||
|
|
||||||
@ -210,10 +207,11 @@ describe Auth::DefaultCurrentUserProvider do
|
|||||||
end
|
end
|
||||||
|
|
||||||
it "should not update last seen at" do
|
it "should not update last seen at" do
|
||||||
provider2 = provider("/", "HTTP_COOKIE" => "_t=#{unhashed_token}")
|
expect(test_provider.current_user).to eq(user)
|
||||||
u = provider2.current_user
|
|
||||||
u.reload
|
expect do
|
||||||
expect(u.last_seen_at).to eq(nil)
|
provider("/?api_key=hello").current_user
|
||||||
|
end.to raise_error(Discourse::ReadOnly)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user