github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-22 16:34:31 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: Don't rate limit admin and staff constraints when matching routes.

Browse Source 
* When an error is raised when checking route constraints, we
  can only return true/false which either lets the request
  through or return a 404 error. Therefore, we just skip
  rate limiting here and let the controller handle the
  rate limiting.
This commit is contained in:
Guo Xiang Tan
2018-09-04 13:52:58 +08:00
parent edbcc992d4
commit 651b50b1a1
4 changed files with 36 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
lib/staff_constraint.rb
View File

@ -3,7 +3,8 @@ require_dependency 'current_user'
class StaffConstraint
def matches?(request)
provider = Discourse.current_user_provider.new(request.env)
provider = Discourse.current_user_provider.new(request.env, rate_limit: false)
provider.current_user &&
provider.current_user.staff? &&
custom_staff_check(request)