mirror of
https://github.com/discourse/discourse.git
synced 2024-11-29 12:13:58 -06:00
d9a02d1336
This reverts commit20780a1eee
. * SECURITY: re-adds accidentally reverted commit:03d26cd6
: ensure embed_url contains valid http(s) uri * when the merge commite62a85cf
was reverted, git chose the2660c2e2
parent to land on instead of the03d26cd6
parent (which contains security fixes)
33 lines
1.0 KiB
Ruby
33 lines
1.0 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
class AboutController < ApplicationController
|
|
|
|
requires_login only: [:live_post_counts]
|
|
|
|
skip_before_action :check_xhr, only: [:index]
|
|
|
|
def index
|
|
return redirect_to path('/login') if SiteSetting.login_required? && current_user.nil?
|
|
|
|
@about = About.new(current_user)
|
|
@title = "#{I18n.t("js.about.simple_title")} - #{SiteSetting.title}"
|
|
respond_to do |format|
|
|
format.html do
|
|
render :index
|
|
end
|
|
format.json do
|
|
render_json_dump(AboutSerializer.new(@about, scope: guardian))
|
|
end
|
|
end
|
|
end
|
|
|
|
def live_post_counts
|
|
RateLimiter.new(current_user, "live_post_counts", 1, 10.minutes).performed! unless current_user.staff?
|
|
category_topic_ids = Category.pluck(:topic_id).compact!
|
|
public_topics = Topic.listable_topics.visible.secured(Guardian.new(nil)).where.not(id: category_topic_ids)
|
|
stats = { public_topic_count: public_topics.count }
|
|
stats[:public_post_count] = public_topics.sum(:posts_count) - stats[:public_topic_count]
|
|
render json: stats
|
|
end
|
|
end
|