Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Remove the access_password site setting

This commit is contained in:
Neil Lalonde 2013-06-25 15:05:16 -04:00
parent 9a19c0d9c4
commit a86b35c873
30 changed files with 40 additions and 295 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
app/controllers/application_controller.rb
View File

@ -16,7 +16,6 @@ class ApplicationController < ActionController::Base
before_filter :inject_preview_style
before_filter :block_if_maintenance_mode
before_filter :check_restricted_access
before_filter :authorize_mini_profiler
before_filter :store_incoming_links
before_filter :preload_json
@ -155,9 +154,6 @@ class ApplicationController < ActionController::Base
# Don't cache logged in users
return false if current_user.present?
# Don't cache if there's restricted access
return false if SiteSetting.access_password.present?
true
end
@ -236,16 +232,6 @@ class ApplicationController < ActionController::Base
end
end
def check_restricted_access
# note current_user is defined in the CurrentUser mixin
if SiteSetting.access_password.present? && cookies[:_access] != SiteSetting.access_password
unless api_key_valid?
redirect_to request_access_path(return_path: request.fullpath)
return false
end
end
end
def mini_profiler_enabled?
defined?(Rack::MiniProfiler) && current_user.try(:admin?)
end

3
app/controllers/forums_controller.rb
View File

@ -1,7 +1,6 @@
class ForumsController < ApplicationController
skip_before_filter :check_xhr, only: [:request_access, :request_access_submit, :status]
skip_before_filter :check_restricted_access, only: [:status]
skip_before_filter :check_xhr, only: [:status]
skip_before_filter :authorize_mini_profiler, only: [:status]
skip_before_filter :redirect_to_login_if_required, only: [:status]

5
app/controllers/invites_controller.rb
View File

@ -1,6 +1,6 @@
class InvitesController < ApplicationController
skip_before_filter :check_xhr, :check_restricted_access
skip_before_filter :check_xhr
skip_before_filter :redirect_to_login_if_required
before_filter :ensure_logged_in, only: [:destroy]
@ -16,9 +16,6 @@ class InvitesController < ApplicationController
# Send a welcome message if required
user.enqueue_welcome_message('welcome_invite') if user.send_welcome_message
# We skip the access password if we come in via an invite link
cookies.permanent['_access'] = SiteSetting.access_password if SiteSetting.access_password.present?
topic = invite.topics.first
if topic.present?
redirect_to "#{Discourse.base_uri}#{topic.relative_url}"

22
app/controllers/request_access_controller.rb
View File

@ -1,22 +0,0 @@
class RequestAccessController < ApplicationController
skip_before_filter :check_xhr, :check_restricted_access
def new
@return_path = params[:return_path] || "/"
render layout: 'no_js'
end
def create
@return_path = params[:return_path] || "/"
if params[:password] == SiteSetting.access_password
cookies.permanent['_access'] = SiteSetting.access_password
redirect_to @return_path
else
flash[:error] = I18n.t(:'request_access.incorrect')
render :new, layout: 'no_js'
end
end
end

3
app/controllers/robots_txt_controller.rb
View File

@ -1,10 +1,9 @@
class RobotsTxtController < ApplicationController
layout false
skip_before_filter :check_xhr
skip_before_filter :check_restricted_access
def index
path = if SiteSetting.allow_index_in_robots_txt && SiteSetting.access_password.blank?
path = if SiteSetting.allow_index_in_robots_txt
:index
else
:no_index

1
app/controllers/users_controller.rb
View File

@ -5,7 +5,6 @@ class UsersController < ApplicationController
skip_before_filter :check_xhr, only: [:show, :password_reset, :update, :activate_account, :avatar, :authorize_email, :user_preferences_redirect]
skip_before_filter :authorize_mini_profiler, only: [:avatar]
skip_before_filter :check_restricted_access, only: [:avatar]
before_filter :ensure_logged_in, only: [:username, :update, :change_email, :user_preferences_redirect]

21
app/models/admin_dashboard_data.rb
View File

@ -35,7 +35,8 @@ class AdminDashboardData
default_logo_check,
contact_email_check,
send_consumer_email_check,
title_check ].compact
title_check,
access_password_removal ].compact
end
def self.fetch_all
@ -136,4 +137,22 @@ class AdminDashboardData
I18n.t('dashboard.consumer_email_warning') if Rails.env == 'production' and ActionMailer::Base.smtp_settings[:address] =~ /gmail\.com|live\.com|yahoo\.com/
end
# TODO: generalize this method of putting i18n keys with expiry in redis
# that should be reported on the admin dashboard:
def access_password_removal
if i18n_key = $redis.get(AdminDashboardData.access_password_removal_key)
I18n.t(i18n_key)
end
end
def self.report_access_password_removal
$redis.setex access_password_removal_key, 172_800, 'dashboard.access_password_removal'
end
private
def self.access_password_removal_key
'dash-data:access_password_removal'
end
end

1
app/models/site_setting.rb
View File

@ -67,7 +67,6 @@ class SiteSetting < ActiveRecord::Base
setting(:port, Rails.env.development? ? 3000 : '')
setting(:enable_private_messages, true)
setting(:use_ssl, false)
setting(:access_password)
setting(:queue_jobs, !Rails.env.test?)
setting(:crawl_images, !Rails.env.test?)
setting(:max_image_width, 690)

21
app/views/request_access/new.html.erb
View File

@ -1,21 +0,0 @@
<div id='request-access'>
<h1><%= t :'request_access.code' %></h1>
<p><%= t :'request_access.instructions' %></p>
<%- if flash[:error].present? %>
<div class="alert alert-error">
<%= flash[:error] %>
</div>
<% end %>
<%= form_tag do |f| %>
<%= hidden_field_tag :return_path, @return_path %>
<%= password_field_tag :password, @password %>
<%= submit_tag t(:'request_access.enter'), class: 'btn' %>
<% end %>
</div>
<script type="text/javascript">
document.getElementById('password').focus()
</script>

9
config/locales/server.cs.yml
View File

@ -469,7 +469,6 @@ cs:
company_short_name: "Krátké jméno společnosti, která provozuje tento web, používá se v dokumentech jako je /tos"
company_domain: "Doménové jméno vlastněné společností, která provozuje tento web, používá se v dokumentech jako je /tos"
api_key: "Zabezpečený API klíč, který se používá pro vytváření a aktualizaci témat, použijte sekci /admin/api k nastavení"
access_password: "Restrict_access je nastaveno, ujistěte se, že je zde nastaveno heslo"
queue_jobs: "Zařazovat úlohy do fronty v sidekiq, není-li nastaveno, jsou úlohy vyřizovány okamžitě"
crawl_images: "Povolit získávání obrázků z webů třetích stran"
ninja_edit_window: "Jak rychle smíte udělat změnu, aniž by se uložila jako nová verze"
@ -764,15 +763,7 @@ cs:
<small>V každém emailu, který zasíláte, by měl být odkaz na odhlášení příjmu emailů, tak tady je taky takový. Tento email vám zaslala Velká Společnost s.r.o., Hlavní ul. 1337, Kotěhůlky, Česká republika. Pokud již od nás nechcete dostávat další emaily, [klikněte sem pro odhlášení][5].</small>
request_access:
code: "Přístupový kód"
instructions: "Tento web má omezený přístup, zadejte prosím přístupový kód:"
enter: "Vstoupit"
incorrect: "přístupový kód je neplatný"
system_messages:
site_password: "Mimochodem, přístupový kód na tento web je `%{access_password}`, pokud ho budete potřebovat."
post_hidden:
subject_template: "%{site_name} Oznámení: Příspěvek skryt kvůli hlášením od komunity"
text_body_template: |

9
config/locales/server.da.yml
View File

@ -306,7 +306,6 @@ da:
company_full_name: "The full name of the company that runs this site, used in legal documents like the /tos"
company_short_name: "The short name of the company that runs this site, used in legal documents like the /tos"
company_domain: "The domain name owned by the company that runs this site, used in legal documents like the /tos"
access_password: "When restricted access is enabled, this password must be entered"
queue_jobs: "Queue various jobs in sidekiq, if false queues are inline"
crawl_images: "Enable retrieving images from third party sources to insert width and height dimensions"
ninja_edit_window: "Number of seconds after posting where edits do not create a new version"
@ -564,15 +563,7 @@ da:
<small>There should be an unsubscribe footer on every email you send, so let's mock one up. This email was sent by Name of Company, 55 Main Street, Anytown, USA 12345. If you would like to opt out of future emails, [click here to unsubscribe][5].</small>
request_access:
code: "Adgangskode"
instructions: "Dette site har begrænset adgang. Skriv adgangskoden herunder:"
enter: "Log ind"
incorrect: "adgangskoden var forkert"
system_messages:
site_password: "I øvrigt, kodeordet til sitet er `%{access_password}` hvis du skal bruge det."
post_hidden:
subject_template: "%{site_name} Notice: Posting Hidden due to Community Flagging"
text_body_template: |

9
config/locales/server.de.yml
View File

@ -439,7 +439,6 @@ de:
company_short_name: "Kurzname des Unternehmens, das diese Seite betreibt. Wird in rechtlich relevanten Dokumenten wie den Nutzungsbestimmungen (/tos) verwendet."
company_domain: "Domainname des Unternehmens, das diese Seite betreibt. Wird in rechtlich relevanten Dokumenten wie den Nutzungsbestimmungen (/tos) verwendet."
api_key: "Sicherer API-Schlüssel, um Themen zu erstellen und zu aktualisieren. Benutze /admin/api, um ihn einzurichten."
access_password: "Passwort, dass eingegeben werden muss, wenn diese Seite zugangsbeschränkt ist."
queue_jobs: "Benutze die Sidekiq-Queue, falls falsche Queues inline sind."
crawl_images: "Lade Bilder von Dritten herunter, um ihre Höhe und Breite zu bestimmen."
ninja_edit_window: "Sekunden nach Empfang eines Beitrag, in denen Bearbeitungen nicht als neue Version gelten."
@ -731,15 +730,7 @@ de:
<small>Am Fuß jeder Mail, die Du verschickst, sollte eine Möglichkeit zum Abbestellen gegeben werden. Hier ein Beispiel: Diese Mail wurde von Unternehmensname, Hauptstraße 55, 12345 Stadtname, Deutschland, versendet. Wenn Du zukünftig keine weiteren Mail erhalten möchtest, [klicke hier, um dich abzumelden][5].</small>
request_access:
code: "Zugangscode"
instructions: "Der Zugang zu dieser Seite ist beschränkt. Geben Sie unten den Zugangscode ein:"
enter: "Eintreten"
incorrect: "Zugangscode falsch"
system_messages:
site_password: "Das Seitenpasswort ist `%{access_password}`, falls Du es benötigst."
post_hidden:
subject_template: "Beitrag wegen Meldungen aus der Community versteckt"
text_body_template: |

10
config/locales/server.en.yml
View File

@ -393,6 +393,7 @@ en:
contact_email_invalid: "The site contact email is invalid. Please update contact_email in the <a href='/admin/site_settings'>Site Settings</a>."
title_nag: "The title Site Setting is still set to the default value. Please update it with your site's title in the <a href='/admin/site_settings'>Site Settings</a>."
consumer_email_warning: "Your site is configured to use Gmail (or another consumer email service) to send email. <a href='http://support.google.com/a/bin/answer.py?hl=en&answer=166852' target='_blank'>Gmail limits how many emails you can send</a>. Consider using an email service provider like mandrill.com to ensure email deliverability."
access_password_removal: "Your site was using the access_password setting, which has been removed. The login_required and must_approve_users settings have been enabled, which should be used instead. You can change them in the <a href='/admin/site_settings'>Site Settings</a>. Be sure to <a href='/admin/users/list/pending'>approve users in the Pending Users list</a>. (This message will go away after 2 days.)"
content_types:
education_new_reply:
@ -444,7 +445,6 @@ en:
company_short_name: "The short name of the company that runs this site, used in legal documents like the /tos"
company_domain: "The domain name owned by the company that runs this site, used in legal documents like the /tos"
api_key: "The secure API key used to create and update topics, use the /admin/api section to set it up"
access_password: "When restricted access is enabled, this password must be entered"
queue_jobs: "Queue various jobs in sidekiq, if false queues are inline"
crawl_images: "Enable retrieving images from third party sources to insert width and height dimensions"
ninja_edit_window: "Number of seconds after posting where edits do not create a new version"
@ -751,15 +751,7 @@ en:
<small>There should be an unsubscribe footer on every email you send, so let's mock one up. This email was sent by Name of Company, 55 Main Street, Anytown, USA 12345. If you would like to opt out of future emails, [click here to unsubscribe][5].</small>
request_access:
code: "Access Code"
instructions: "This site has restricted access, enter the access code below:"
enter: "Enter"
incorrect: "access code was incorrect"
system_messages:
site_password: "Also, the site password is `%{access_password}` if you need it."
post_hidden:
subject_template: "Post hidden due to community flagging"
text_body_template: |

9
config/locales/server.es.yml
View File

@ -294,7 +294,6 @@ es:
company_full_name: "Nombre completo de la compañía que maneja el sitio, usado en documetnso legales como el /tos"
company_short_name: "El nombre corto de la compañía que maneja el sitio, usado en documentos legales como el /tos"
company_domain: "Dominio poseido por la compañía que maneja el sitio, usado en documentos legales como el /tos"
access_password: "Cuando el acceso restringido sea activado, habrá que introducir esta contraseña"
queue_jobs: "Encolar varios trabajos en sidekiq, si es falso las colas serán en linea"
crawl_images: "Activar obtener imágenes de origines third party para insertar las dimensiones de ancho y alto"
ninja_edit_window: "Número de segundos after postear donde las ediciones no causan una nueva versión"
@ -547,15 +546,7 @@ es:
<small>There should be an unsubscribe footer on every email you send, so let's mock one up. This email was sent by Name of Company, 55 Main Street, Anytown, USA 12345. If you would like to opt out of future emails, [click here to unsubscribe][5].</small>
request_access:
code: "Código de acceso"
instructions: "Este sitio tiene acceso restringido, introduce el código de acceso debajo:"
enter: "Entrar"
incorrect: "el código de acceso es incorrecto"
system_messages:
site_password: "También, el password del sitio es `%{access_password}` si lo necesitas."
post_hidden:
subject_template: "%{site_name} Advertencia: Posting oculto debido al Community Flagging"
text_body_template: |

9
config/locales/server.fr.yml
View File

@ -438,7 +438,6 @@ fr:
company_short_name: "Le nom de la société qui gère ce site (utilisé dans les documents légaux, tels que /tos)"
company_domain: "Le nom de domaine de la société qui gère ce site (utilisé dans les documents légaux, tels que /tos)"
api_key: "La clé API sécurisé à utiliser pour créer et mettre à jour des discussions. Utilisez la section /admin/api pour la configurer."
access_password: "Si l'accès restreint est activé, assurez-vous que le mot de passe soit saisi ici."
queue_jobs: "mettre les différents jobs en attente sur différentes queues, si false les queues sont en file"
crawl_images: "permettre la récupération des images provenant de sources tierces"
ninja_edit_window: "temps d'édition avant de sauvegarder une nouvelle version, en secondes."
@ -715,15 +714,7 @@ fr:
<small>Il devrait toujours y avoir un lien de déinscription dans le pied de page d'un mail. Donc en voici-un. Ce mail a été envoyé par Nom de la Société, 55 Main Street, Anytown, USA 12345. Si vous ne voulez plus recevoir nos e-mails, [cliquez ici pour vous désinscrire][5].</small>
request_access:
code: "Code d'accès"
instructions: "Ce site possède une zone restreinte, vous devez saisir le code d'accès pour entrer."
enter: "Entrer"
incorrect: "Le code d''accès est incorrect."
system_messages:
site_password: "Si vous en avez besoin, le mot de passe du site est `%{access_password}`."
post_hidden:
subject_template: "%{site_name} Notice: Message caché suite à un signalement par la communauté"
text_body_template: |

9
config/locales/server.id.yml
View File

@ -305,7 +305,6 @@ id:
company_full_name: "The full name of the company that runs this site, used in legal documents like the /tos"
company_short_name: "The short name of the company that runs this site, used in legal documents like the /tos"
company_domain: "The domain name owned by the company that runs this site, used in legal documents like the /tos"
access_password: "When restricted access is enabled, this password must be entered"
queue_jobs: "Queue various jobs in sidekiq, if false queues are inline"
crawl_images: "Enable retrieving images from third party sources to insert width and height dimensions"
ninja_edit_window: "Number of seconds after posting where edits do not create a new version"
@ -566,15 +565,7 @@ id:
<small>There should be an unsubscribe footer on every email you send, so let's mock one up. This email was sent by Name of Company, 55 Main Street, Anytown, USA 12345. If you would like to opt out of future emails, [click here to unsubscribe][5].</small>
request_access:
code: "Access Code"
instructions: "This site has restricted access, enter the access code below:"
enter: "Enter"
incorrect: "access code was incorrect"
system_messages:
site_password: "Also, the site password is `%{access_password}` if you need it."
post_hidden:
subject_template: "Post hidden due to community flagging"
text_body_template: |

9
config/locales/server.it.yml
View File

@ -425,7 +425,6 @@ it:
company_short_name: "Il nome abbreviato di chi gestisce il sito, usato in documenti legali come /tos"
company_domain: "Il dominio di chi gestisce il sito, usato in documenti legali come /tos"
api_key: "La chiave API segreta usata per creare e aggiornare topic, usa la sezione /admin/api per impostarla"
access_password: "Quando è attivo l'accesso limitato, questa password dev'essere inserita"
queue_jobs: "Metti in coda diversi job in sidekiq, se false le code sono inline"
crawl_images: "Abilita la ricezione di immagini da sorgenti terze parti"
ninja_edit_window: "Numero di secondi trascorsi affinché una modifica del post appena inviato, non venga considerata come nuova revisione"
@ -695,15 +694,7 @@ it:
<small>Dovrebbe esserci la possibilità di cancellare la sottoscrizione in ogni email che mandi, ipotizziamo un possibile footer. Questa email è stata mandata da Nome Azienda, piazza La Bomba e scappa, California, ITALIA 12345. Se non vuoi più ricevere email in futuro, [clicca per cancellarti][5].</small>
request_access:
code: "Codice di accesso"
instructions: "Questo sito ha accesso limitato, inserisci il codice di accesso:"
enter: "Invia"
incorrect: "codice di accesso errato"
system_messages:
site_password: "Inoltre, la password del sito è `%{access_password}` se ne hai bisogno."
post_hidden:
subject_template: "Post nascosto a causa di segnalazioni dalla community"
text_body_template: |

9
config/locales/server.nl.yml
View File

@ -441,7 +441,6 @@ nl:
company_short_name: "De korte naam van het bedrijf dat deze site draait. Wordt gebruikt in juridische delen van de site, zoals /tos"
company_domain: "De domeinnaam van het bedrijf dat deze site draait. Wordt gebruikt in juridische delen van de site, zoals /tos"
api_key: "De beveiligde API-sleutel wordt gebruikt om topics te maken en bij te werken. Gebruik /admin/api om deze in te stellen"
access_password: "Wanneer beperkte toegang aan staat, moet dit wachtwoord worden opgegeven."
queue_jobs: "Zet verschillende taken in een queue binnen sidekiq, bij 'false' worden taken ineens uitgevoerd"
crawl_images: Zet het ophalen van afbeeldingen van externe bronnen aan
ninja_edit_window: "Hoe snel je een aanpassing kan maken zonder dat er een nieuwe versie wordt opgeslagen, in seconden."
@ -722,15 +721,7 @@ nl:
<small>Er zou een unsubscribe footer op elke email die je verstuurt moeten zitten zodat men direct kan afmelden mocht men deze mails niet willen ontvangen. Dus laten we er eentje opzetten!
request_access:
code: Toegangscode
instructions: "Dit is een besloten forum, vul hieronder de toegangscode in:"
enter: Verder
incorrect: Dat is niet de juiste toegangscode
system_messages:
site_password: "Oh, en het wachtwoord van de site is '%{access_password}' mocht je het nodig hebben."
post_hidden:
subject_template: "Bericht van %{site_name}: je bericht is verborgen wegens meldingen uit de community"
text_body_template: |

10
config/locales/server.pseudo.yml
View File

@ -484,8 +484,6 @@ pseudo:
ůšéď íɳ łéǧáł ďóčůɱéɳťš łíǩé ťĥé /ťóš ]]'
api_key: '[[ Ťĥé šéčůřé ÁРÍ ǩéý ůšéď ťó čřéáťé áɳď ůƿďáťé ťóƿíčš, ůšé ťĥé /áďɱíɳ/áƿí
šéčťíóɳ ťó šéť íť ůƿ ]]'
access_password: '[[ Ŵĥéɳ řéšťříčťéď áččéšš íš éɳáƀłéď, ťĥíš ƿáššŵóřď ɱůšť ƀé
éɳťéřéď ]]'
queue_jobs: '[[ Ƣůéůé νáříóůš ʲóƀš íɳ šíďéǩíƣ, íƒ ƒáłšé ƣůéůéš ářé íɳłíɳé ]]'
crawl_images: '[[ Éɳáƀłé řéťříéνíɳǧ íɱáǧéš ƒřóɱ ťĥířď ƿářťý šóůřčéš ťó íɳšéřť
ŵíďťĥ áɳď ĥéíǧĥť ďíɱéɳšíóɳš ]]'
@ -822,15 +820,7 @@ pseudo:
<šɱáłł>Ťĥéřé šĥóůłď ƀé áɳ ůɳšůƀščříƀé ƒóóťéř óɳ éνéřý éɱáíł ýóů šéɳď, šó łéť'š ɱóčǩ óɳé ůƿ. Ťĥíš éɱáíł ŵáš šéɳť ƀý Ѝáɱé óƒ Čóɱƿáɳý, 55 Ϻáíɳ Šťřééť, Áɳýťóŵɳ, ŮŠÁ 12345. ̓ ýóů ŵóůłď łíǩé ťó óƿť óůť óƒ ƒůťůřé éɱáíłš, [čłíčǩ ĥéřé ťó ůɳšůƀščříƀé][5].</šɱáłł>
]]
request_access:
code: '[[ Áččéšš Čóďé ]]'
instructions: '[[ Ťĥíš šíťé ĥáš řéšťříčťéď áččéšš, éɳťéř ťĥé áččéšš čóďé ƀéłóŵ:
]]'
enter: '[[ Éɳťéř ]]'
incorrect: '[[ áččéšš čóďé ŵáš íɳčóřřéčť ]]'
system_messages:
site_password: '[[ Áłšó, ťĥé šíťé ƿáššŵóřď íš `%{access_password}` íƒ ýóů ɳééď
íť. ]]'
post_hidden:
subject_template: '[[ Рóšť ĥíďďéɳ ďůé ťó čóɱɱůɳíťý ƒłáǧǧíɳǧ ]]'
text_body_template: |-

9
config/locales/server.pt.yml
View File

@ -246,7 +246,6 @@ pt:
title: "título deste website"
secret_token: "token secreto para ser usado para proteger cookies"
restrict_access: "restringir acesso a não ser que esta password seja utilizada"
access_password: "restrict_access está ativo. Garanta que esta password é preenchida"
queue_jobs: "'queue' vários 'jobs' no sidekiq, if false queues are inline"
crawl_images: "permitir mostrar imagens de sites terceiros"
ninja_edit_window: "quão rápido é possivél fazer uma alteração sem guardar uma nova versão, em segundos."
@ -484,15 +483,7 @@ pt:
<small>There should be an unsubscribe footer on every email you send, so let's mock one up. This email was sent by Name of Company, 55 Main Street, Anytown, USA 12345. If you would like to opt out of future emails, [click here to unsubscribe][5].</small>
request_access:
code: "Código de Acesso"
instructions: "Este site tem acesso restrito, insere o códio de acesso em baico::"
enter: "Inserir"
incorrect: "O código de acesso estava incorreto"
system_messages:
site_password: "Também, a password para o site é `%{access_password}` caso precisares."
post_hidden:
subject_template: "%{site_name} Aviso: Post escondido devido a Sinalização pela Comunidade"
text_body_template: |

7
config/locales/server.ru.yml
View File

@ -505,7 +505,6 @@ ru:
company_short_name: Короткое название компании, которой принадлежит сайт, используется в правовой документации как /tos
company_domain: Имя домена, принадлежащего компании, заведующей сайтом, используется в правовой документации как /tos
api_key: Секретный API ключ, используемый для создания и обновления тем. Зайдите в секцию /admin/api , чтобы его задать
access_password: Этот пароль должен быть введен для доступа к функциям с ограниченным доступом
queue_jobs: Ставить задачи в sidekiq в очередь, если false очереди inline
crawl_images: Разрешить извлечение изображений из сторонних источников, ширина и высота
ninja_edit_window: Количество секунд после размещения сообщения, в течение которых внесение правок в сообщение не повлечет его изменение
@ -764,13 +763,7 @@ ru:
<small>There should be an unsubscribe footer on every email you send, so let's mock one up. This email was sent by Name of Company, 55 Main Street, Anytown, USA 12345. If you would like to opt out of future emails, [click here to unsubscribe][5].</small>
request_access:
code: Код доступа
instructions: 'Этот сайт имеет ограниченный доступ, введите код доступа:'
enter: Ввести
incorrect: Код доступа неверный
system_messages:
site_password: 'Пароль для доступа на сайт `%{access_password}`, если он необходим.'
post_hidden:
subject_template: Сообщение скрыто по причине поступления множественных жалоб
text_body_template: |

9
config/locales/server.sv.yml
View File

@ -348,7 +348,6 @@ sv:
company_short_name: "Det korta namnet för företaget som driver denna webbplats, används i juridiska dokument så som /tos"
company_domain: "Domännamnet som ägs av företaget som driver denna webbplats, används i juridiska dokument så som /tos"
api_key: "Den säkra API-nyckeln som används för att skapa och uppdatera trådar, använd /admin/api för att skapa en"
access_password: "När begränsad åtkomst är aktiverad, så måste detta lösenord användas"
queue_jobs: "Köa diverse jobb i sidekiq, om urkryssat så körs köer infogat"
crawl_images: "Aktivera hämtning av bilder från tredjepartskällor för att infoga bredd och höjd"
ninja_edit_window: "Antal sekunder efter ett inlägg när en ändring inte skapar en ny version"
@ -624,15 +623,7 @@ sv:
<small>There should be an unsubscribe footer on every email you send, so let's mock one up. This email was sent by Name of Company, 55 Main Street, Anytown, USA 12345. If you would like to opt out of future emails, [click here to unsubscribe][5].</small>
request_access:
code: "Access Code"
instructions: "This site has restricted access, enter the access code below:"
enter: "Enter"
incorrect: "access code was incorrect"
system_messages:
site_password: "Also, the site password is `%{access_password}` if you need it."
post_hidden:
subject_template: "Post hidden due to community flagging"
text_body_template: |

9
config/locales/server.zh_CN.yml
View File

@ -439,7 +439,6 @@ zh_CN:
company_short_name: "运行本站点的公司短名,用于法律文档,例如服务条款 /tos"
company_domain: "运行本站点的公司域名,用于法律文档,例如服务条款 /tos"
api_key: "加密的应用开发接口密钥API key用于创建和更新主题。使用 /admin/api 来对它进行设置。"
access_password: "当启用访问限制时,必须填写此密码"
queue_jobs: "如果失败队列在排队,使用 Sidekiq 消息引擎对不同的工作排队"
crawl_images: "允许从第三方获取图片来插入宽、高数值"
ninja_edit_window: "在多少秒钟之内,对帖子的多次编辑不生成新版本"
@ -707,15 +706,7 @@ zh_CN:
<small>在每封你发送的邮件底部应该都有取消订阅的链接,让我们模拟一下。这封邮件发送自 中华人民共和国 北京市海淀区中关村南大街3号 海淀资本中心 14层 公司名称,邮编 100081。如果你不希望将来继续收到我们的邮件[点击此处取消订阅][5].</small>
request_access:
code: "访问码"
instructions: "本站点限制访问,请在下面输入访问码:"
enter: "进入"
incorrect: "访问码不正确"
system_messages:
site_password: "另外,如果你需要,此站点密码是 `%{access_password}`。"
post_hidden:
subject_template: "%{site_name} 提示:由于论坛用户举报,系统隐藏了你的帖子"
text_body_template: |

9
config/locales/server.zh_TW.yml
View File

@ -425,7 +425,6 @@ zh_TW:
company_short_name: "運行本站點的公司短名,用于法律文檔,例如服務條款 /tos"
company_domain: "運行本站點的公司域名,用于法律文檔,例如服務條款 /tos"
api_key: "加密的應用開發接口密鑰API key用于創建和更新主題。使用 /admin/api 來對它進行設置。"
access_password: "當啓用訪問限制時,必須填寫此密碼"
queue_jobs: "如果失敗隊列在排隊,使用 Sidekiq 消息引擎對不同的工作排隊"
crawl_images: "允許從第三方獲取圖片來插入寬、高數值"
ninja_edit_window: "在多少秒鍾之內,對帖子的多次編輯不生成新版本"
@ -693,15 +692,7 @@ zh_TW:
<small>在每封你發送的郵件底部應該都有取消訂閱的鏈接,讓我們模擬一下。這封郵件發送自 中華人民共和國 北京市海澱區中關村南大街3號 海澱資本中心 14層 公司名稱,郵編 100081。如果你不希望將來繼續收到我們的郵件[點擊此處取消訂閱][5].</small>
request_access:
code: "訪問碼"
instructions: "本站點限制訪問,請在下面輸入訪問碼:"
enter: "進入"
incorrect: "訪問碼不正確"
system_messages:
site_password: "另外,如果你需要,此站點密碼是 `%{access_password}`。"
post_hidden:
subject_template: "%{site_name} 提示:由于論壇用戶舉報,系統隱藏了你的帖子"
text_body_template: |

10
config/routes.rb
View File

@ -14,12 +14,7 @@ Discourse::Application.routes.draw do
mount Sidekiq::Web => '/sidekiq', constraints: AdminConstraint.new
resources :forums do
collection do
get 'request_access'
post 'request_access_submit'
end
end
resources :forums
get 'srv/status' => 'forums#status'
namespace :admin, constraints: StaffConstraint.new do
@ -233,9 +228,6 @@ Discourse::Application.routes.draw do
resources :invites
delete 'invites' => 'invites#destroy'
get 'request_access' => 'request_access#new'
post 'request_access' => 'request_access#create'
get 'onebox' => 'onebox#show'
get 'error' => 'forums#error'

15
db/migrate/20130625170842_remove_access_password.rb Normal file
View File

@ -0,0 +1,15 @@
class RemoveAccessPassword < ActiveRecord::Migration
def up
result = execute("SELECT count(*) FROM site_settings where name='access_password'")
if result[0] and result[0]["count"].to_i > 0
execute "DELETE FROM site_settings where name='access_password'"
SiteSetting.login_required = true
SiteSetting.must_approve_users = true
AdminDashboardData.report_access_password_removal rescue nil
end
end
def down
# Don't undo
end
end

3
lib/system_message.rb
View File

@ -24,9 +24,6 @@ class SystemMessage
params = defaults.merge(params)
if SiteSetting.access_password.present?
params[:site_password] = I18n.t('system_messages.site_password', access_password: SiteSetting.access_password)
end
title = I18n.t("system_messages.#{type}.subject_template", params)
raw_body = I18n.t("system_messages.#{type}.text_body_template", params)

18
spec/controllers/invites_controller_spec.rb
View File

@ -122,24 +122,6 @@ describe InvitesController do
end
context 'access_required' do
it "doesn't set a cookie for access if there is no access required" do
SiteSetting.stubs(:access_password).returns(nil)
Invite.any_instance.expects(:redeem).returns(user)
get :show, id: invite.invite_key
cookies[:_access].should be_blank
end
it "sets the cookie when access is required" do
SiteSetting.stubs(:access_password).returns('adventure time!')
Invite.any_instance.expects(:redeem).returns(user)
get :show, id: invite.invite_key
cookies[:_access].should == 'adventure time!'
end
end
end
end

56
spec/controllers/request_access_controller_spec.rb
View File

@ -1,56 +0,0 @@
require 'spec_helper'
describe RequestAccessController do
context '.new' do
it "sets a default return path" do
get :new
assigns(:return_path).should == "/"
end
it "assigns the return path we provide" do
get :new, return_path: '/asdf'
assigns(:return_path).should == "/asdf"
end
end
context '.create' do
context 'without an invalid password' do
before do
post :create, password: 'asdf'
end
it "adds a flash" do
flash[:error].should be_present
end
it "doesn't set the cookie" do
cookies[:_access].should be_blank
end
end
context 'with a valid password' do
before do
SiteSetting.stubs(:access_password).returns 'test password'
post :create, password: 'test password', return_path: '/the-path'
end
it 'creates the cookie' do
cookies[:_access].should == 'test password'
end
it 'redirects to the return path' do
response.should redirect_to('/the-path')
end
it 'sets no flash error' do
flash[:error].should be_blank
end
end
end
end

7
spec/controllers/robots_txt_controller_spec.rb
View File

@ -16,12 +16,5 @@ describe RobotsTxtController do
response.should render_template :no_index
end
it "serves noindex when in private mode regardless of the configuration" do
SiteSetting.stubs(:allow_index_in_robots_txt).returns(true)
SiteSetting.stubs(:access_password).returns('adventure time!')
get :index
response.should render_template :no_index
end
end
end