DEV: New readonly mode. Only applies to non-staff (#16243)

2025-02-25 18:55:32 -06:00 · 2022-05-17 13:06:08 -05:00
parent 985afe1092
commit 6e53f4d913
14 changed files with 228 additions and 27 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -8,7 +8,7 @@ class ApplicationController < ActionController::Base
  include JsonError
  include GlobalPath
  include Hijack
-  include ReadOnlyHeader
+  include ReadOnlyMixin
  include VaryHeader

  attr_reader :theme_id
@@ -631,6 +631,7 @@ class ApplicationController < ActionController::Base
    store_preloaded("banner", banner_json)
    store_preloaded("customEmoji", custom_emoji)
    store_preloaded("isReadOnly", @readonly_mode.to_s)
+    store_preloaded("isStaffWritesOnly", @staff_writes_only_mode.to_s)
    store_preloaded("activatedThemes", activated_themes_json)
  end

@@ -876,11 +877,6 @@ class ApplicationController < ActionController::Base
    !disqualified_from_2fa_enforcement && enforcing_2fa && !current_user.has_any_second_factor_methods_enabled?
  end

-  def block_if_readonly_mode
-    return if request.fullpath.start_with?(path "/admin/backups")
-    raise Discourse::ReadOnly.new if !(request.get? || request.head?) && @readonly_mode
-  end
-
  def build_not_found_page(opts = {})
    if SiteSetting.bootstrap_error_pages?
      preload_json
--- a/app/controllers/forums_controller.rb
+++ b/app/controllers/forums_controller.rb
@@ -1,9 +1,9 @@
 # frozen_string_literal: true

-require "read_only_header"
+require "read_only_mixin"

 class ForumsController < ActionController::Base
-  include ReadOnlyHeader
+  include ReadOnlyMixin

  before_action :check_readonly_mode
  after_action  :add_readonly_header
--- a/app/controllers/session_controller.rb
+++ b/app/controllers/session_controller.rb
@@ -10,6 +10,8 @@ class SessionController < ApplicationController

  requires_login only: [:second_factor_auth_show, :second_factor_auth_perform]

+  allow_in_staff_writes_only_mode :create
+
  ACTIVATE_USER_KEY = "activate_user"

  def csrf
@@ -116,7 +118,7 @@ class SessionController < ApplicationController

  def sso_login
    raise Discourse::NotFound unless SiteSetting.enable_discourse_connect
-    raise Discourse::ReadOnly if @readonly_mode
+    raise Discourse::ReadOnly if @readonly_mode && !staff_writes_only_mode?

    params.require(:sso)
    params.require(:sig)
@@ -147,6 +149,7 @@ class SessionController < ApplicationController
      invite = validate_invitiation!(sso)

      if user = sso.lookup_or_create_user(request.remote_ip)
+        raise Discourse::ReadOnly if staff_writes_only_mode? && !user&.staff?

        if user.suspended?
          render_sso_error(text: failed_to_login(user)[:error], status: 403)
@@ -270,6 +273,9 @@ class SessionController < ApplicationController
    return invalid_credentials if params[:password].length > User.max_password_length

    user = User.find_by_username_or_email(normalized_login_param)
+
+    raise Discourse::ReadOnly if staff_writes_only_mode? && !user&.staff?
+
    rate_limit_second_factor!(user)

    if user.present?
@@ -303,7 +309,11 @@ class SessionController < ApplicationController
      return render(json: @second_factor_failure_payload)
    end

-    (user.active && user.email_confirmed?) ? login(user, second_factor_auth_result) : not_activated(user)
+    if user.active && user.email_confirmed?
+      login(user, second_factor_auth_result)
+    else
+      not_activated(user)
+    end
  end

  def email_login_info
--- a/app/controllers/users/omniauth_callbacks_controller.rb
+++ b/app/controllers/users/omniauth_callbacks_controller.rb
@@ -14,6 +14,8 @@ class Users::OmniauthCallbacksController < ApplicationController
  # will not have a CSRF token, however the payload is all validated so its safe
  skip_before_action :verify_authenticity_token, only: :complete

+  allow_in_staff_writes_only_mode :complete
+
  def confirm_request
    self.class.find_authenticator(params[:provider])
    render locals: { hide_auth_buttons: true }
@@ -22,7 +24,7 @@ class Users::OmniauthCallbacksController < ApplicationController
  def complete
    auth = request.env["omniauth.auth"]
    raise Discourse::NotFound unless request.env["omniauth.auth"]
-    raise Discourse::ReadOnly if @readonly_mode
+    raise Discourse::ReadOnly if @readonly_mode && !staff_writes_only_mode?

    auth[:session] = session

@@ -71,6 +73,8 @@ class Users::OmniauthCallbacksController < ApplicationController

    return render_auth_result_failure if @auth_result.failed?

+    raise Discourse::ReadOnly if staff_writes_only_mode? && !@auth_result.user&.staff?
+
    complete_response_data

    return render_auth_result_failure if @auth_result.failed?
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -51,6 +51,8 @@ class UsersController < ApplicationController

  after_action :add_noindex_header, only: [:show, :my_redirect]

+  allow_in_staff_writes_only_mode :admin_login
+
  MAX_RECENT_SEARCHES = 5

  def index