Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

FIX: Only block local edits for git-sourced themes (#11450) 

Themes uploaded as zip files are given a row in the `remote_themes` table to store metadata, even though they are not truly remote.
This commit is contained in:
David Taylor 2020-12-09 19:41:42 +00:00 committed by GitHub
parent 0116897ac9
commit d1d37473d4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 20 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/assets/javascripts/admin/addon/routes/admin-customize-themes-edit.js
View File

@ -28,7 +28,7 @@ export default Route.extend({
const fields = wrapper.model const fields = wrapper.model
.get("fields") .get("fields")
[wrapper.target].map((f) => f.name); [wrapper.target].map((f) => f.name);
if (wrapper.model.remote_theme) { if (wrapper.model.remote_theme && wrapper.model.remote_theme.is_git) {
this.transitionTo("adminCustomizeThemes.index"); this.transitionTo("adminCustomizeThemes.index");
return; return;
} }

2
app/assets/javascripts/admin/addon/templates/customize-themes-show.hbs
View File

@ -201,7 +201,7 @@
{{/d-section}} {{/d-section}}
{{/if}} {{/if}}
{{#unless model.remote_theme}} {{#unless model.remote_theme.is_git}}
<div class="control-unit"> <div class="control-unit">
<div class="mini-title">{{i18n "admin.customize.theme.css_html"}}</div> <div class="mini-title">{{i18n "admin.customize.theme.css_html"}}</div>
{{#if model.hasEditedFields}} {{#if model.hasEditedFields}}

2
app/controllers/admin/themes_controller.rb
View File

@ -291,7 +291,7 @@ class Admin::ThemesController < Admin::AdminController
end end
def ban_for_remote_theme! def ban_for_remote_theme!
raise Discourse::InvalidAccess if @theme.remote_theme raise Discourse::InvalidAccess if @theme.remote_theme&.is_git?
end end
def add_relative_themes!(kind, ids) def add_relative_themes!(kind, ids)

18
spec/requests/admin/themes_controller_spec.rb
View File

@ -378,7 +378,7 @@ describe Admin::ThemesController do
theme: { theme: {
theme_fields: [ theme_fields: [
{ name: 'scss', target: 'common', value: '' }, { name: 'scss', target: 'common', value: '' },
{ name: 'test', target: 'common', value: 'filename.jpg', upload_id: 4 } { name: 'header', target: 'common', value: 'filename.jpg', upload_id: 4 }
] ]
} }
} }
@ -386,6 +386,22 @@ describe Admin::ThemesController do
expect(response.status).to eq(403) expect(response.status).to eq(403)
end end
it 'allows zip-imported theme fields to be locally edited' do
r = RemoteTheme.create!(remote_url: "")
theme.update!(remote_theme_id: r.id)
put "/admin/themes/#{theme.id}.json", params: {
theme: {
theme_fields: [
{ name: 'scss', target: 'common', value: '' },
{ name: 'header', target: 'common', value: 'filename.jpg', upload_id: 4 }
]
}
}
expect(response.status).to eq(200)
end
it 'updates a child theme' do it 'updates a child theme' do
child_theme = Fabricate(:theme, component: true) child_theme = Fabricate(:theme, component: true)
put "/admin/themes/#{child_theme.id}.json", params: { put "/admin/themes/#{child_theme.id}.json", params: {