FIX: scrub all settings that has '_secret' in name
This commit is contained in:
parent
abcb6af8f9
commit
8d6a9eb511
|
@ -275,16 +275,11 @@ module SiteSettingExtension
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
SECRET_SETTINGS ||= %w{
|
|
||||||
google_oauth2_client_secret twitter_consumer_secret instagram_consumer_secret
|
|
||||||
facebook_app_secret github_client_secret s3_secret_access_key
|
|
||||||
}
|
|
||||||
|
|
||||||
def set_and_log(name, value, user = Discourse.system_user)
|
def set_and_log(name, value, user = Discourse.system_user)
|
||||||
prev_value = send(name)
|
prev_value = send(name)
|
||||||
set(name, value)
|
set(name, value)
|
||||||
if has_setting?(name)
|
if has_setting?(name)
|
||||||
value = prev_value = "[FILTERED]" if SECRET_SETTINGS.include?(name)
|
value = prev_value = "[FILTERED]" if name.to_s =~ /_secret/
|
||||||
StaffActionLogger.new(user).log_site_setting_change(name, prev_value, value)
|
StaffActionLogger.new(user).log_site_setting_change(name, prev_value, value)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
Loading…
Reference in New Issue