Files
discourse/app/controllers/about_controller.rb
Michael Brown d9a02d1336 Revert "Revert "Merge branch 'master' of https://github.com/discourse/discourse""
This reverts commit 20780a1eee.

* SECURITY: re-adds accidentally reverted commit:
  03d26cd6: ensure embed_url contains valid http(s) uri
* when the merge commit e62a85cf was reverted, git chose the 2660c2e2 parent to land on
  instead of the 03d26cd6 parent (which contains security fixes)
2020-05-23 00:56:13 -04:00

33 lines
1.0 KiB
Ruby

# frozen_string_literal: true
class AboutController < ApplicationController
requires_login only: [:live_post_counts]
skip_before_action :check_xhr, only: [:index]
def index
return redirect_to path('/login') if SiteSetting.login_required? && current_user.nil?
@about = About.new(current_user)
@title = "#{I18n.t("js.about.simple_title")} - #{SiteSetting.title}"
respond_to do |format|
format.html do
render :index
end
format.json do
render_json_dump(AboutSerializer.new(@about, scope: guardian))
end
end
end
def live_post_counts
RateLimiter.new(current_user, "live_post_counts", 1, 10.minutes).performed! unless current_user.staff?
category_topic_ids = Category.pluck(:topic_id).compact!
public_topics = Topic.listable_topics.visible.secured(Guardian.new(nil)).where.not(id: category_topic_ids)
stats = { public_topic_count: public_topics.count }
stats[:public_post_count] = public_topics.sum(:posts_count) - stats[:public_topic_count]
render json: stats
end
end