github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-22 04:41:25 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: Remove plugin.enabled? checks at initialization time (#6166)

Browse Source 
Checking `plugin.enabled?` while initializing plugins causes issues in two ways:
  - An application restart is required for changes to take effect. A load-balanced multi-server environment could behave very weirdly if containers restart at different times.
  - In a multisite environment, it takes the `enabled?` setting from the default site. Changes on that site affect all other sites in the cluster.

Instead, `plugin.enabled?` should be checked at runtime, in the context of a request. This commit removes `plugin.enabled?` from many `instance.rb` methods.

I have added a working `plugin.enabled?` implementation for methods that actually affect security/functionality:
  - `post_custom_fields_whitelist`
  - `whitelist_staff_user_custom_field`
  - `add_permitted_post_create_param`
This commit is contained in:
David Taylor
2018-07-25 16:44:09 +01:00
committed by GitHub
parent f38942d121
commit 0d0d78841b
3 changed files with 30 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/controllers/posts_controller.rb
View File

@ -615,8 +615,8 @@ class PostsController < ApplicationController
:visible
]
if Post.permitted_create_params.present?
permitted.concat(Post.permitted_create_params.to_a)
Post.plugin_permitted_create_params.each do |key, plugin|
permitted << key if plugin.enabled?
end
# param munging for WordPress