Discource-C
/
discourse
mirror of https://github.com/discourse/discourse.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
discourse/spec/lib
History
Penar Musaraj 102909edb3 FEATURE: Add support for secure media (#7888) 
This PR introduces a new secure media setting. When enabled, it prevent unathorized access to media uploads (files of type image, video and audio). When the `login_required` setting is enabled, then all media uploads will be protected from unauthorized (anonymous) access. When `login_required`is disabled, only media in private messages will be protected from unauthorized access. 

A few notes: 

- the `prevent_anons_from_downloading_files` setting no longer applies to audio and video uploads
- the `secure_media` setting can only be enabled if S3 uploads are already enabled and configured
- upload records have a new column, `secure`, which is a boolean `true/false` of the upload's secure status
- when creating a public post with an upload that has already been uploaded and is marked as secure, the post creator will raise an error
- when enabling or disabling the setting on a site with existing uploads, the rake task `uploads:ensure_correct_acl` should be used to update all uploads' secure status and their ACL on S3
 		2019-11-18 11:25:42 +10:00
..
backup_restore FIX: tweak restorer spec to make it stableish (#8300) 2019-11-06 17:05:33 +11:00
compression DEV: Split max decompressed setting for themes and backups (#8179) 2019-10-11 14:38:10 -03:00
content_security_policy FEATURE: allow plugins and themes to extend the default CSP (#6704) 2018-11-30 09:51:45 -05:00
i18n FIX: English locale must not fall back to any other locale 2019-06-07 21:53:01 +02:00
seed_data DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
site_settings Block enabling force 2FA if local logins disabled & vice-versa (#8355) 2019-11-15 17:05:10 +11:00
webauthn DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
browser_detection_spec.rb FIX: Detect DiscourseHub user agent. 2019-08-09 11:58:15 +03:00
content_security_policy_spec.rb FIX: Cleanup DiscoursePluginRegistry state after tests that use it 2019-09-20 13:32:54 +01:00
db_helper_spec.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
encodings_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
introduction_updater_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
mini_sql_multisite_connection_spec.rb DEV: use #frozen_string_literal: true on all spec 2019-04-30 10:27:42 +10:00
search_spec.rb FIX: skip invalid URLs when checking for audio/video in search blurbs 2019-11-06 10:32:15 -05:00
theme_javascript_compiler_spec.rb DEV: Upgrading Discourse to Zeitwerk (#8098) 2019-10-02 14:01:53 +10:00
upload_creator_spec.rb FEATURE: Add support for secure media (#7888) 2019-11-18 11:25:42 +10:00
upload_recovery_spec.rb DEV: disable all upload recovery specs 2019-11-11 16:04:18 +11:00