mirror of
https://gh.wpcy.net/https://github.com/discourse/discourse.git
synced 2026-06-18 23:39:11 +08:00
44bac11628
## Summary Prevent the exposure of raw Data Explorer SQL to non-admin group members when viewing report details. The sql attribute is now correctly gated to administrators within the query details serializer. ## Source - Patch Triage: https://patch.discourse.org/patch-triage/1290 - Affected file: https://github.com/discourse/discourse/blob/main/plugins/discourse-data-explorer/app/serializers/discourse_data_explorer/query_details_serializer.rb --- 🤖 Auto-generated from the patch diff via Patch Triage. Review carefully before merging. Co-authored-by: discourse-patch-triage <272280883+discourse-patch-triage[bot]@users.noreply.github.com> |
||
|---|---|---|
| .. | ||
| admin/assets/javascripts/admin | ||
| app | ||
| assets | ||
| config | ||
| db/migrate | ||
| lib | ||
| spec | ||
| test/javascripts | ||
| package.json | ||
| plugin.rb | ||
| README.md | ||
| tsconfig.json | ||
Data Explorer Plugin
This plugin allows admins to run SQL queries against the live Discourse database, including parameterized queries and formatting for several common column types.
For more information, please see: https://meta.discourse.org/t/data-explorer-plugin/32566
