mirror of
https://github.com/discourse/discourse.git
synced 2026-03-04 01:15:08 +08:00
bccf4e0b53
The reasons for these changes is https://meta.discourse.org/t/-/89605 broke and admins were not able to log back in if they had previously enabled the "read only" mode. Thus ensued a deep dive into how all the "read only" modes worked, which was made difficult due to the lack of tests. The "cornerstone" of this PR is the `read_only_mixin.rb` file which was improved to be able to differentiate between the "readonly" mode and the "staff writes only" mode. I then made use of the `allow_in_readonly_mode` and `allow_in_staff_writes_only_mode` method to **explicitely** list all the actions that should work in those modes. I also added the "readonly" mixin to the `WebhooksController` since it doesn't inherit from the `ApplicationController`. I improved the security of the `/u/admin-login` endpoint by always sending the same message no matter if we found or not an admin account with the provided email address. I added two system specs: 1. for ensuring that admins can log in via /u/admin-lgoin and then clicking the link in the email they received while the site is in readonly mode. 2. for ensuring the "staff writes only mode" is _actually_ tested by ensuring a moderator can log in and create a topic while the site is in that mode. Plenty of specs were updated to ensure 100% converage of the various "read only" modes.
47 lines
1.6 KiB
Ruby
47 lines
1.6 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
RSpec.describe ForumsController do
|
|
describe "read only header" do
|
|
it "returns no read only header by default" do
|
|
get "/srv/status"
|
|
expect(response.status).to eq(200)
|
|
expect(response.headers["Discourse-Readonly"]).to eq(nil)
|
|
end
|
|
|
|
it "returns a readonly header if the site is read only" do
|
|
Discourse.received_postgres_readonly!
|
|
get "/srv/status"
|
|
expect(response.status).to eq(200)
|
|
expect(response.headers["Discourse-Readonly"]).to eq("true")
|
|
end
|
|
|
|
it "returns a readonly header if the site is in staff-writes-only mode" do
|
|
Discourse.enable_readonly_mode(Discourse::STAFF_WRITES_ONLY_MODE_KEY)
|
|
get "/srv/status"
|
|
expect(response.status).to eq(200)
|
|
expect(response.headers["Discourse-Readonly"]).to eq("true")
|
|
end
|
|
end
|
|
|
|
describe "cluster parameter" do
|
|
it "returns a 500 response if the cluster is not configured" do
|
|
get "/srv/status?cluster=abc"
|
|
expect(response.status).to eq(500)
|
|
expect(response.body).to include("not configured")
|
|
end
|
|
|
|
it "returns a 500 response if the cluster does not match" do
|
|
global_setting(:cluster_name, "mycluster")
|
|
get "/srv/status?cluster=abc"
|
|
expect(response.status).to eq(500)
|
|
expect(response.body).to include("not match")
|
|
end
|
|
|
|
it "returns a 200 response if the cluster does match" do
|
|
global_setting(:cluster_name, "mycluster")
|
|
get "/srv/status?cluster=mycluster"
|
|
expect(response.status).to eq(200)
|
|
expect(response.body).not_to include("not match")
|
|
end
|
|
end
|
|
end
|
