FEATURE: Add basic support for Safe Mode

In Safe Mode all JS extensions and site customizations are disabled. To access Safe Mode visit `sitename.org/safe-mode`
2025-02-25 18:55:32 -06:00 · 2016-11-21 16:46:02 +11:00 · 2016-11-21 16:46:02 +11:00 · e2c87da42a
commit e2c87da42a
parent 6397d935ce
9 changed files with 86 additions and 1 deletions
--- a/app/assets/javascripts/discourse/components/global-notice.js.es6
+++ b/app/assets/javascripts/discourse/components/global-notice.js.es6
@ -9,6 +9,10 @@ export default Ember.Component.extend(bufferedRender({
  buildBuffer(buffer) {
    let notices = [];
    if (this.session.get('safe_mode')) {
      notices.push([I18n.t("safe_mode.enabled"), 'safe-mode']);
    }
    if (this.site.get("isReadOnly")) {
      notices.push([I18n.t("read_only_mode.enabled"), 'alert-read-only']);
    }
--- a/app/controllers/safe_mode_controller.rb
+++ b/app/controllers/safe_mode_controller.rb
@ -0,0 +1,20 @@
 class SafeModeController < ApplicationController
  layout 'no_ember'
  skip_before_filter :preload_json, :check_xhr
  def index
  end
  def enter
    safe_mode = []
    safe_mode << "no_custom" if params["no_customizations"] == "true"
    safe_mode << "no_plugins" if params["no_plugins"] == "true"
    safe_mode << "only_official" if params["only_official"] == "true"
    if safe_mode.length > 0
      redirect_to path("/?safe_mode=#{safe_mode.join("%2C")}")
    else
      redirect_to :index
    end
  end
 end
--- a/app/helpers/application_helper.rb
+++ b/app/helpers/application_helper.rb
@ -241,7 +241,18 @@ module ApplicationHelper
  end
  def customization_disabled?
-    session[:disable_customization]
+    safe_mode = params["safe_mode"]
    session[:disable_customization] || (safe_mode && safe_mode.include?("no_custom"))
  end
  def allow_plugins?
    safe_mode = params["safe_mode"]
    !(safe_mode && safe_mode.include?("no_plugins"))
  end
  def allow_third_party_plugins?
    safe_mode = params["safe_mode"]
    !(safe_mode && (safe_mode.include?("no_plugins") || safe_mode.include?("only_official")))
  end
  def loading_admin?
--- a/app/views/common/_discourse_javascript.html.erb
+++ b/app/views/common/_discourse_javascript.html.erb
@ -52,6 +52,9 @@
    Discourse.start();
    Discourse.set('assetVersion','<%= Discourse.assets_digest %>');
    Discourse.Session.currentProp("disableCustomCSS", <%= loading_admin? %>);
    <%- if params["safe_mode"] %>
        Discourse.Session.currentProp("safe_mode", <%= params["safe_mode"].inspect.html_safe %>);
    <%- end %>
    Discourse.HighlightJSPath = <%= HighlightJs.path.inspect.html_safe %>;
    <%- if SiteSetting.enable_s3_uploads %>
      <%- if SiteSetting.s3_cdn_url.present? %>
--- a/app/views/layouts/application.html.erb
+++ b/app/views/layouts/application.html.erb
@ -28,8 +28,12 @@
    <%= script "vendor" %>
    <%= script "pretty-text-bundle" %>
    <%= script "application" %>
    <%- if allow_plugins? %>
    <%= script "plugin" %>
    <%- end %>
    <%- if allow_third_party_plugins? %>
    <%= script "plugin-third-party" %>
    <%- end %>
    <%- if staff? %>
      <script src="<%= Discourse.base_uri %>/extra-locales/admin"></script>
--- a/app/views/safe_mode/index.html.erb
+++ b/app/views/safe_mode/index.html.erb
@ -0,0 +1,29 @@
 <div class='container safe-mode'>
  <h2><%= t 'safe_mode.title'%></h2>
  <%= form_tag(safe_mode_enter_path) do %>
    <p>
      <%= t 'safe_mode.description' %>
    </p>
    <p>
    <label>
    <%= check_box_tag 'no_customizations', true, true %>
    <%= t 'safe_mode.no_customizations' %>
    </label>
    </p>
    <p>
    <label>
    <%= check_box_tag 'only_official', true, true %>
    <%= t 'safe_mode.only_official' %>
    </label>
    </p>
    <p>
    <label>
    <%= check_box_tag 'no_plugins', true, true %>
    <%= t 'safe_mode.no_plugins' %>
    </label>
    </p>
    <p>
      <%= submit_tag t('safe_mode.enter'), class: 'btn btn-danger' %>
    </p>
  <% end %>
 </div>
--- a/config/locales/client.en.yml
+++ b/config/locales/client.en.yml
@ -2308,6 +2308,10 @@ en:
      custom_message_template_forum: "Hey, you should join this forum!"
      custom_message_template_topic: "Hey, I thought you might enjoy this topic!"
    safe_mode:
      enabled: "Safe mode is enabled, to exit safe mode close this browser window"
  # This section is exported to the javascript for i18n in the admin section
  admin_js:
    type_to_filter: "type to filter..."
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@ -3222,6 +3222,13 @@ en:
      title: "Resend Activation Email"
      message: "<p>We've re-sent the activation email to <b>%{email}</b>"
  safe_mode:
    title: "Enter safe mode"
    description: "Safe mode allows you to test your site without loading plugins or site customizations."
    no_customizations: "Disable all site customizations"
    only_official: "Disable unofficial plugins"
    no_plugins: "Disable all plugins"
    enter: "Enter Safe Mode"
  wizard:
    title: "Discourse Setup"
    step:
--- a/config/routes.rb
+++ b/config/routes.rb
@ -699,6 +699,9 @@ Discourse::Application.routes.draw do
  post "/user-api-key/revoke" => "user_api_keys#revoke"
  post "/user-api-key/undo-revoke" => "user_api_keys#undo_revoke"
  get "/safe-mode" => "safe_mode#index"
  post "/safe-mode" => "safe_mode#enter", as: "safe_mode_enter"
  get "*url", to: 'permalinks#show', constraints: PermalinkConstraint.new
 end