diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index edd3efd45f7..7a2e95c6047 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -16,7 +16,6 @@ class ApplicationController < ActionController::Base before_filter :inject_preview_style before_filter :block_if_maintenance_mode - before_filter :check_restricted_access before_filter :authorize_mini_profiler before_filter :store_incoming_links before_filter :preload_json @@ -155,9 +154,6 @@ class ApplicationController < ActionController::Base # Don't cache logged in users return false if current_user.present? - # Don't cache if there's restricted access - return false if SiteSetting.access_password.present? - true end @@ -236,16 +232,6 @@ class ApplicationController < ActionController::Base end end - def check_restricted_access - # note current_user is defined in the CurrentUser mixin - if SiteSetting.access_password.present? && cookies[:_access] != SiteSetting.access_password - unless api_key_valid? - redirect_to request_access_path(return_path: request.fullpath) - return false - end - end - end - def mini_profiler_enabled? defined?(Rack::MiniProfiler) && current_user.try(:admin?) end diff --git a/app/controllers/forums_controller.rb b/app/controllers/forums_controller.rb index 3f5f601a6f2..55545fdcea5 100644 --- a/app/controllers/forums_controller.rb +++ b/app/controllers/forums_controller.rb @@ -1,7 +1,6 @@ class ForumsController < ApplicationController - skip_before_filter :check_xhr, only: [:request_access, :request_access_submit, :status] - skip_before_filter :check_restricted_access, only: [:status] + skip_before_filter :check_xhr, only: [:status] skip_before_filter :authorize_mini_profiler, only: [:status] skip_before_filter :redirect_to_login_if_required, only: [:status] diff --git a/app/controllers/invites_controller.rb b/app/controllers/invites_controller.rb index 2afccf1609d..c0e9744a85c 100644 --- a/app/controllers/invites_controller.rb +++ b/app/controllers/invites_controller.rb @@ -1,6 +1,6 @@ class InvitesController < ApplicationController - skip_before_filter :check_xhr, :check_restricted_access + skip_before_filter :check_xhr skip_before_filter :redirect_to_login_if_required before_filter :ensure_logged_in, only: [:destroy] @@ -16,9 +16,6 @@ class InvitesController < ApplicationController # Send a welcome message if required user.enqueue_welcome_message('welcome_invite') if user.send_welcome_message - # We skip the access password if we come in via an invite link - cookies.permanent['_access'] = SiteSetting.access_password if SiteSetting.access_password.present? - topic = invite.topics.first if topic.present? redirect_to "#{Discourse.base_uri}#{topic.relative_url}" diff --git a/app/controllers/request_access_controller.rb b/app/controllers/request_access_controller.rb deleted file mode 100644 index 1728715edeb..00000000000 --- a/app/controllers/request_access_controller.rb +++ /dev/null @@ -1,22 +0,0 @@ -class RequestAccessController < ApplicationController - - skip_before_filter :check_xhr, :check_restricted_access - - def new - @return_path = params[:return_path] || "/" - render layout: 'no_js' - end - - def create - @return_path = params[:return_path] || "/" - - if params[:password] == SiteSetting.access_password - cookies.permanent['_access'] = SiteSetting.access_password - redirect_to @return_path - else - flash[:error] = I18n.t(:'request_access.incorrect') - render :new, layout: 'no_js' - end - end - -end diff --git a/app/controllers/robots_txt_controller.rb b/app/controllers/robots_txt_controller.rb index a485528fd1e..bb6cc9631c9 100644 --- a/app/controllers/robots_txt_controller.rb +++ b/app/controllers/robots_txt_controller.rb @@ -1,10 +1,9 @@ class RobotsTxtController < ApplicationController layout false skip_before_filter :check_xhr - skip_before_filter :check_restricted_access def index - path = if SiteSetting.allow_index_in_robots_txt && SiteSetting.access_password.blank? + path = if SiteSetting.allow_index_in_robots_txt :index else :no_index diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 8dc2bb7ba4a..540ff2b1724 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -5,7 +5,6 @@ class UsersController < ApplicationController skip_before_filter :check_xhr, only: [:show, :password_reset, :update, :activate_account, :avatar, :authorize_email, :user_preferences_redirect] skip_before_filter :authorize_mini_profiler, only: [:avatar] - skip_before_filter :check_restricted_access, only: [:avatar] before_filter :ensure_logged_in, only: [:username, :update, :change_email, :user_preferences_redirect] diff --git a/app/models/admin_dashboard_data.rb b/app/models/admin_dashboard_data.rb index 79b9425bd70..c1eeeab3eb7 100644 --- a/app/models/admin_dashboard_data.rb +++ b/app/models/admin_dashboard_data.rb @@ -35,7 +35,8 @@ class AdminDashboardData default_logo_check, contact_email_check, send_consumer_email_check, - title_check ].compact + title_check, + access_password_removal ].compact end def self.fetch_all @@ -136,4 +137,22 @@ class AdminDashboardData I18n.t('dashboard.consumer_email_warning') if Rails.env == 'production' and ActionMailer::Base.smtp_settings[:address] =~ /gmail\.com|live\.com|yahoo\.com/ end + + # TODO: generalize this method of putting i18n keys with expiry in redis + # that should be reported on the admin dashboard: + def access_password_removal + if i18n_key = $redis.get(AdminDashboardData.access_password_removal_key) + I18n.t(i18n_key) + end + end + def self.report_access_password_removal + $redis.setex access_password_removal_key, 172_800, 'dashboard.access_password_removal' + end + + private + + def self.access_password_removal_key + 'dash-data:access_password_removal' + end + end diff --git a/app/models/site_setting.rb b/app/models/site_setting.rb index 01be118cb9f..2debba0719d 100644 --- a/app/models/site_setting.rb +++ b/app/models/site_setting.rb @@ -67,7 +67,6 @@ class SiteSetting < ActiveRecord::Base setting(:port, Rails.env.development? ? 3000 : '') setting(:enable_private_messages, true) setting(:use_ssl, false) - setting(:access_password) setting(:queue_jobs, !Rails.env.test?) setting(:crawl_images, !Rails.env.test?) setting(:max_image_width, 690) diff --git a/app/views/request_access/new.html.erb b/app/views/request_access/new.html.erb deleted file mode 100644 index e6965c186c6..00000000000 --- a/app/views/request_access/new.html.erb +++ /dev/null @@ -1,21 +0,0 @@ -
-

<%= t :'request_access.code' %>

- -

<%= t :'request_access.instructions' %>

- - <%- if flash[:error].present? %> -
- <%= flash[:error] %> -
- <% end %> - - <%= form_tag do |f| %> - <%= hidden_field_tag :return_path, @return_path %> - <%= password_field_tag :password, @password %> - <%= submit_tag t(:'request_access.enter'), class: 'btn' %> - <% end %> -
- - diff --git a/config/locales/server.cs.yml b/config/locales/server.cs.yml index 63ba1201d7e..00cd3770872 100644 --- a/config/locales/server.cs.yml +++ b/config/locales/server.cs.yml @@ -469,7 +469,6 @@ cs: company_short_name: "Krátké jméno společnosti, která provozuje tento web, používá se v dokumentech jako je /tos" company_domain: "Doménové jméno vlastněné společností, která provozuje tento web, používá se v dokumentech jako je /tos" api_key: "Zabezpečený API klíč, který se používá pro vytváření a aktualizaci témat, použijte sekci /admin/api k nastavení" - access_password: "Restrict_access je nastaveno, ujistěte se, že je zde nastaveno heslo" queue_jobs: "Zařazovat úlohy do fronty v sidekiq, není-li nastaveno, jsou úlohy vyřizovány okamžitě" crawl_images: "Povolit získávání obrázků z webů třetích stran" ninja_edit_window: "Jak rychle smíte udělat změnu, aniž by se uložila jako nová verze" @@ -764,15 +763,7 @@ cs: V každém emailu, který zasíláte, by měl být odkaz na odhlášení příjmu emailů, tak tady je taky takový. Tento email vám zaslala Velká Společnost s.r.o., Hlavní ul. 1337, Kotěhůlky, Česká republika. Pokud již od nás nechcete dostávat další emaily, [klikněte sem pro odhlášení][5]. - request_access: - code: "Přístupový kód" - instructions: "Tento web má omezený přístup, zadejte prosím přístupový kód:" - enter: "Vstoupit" - incorrect: "přístupový kód je neplatný" - system_messages: - site_password: "Mimochodem, přístupový kód na tento web je `%{access_password}`, pokud ho budete potřebovat." - post_hidden: subject_template: "%{site_name} Oznámení: Příspěvek skryt kvůli hlášením od komunity" text_body_template: | diff --git a/config/locales/server.da.yml b/config/locales/server.da.yml index b7d1f2fca4d..7aad038503a 100644 --- a/config/locales/server.da.yml +++ b/config/locales/server.da.yml @@ -306,7 +306,6 @@ da: company_full_name: "The full name of the company that runs this site, used in legal documents like the /tos" company_short_name: "The short name of the company that runs this site, used in legal documents like the /tos" company_domain: "The domain name owned by the company that runs this site, used in legal documents like the /tos" - access_password: "When restricted access is enabled, this password must be entered" queue_jobs: "Queue various jobs in sidekiq, if false queues are inline" crawl_images: "Enable retrieving images from third party sources to insert width and height dimensions" ninja_edit_window: "Number of seconds after posting where edits do not create a new version" @@ -564,15 +563,7 @@ da: There should be an unsubscribe footer on every email you send, so let's mock one up. This email was sent by Name of Company, 55 Main Street, Anytown, USA 12345. If you would like to opt out of future emails, [click here to unsubscribe][5]. - request_access: - code: "Adgangskode" - instructions: "Dette site har begrænset adgang. Skriv adgangskoden herunder:" - enter: "Log ind" - incorrect: "adgangskoden var forkert" - system_messages: - site_password: "I øvrigt, kodeordet til sitet er `%{access_password}` hvis du skal bruge det." - post_hidden: subject_template: "%{site_name} Notice: Posting Hidden due to Community Flagging" text_body_template: | diff --git a/config/locales/server.de.yml b/config/locales/server.de.yml index 501ec75bab6..04af0aa94a6 100644 --- a/config/locales/server.de.yml +++ b/config/locales/server.de.yml @@ -439,7 +439,6 @@ de: company_short_name: "Kurzname des Unternehmens, das diese Seite betreibt. Wird in rechtlich relevanten Dokumenten wie den Nutzungsbestimmungen (/tos) verwendet." company_domain: "Domainname des Unternehmens, das diese Seite betreibt. Wird in rechtlich relevanten Dokumenten wie den Nutzungsbestimmungen (/tos) verwendet." api_key: "Sicherer API-Schlüssel, um Themen zu erstellen und zu aktualisieren. Benutze /admin/api, um ihn einzurichten." - access_password: "Passwort, dass eingegeben werden muss, wenn diese Seite zugangsbeschränkt ist." queue_jobs: "Benutze die Sidekiq-Queue, falls falsche Queues inline sind." crawl_images: "Lade Bilder von Dritten herunter, um ihre Höhe und Breite zu bestimmen." ninja_edit_window: "Sekunden nach Empfang eines Beitrag, in denen Bearbeitungen nicht als neue Version gelten." @@ -731,15 +730,7 @@ de: Am Fuß jeder Mail, die Du verschickst, sollte eine Möglichkeit zum Abbestellen gegeben werden. Hier ein Beispiel: Diese Mail wurde von Unternehmensname, Hauptstraße 55, 12345 Stadtname, Deutschland, versendet. Wenn Du zukünftig keine weiteren Mail erhalten möchtest, [klicke hier, um dich abzumelden][5]. - request_access: - code: "Zugangscode" - instructions: "Der Zugang zu dieser Seite ist beschränkt. Geben Sie unten den Zugangscode ein:" - enter: "Eintreten" - incorrect: "Zugangscode falsch" - system_messages: - site_password: "Das Seitenpasswort ist `%{access_password}`, falls Du es benötigst." - post_hidden: subject_template: "Beitrag wegen Meldungen aus der Community versteckt" text_body_template: | diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml index 3e67a324c71..ec1e0bd6a11 100644 --- a/config/locales/server.en.yml +++ b/config/locales/server.en.yml @@ -393,6 +393,7 @@ en: contact_email_invalid: "The site contact email is invalid. Please update contact_email in the Site Settings." title_nag: "The title Site Setting is still set to the default value. Please update it with your site's title in the Site Settings." consumer_email_warning: "Your site is configured to use Gmail (or another consumer email service) to send email. Gmail limits how many emails you can send. Consider using an email service provider like mandrill.com to ensure email deliverability." + access_password_removal: "Your site was using the access_password setting, which has been removed. The login_required and must_approve_users settings have been enabled, which should be used instead. You can change them in the Site Settings. Be sure to approve users in the Pending Users list. (This message will go away after 2 days.)" content_types: education_new_reply: @@ -444,7 +445,6 @@ en: company_short_name: "The short name of the company that runs this site, used in legal documents like the /tos" company_domain: "The domain name owned by the company that runs this site, used in legal documents like the /tos" api_key: "The secure API key used to create and update topics, use the /admin/api section to set it up" - access_password: "When restricted access is enabled, this password must be entered" queue_jobs: "Queue various jobs in sidekiq, if false queues are inline" crawl_images: "Enable retrieving images from third party sources to insert width and height dimensions" ninja_edit_window: "Number of seconds after posting where edits do not create a new version" @@ -751,15 +751,7 @@ en: There should be an unsubscribe footer on every email you send, so let's mock one up. This email was sent by Name of Company, 55 Main Street, Anytown, USA 12345. If you would like to opt out of future emails, [click here to unsubscribe][5]. - request_access: - code: "Access Code" - instructions: "This site has restricted access, enter the access code below:" - enter: "Enter" - incorrect: "access code was incorrect" - system_messages: - site_password: "Also, the site password is `%{access_password}` if you need it." - post_hidden: subject_template: "Post hidden due to community flagging" text_body_template: | diff --git a/config/locales/server.es.yml b/config/locales/server.es.yml index e95105b5ff2..7f75874964a 100644 --- a/config/locales/server.es.yml +++ b/config/locales/server.es.yml @@ -294,7 +294,6 @@ es: company_full_name: "Nombre completo de la compañía que maneja el sitio, usado en documetnso legales como el /tos" company_short_name: "El nombre corto de la compañía que maneja el sitio, usado en documentos legales como el /tos" company_domain: "Dominio poseido por la compañía que maneja el sitio, usado en documentos legales como el /tos" - access_password: "Cuando el acceso restringido sea activado, habrá que introducir esta contraseña" queue_jobs: "Encolar varios trabajos en sidekiq, si es falso las colas serán en linea" crawl_images: "Activar obtener imágenes de origines third party para insertar las dimensiones de ancho y alto" ninja_edit_window: "Número de segundos after postear donde las ediciones no causan una nueva versión" @@ -547,15 +546,7 @@ es: There should be an unsubscribe footer on every email you send, so let's mock one up. This email was sent by Name of Company, 55 Main Street, Anytown, USA 12345. If you would like to opt out of future emails, [click here to unsubscribe][5]. - request_access: - code: "Código de acceso" - instructions: "Este sitio tiene acceso restringido, introduce el código de acceso debajo:" - enter: "Entrar" - incorrect: "el código de acceso es incorrecto" - system_messages: - site_password: "También, el password del sitio es `%{access_password}` si lo necesitas." - post_hidden: subject_template: "%{site_name} Advertencia: Posting oculto debido al Community Flagging" text_body_template: | diff --git a/config/locales/server.fr.yml b/config/locales/server.fr.yml index 5b86c144b19..46cf4d5f08c 100644 --- a/config/locales/server.fr.yml +++ b/config/locales/server.fr.yml @@ -438,7 +438,6 @@ fr: company_short_name: "Le nom de la société qui gère ce site (utilisé dans les documents légaux, tels que /tos)" company_domain: "Le nom de domaine de la société qui gère ce site (utilisé dans les documents légaux, tels que /tos)" api_key: "La clé API sécurisé à utiliser pour créer et mettre à jour des discussions. Utilisez la section /admin/api pour la configurer." - access_password: "Si l'accès restreint est activé, assurez-vous que le mot de passe soit saisi ici." queue_jobs: "mettre les différents jobs en attente sur différentes queues, si false les queues sont en file" crawl_images: "permettre la récupération des images provenant de sources tierces" ninja_edit_window: "temps d'édition avant de sauvegarder une nouvelle version, en secondes." @@ -715,15 +714,7 @@ fr: Il devrait toujours y avoir un lien de déinscription dans le pied de page d'un mail. Donc en voici-un. Ce mail a été envoyé par Nom de la Société, 55 Main Street, Anytown, USA 12345. Si vous ne voulez plus recevoir nos e-mails, [cliquez ici pour vous désinscrire][5]. - request_access: - code: "Code d'accès" - instructions: "Ce site possède une zone restreinte, vous devez saisir le code d'accès pour entrer." - enter: "Entrer" - incorrect: "Le code d''accès est incorrect." - system_messages: - site_password: "Si vous en avez besoin, le mot de passe du site est `%{access_password}`." - post_hidden: subject_template: "%{site_name} Notice: Message caché suite à un signalement par la communauté" text_body_template: | diff --git a/config/locales/server.id.yml b/config/locales/server.id.yml index f1cbb0dbb4e..081c15a9fee 100644 --- a/config/locales/server.id.yml +++ b/config/locales/server.id.yml @@ -305,7 +305,6 @@ id: company_full_name: "The full name of the company that runs this site, used in legal documents like the /tos" company_short_name: "The short name of the company that runs this site, used in legal documents like the /tos" company_domain: "The domain name owned by the company that runs this site, used in legal documents like the /tos" - access_password: "When restricted access is enabled, this password must be entered" queue_jobs: "Queue various jobs in sidekiq, if false queues are inline" crawl_images: "Enable retrieving images from third party sources to insert width and height dimensions" ninja_edit_window: "Number of seconds after posting where edits do not create a new version" @@ -566,15 +565,7 @@ id: There should be an unsubscribe footer on every email you send, so let's mock one up. This email was sent by Name of Company, 55 Main Street, Anytown, USA 12345. If you would like to opt out of future emails, [click here to unsubscribe][5]. - request_access: - code: "Access Code" - instructions: "This site has restricted access, enter the access code below:" - enter: "Enter" - incorrect: "access code was incorrect" - system_messages: - site_password: "Also, the site password is `%{access_password}` if you need it." - post_hidden: subject_template: "Post hidden due to community flagging" text_body_template: | diff --git a/config/locales/server.it.yml b/config/locales/server.it.yml index 6eccf037635..55d95ecef14 100644 --- a/config/locales/server.it.yml +++ b/config/locales/server.it.yml @@ -425,7 +425,6 @@ it: company_short_name: "Il nome abbreviato di chi gestisce il sito, usato in documenti legali come /tos" company_domain: "Il dominio di chi gestisce il sito, usato in documenti legali come /tos" api_key: "La chiave API segreta usata per creare e aggiornare topic, usa la sezione /admin/api per impostarla" - access_password: "Quando è attivo l'accesso limitato, questa password dev'essere inserita" queue_jobs: "Metti in coda diversi job in sidekiq, se false le code sono inline" crawl_images: "Abilita la ricezione di immagini da sorgenti terze parti" ninja_edit_window: "Numero di secondi trascorsi affinché una modifica del post appena inviato, non venga considerata come nuova revisione" @@ -695,15 +694,7 @@ it: Dovrebbe esserci la possibilità di cancellare la sottoscrizione in ogni email che mandi, ipotizziamo un possibile footer. Questa email è stata mandata da Nome Azienda, piazza La Bomba e scappa, California, ITALIA 12345. Se non vuoi più ricevere email in futuro, [clicca per cancellarti][5]. - request_access: - code: "Codice di accesso" - instructions: "Questo sito ha accesso limitato, inserisci il codice di accesso:" - enter: "Invia" - incorrect: "codice di accesso errato" - system_messages: - site_password: "Inoltre, la password del sito è `%{access_password}` se ne hai bisogno." - post_hidden: subject_template: "Post nascosto a causa di segnalazioni dalla community" text_body_template: | diff --git a/config/locales/server.nl.yml b/config/locales/server.nl.yml index a8897102fe1..d448649d524 100644 --- a/config/locales/server.nl.yml +++ b/config/locales/server.nl.yml @@ -441,7 +441,6 @@ nl: company_short_name: "De korte naam van het bedrijf dat deze site draait. Wordt gebruikt in juridische delen van de site, zoals /tos" company_domain: "De domeinnaam van het bedrijf dat deze site draait. Wordt gebruikt in juridische delen van de site, zoals /tos" api_key: "De beveiligde API-sleutel wordt gebruikt om topics te maken en bij te werken. Gebruik /admin/api om deze in te stellen" - access_password: "Wanneer beperkte toegang aan staat, moet dit wachtwoord worden opgegeven." queue_jobs: "Zet verschillende taken in een queue binnen sidekiq, bij 'false' worden taken ineens uitgevoerd" crawl_images: Zet het ophalen van afbeeldingen van externe bronnen aan ninja_edit_window: "Hoe snel je een aanpassing kan maken zonder dat er een nieuwe versie wordt opgeslagen, in seconden." @@ -722,15 +721,7 @@ nl: Er zou een unsubscribe footer op elke email die je verstuurt moeten zitten zodat men direct kan afmelden mocht men deze mails niet willen ontvangen. Dus laten we er eentje opzetten! - request_access: - code: Toegangscode - instructions: "Dit is een besloten forum, vul hieronder de toegangscode in:" - enter: Verder - incorrect: Dat is niet de juiste toegangscode - system_messages: - site_password: "Oh, en het wachtwoord van de site is '%{access_password}' mocht je het nodig hebben." - post_hidden: subject_template: "Bericht van %{site_name}: je bericht is verborgen wegens meldingen uit de community" text_body_template: | diff --git a/config/locales/server.pseudo.yml b/config/locales/server.pseudo.yml index bd4ca332a99..34e9740c78c 100644 --- a/config/locales/server.pseudo.yml +++ b/config/locales/server.pseudo.yml @@ -484,8 +484,6 @@ pseudo: ůšéď íɳ łéǧáł ďóčůɱéɳťš łíǩé ťĥé /ťóš ]]' api_key: '[[ Ťĥé šéčůřé ÁРÍ ǩéý ůšéď ťó čřéáťé áɳď ůƿďáťé ťóƿíčš, ůšé ťĥé /áďɱíɳ/áƿí šéčťíóɳ ťó šéť íť ůƿ ]]' - access_password: '[[ Ŵĥéɳ řéšťříčťéď áččéšš íš éɳáƀłéď, ťĥíš ƿáššŵóřď ɱůšť ƀé - éɳťéřéď ]]' queue_jobs: '[[ Ƣůéůé νáříóůš ʲóƀš íɳ šíďéǩíƣ, íƒ ƒáłšé ƣůéůéš ářé íɳłíɳé ]]' crawl_images: '[[ Éɳáƀłé řéťříéνíɳǧ íɱáǧéš ƒřóɱ ťĥířď ƿářťý šóůřčéš ťó íɳšéřť ŵíďťĥ áɳď ĥéíǧĥť ďíɱéɳšíóɳš ]]' @@ -822,15 +820,7 @@ pseudo: <šɱáłł>Ťĥéřé šĥóůłď ƀé áɳ ůɳšůƀščříƀé ƒóóťéř óɳ éνéřý éɱáíł ýóů šéɳď, šó łéť'š ɱóčǩ óɳé ůƿ. Ťĥíš éɱáíł ŵáš šéɳť ƀý Ѝáɱé óƒ Čóɱƿáɳý, 55 Ϻáíɳ Šťřééť, Áɳýťóŵɳ, ŮŠÁ 12345. ̓ ýóů ŵóůłď łíǩé ťó óƿť óůť óƒ ƒůťůřé éɱáíłš, [čłíčǩ ĥéřé ťó ůɳšůƀščříƀé][5]. ]] - request_access: - code: '[[ Áččéšš Čóďé ]]' - instructions: '[[ Ťĥíš šíťé ĥáš řéšťříčťéď áččéšš, éɳťéř ťĥé áččéšš čóďé ƀéłóŵ: - ]]' - enter: '[[ Éɳťéř ]]' - incorrect: '[[ áččéšš čóďé ŵáš íɳčóřřéčť ]]' system_messages: - site_password: '[[ Áłšó, ťĥé šíťé ƿáššŵóřď íš `%{access_password}` íƒ ýóů ɳééď - íť. ]]' post_hidden: subject_template: '[[ Рóšť ĥíďďéɳ ďůé ťó čóɱɱůɳíťý ƒłáǧǧíɳǧ ]]' text_body_template: |- diff --git a/config/locales/server.pt.yml b/config/locales/server.pt.yml index c4c43095ffb..4554645da91 100644 --- a/config/locales/server.pt.yml +++ b/config/locales/server.pt.yml @@ -246,7 +246,6 @@ pt: title: "título deste website" secret_token: "token secreto para ser usado para proteger cookies" restrict_access: "restringir acesso a não ser que esta password seja utilizada" - access_password: "restrict_access está ativo. Garanta que esta password é preenchida" queue_jobs: "'queue' vários 'jobs' no sidekiq, if false queues are inline" crawl_images: "permitir mostrar imagens de sites terceiros" ninja_edit_window: "quão rápido é possivél fazer uma alteração sem guardar uma nova versão, em segundos." @@ -484,15 +483,7 @@ pt: There should be an unsubscribe footer on every email you send, so let's mock one up. This email was sent by Name of Company, 55 Main Street, Anytown, USA 12345. If you would like to opt out of future emails, [click here to unsubscribe][5]. - request_access: - code: "Código de Acesso" - instructions: "Este site tem acesso restrito, insere o códio de acesso em baico::" - enter: "Inserir" - incorrect: "O código de acesso estava incorreto" - system_messages: - site_password: "Também, a password para o site é `%{access_password}` caso precisares." - post_hidden: subject_template: "%{site_name} Aviso: Post escondido devido a Sinalização pela Comunidade" text_body_template: | diff --git a/config/locales/server.ru.yml b/config/locales/server.ru.yml index 9de68b9bcc9..73404f058fd 100644 --- a/config/locales/server.ru.yml +++ b/config/locales/server.ru.yml @@ -505,7 +505,6 @@ ru: company_short_name: Короткое название компании, которой принадлежит сайт, используется в правовой документации как /tos company_domain: Имя домена, принадлежащего компании, заведующей сайтом, используется в правовой документации как /tos api_key: Секретный API ключ, используемый для создания и обновления тем. Зайдите в секцию /admin/api , чтобы его задать - access_password: Этот пароль должен быть введен для доступа к функциям с ограниченным доступом queue_jobs: Ставить задачи в sidekiq в очередь, если false – очереди inline crawl_images: Разрешить извлечение изображений из сторонних источников, ширина и высота ninja_edit_window: Количество секунд после размещения сообщения, в течение которых внесение правок в сообщение не повлечет его изменение @@ -764,13 +763,7 @@ ru: There should be an unsubscribe footer on every email you send, so let's mock one up. This email was sent by Name of Company, 55 Main Street, Anytown, USA 12345. If you would like to opt out of future emails, [click here to unsubscribe][5]. - request_access: - code: Код доступа - instructions: 'Этот сайт имеет ограниченный доступ, введите код доступа:' - enter: Ввести - incorrect: Код доступа неверный system_messages: - site_password: 'Пароль для доступа на сайт `%{access_password}`, если он необходим.' post_hidden: subject_template: Сообщение скрыто по причине поступления множественных жалоб text_body_template: | diff --git a/config/locales/server.sv.yml b/config/locales/server.sv.yml index 7487bc326c7..20f664588f3 100644 --- a/config/locales/server.sv.yml +++ b/config/locales/server.sv.yml @@ -348,7 +348,6 @@ sv: company_short_name: "Det korta namnet för företaget som driver denna webbplats, används i juridiska dokument så som /tos" company_domain: "Domännamnet som ägs av företaget som driver denna webbplats, används i juridiska dokument så som /tos" api_key: "Den säkra API-nyckeln som används för att skapa och uppdatera trådar, använd /admin/api för att skapa en" - access_password: "När begränsad åtkomst är aktiverad, så måste detta lösenord användas" queue_jobs: "Köa diverse jobb i sidekiq, om urkryssat så körs köer infogat" crawl_images: "Aktivera hämtning av bilder från tredjepartskällor för att infoga bredd och höjd" ninja_edit_window: "Antal sekunder efter ett inlägg när en ändring inte skapar en ny version" @@ -624,15 +623,7 @@ sv: There should be an unsubscribe footer on every email you send, so let's mock one up. This email was sent by Name of Company, 55 Main Street, Anytown, USA 12345. If you would like to opt out of future emails, [click here to unsubscribe][5]. - request_access: - code: "Access Code" - instructions: "This site has restricted access, enter the access code below:" - enter: "Enter" - incorrect: "access code was incorrect" - system_messages: - site_password: "Also, the site password is `%{access_password}` if you need it." - post_hidden: subject_template: "Post hidden due to community flagging" text_body_template: | diff --git a/config/locales/server.zh_CN.yml b/config/locales/server.zh_CN.yml index d1489a6b389..440900c385e 100644 --- a/config/locales/server.zh_CN.yml +++ b/config/locales/server.zh_CN.yml @@ -439,7 +439,6 @@ zh_CN: company_short_name: "运行本站点的公司短名,用于法律文档,例如服务条款 /tos" company_domain: "运行本站点的公司域名,用于法律文档,例如服务条款 /tos" api_key: "加密的应用开发接口密钥(API key),用于创建和更新主题。使用 /admin/api 来对它进行设置。" - access_password: "当启用访问限制时,必须填写此密码" queue_jobs: "如果失败队列在排队,使用 Sidekiq 消息引擎对不同的工作排队" crawl_images: "允许从第三方获取图片来插入宽、高数值" ninja_edit_window: "在多少秒钟之内,对帖子的多次编辑不生成新版本" @@ -707,15 +706,7 @@ zh_CN: 在每封你发送的邮件底部应该都有取消订阅的链接,让我们模拟一下。这封邮件发送自 中华人民共和国 北京市海淀区中关村南大街3号 海淀资本中心 14层 公司名称,邮编 100081。如果你不希望将来继续收到我们的邮件,[点击此处取消订阅][5]. - request_access: - code: "访问码" - instructions: "本站点限制访问,请在下面输入访问码:" - enter: "进入" - incorrect: "访问码不正确" - system_messages: - site_password: "另外,如果你需要,此站点密码是 `%{access_password}`。" - post_hidden: subject_template: "%{site_name} 提示:由于论坛用户举报,系统隐藏了你的帖子" text_body_template: | diff --git a/config/locales/server.zh_TW.yml b/config/locales/server.zh_TW.yml index e18c1ba4c90..ad7b54a0fe0 100644 --- a/config/locales/server.zh_TW.yml +++ b/config/locales/server.zh_TW.yml @@ -425,7 +425,6 @@ zh_TW: company_short_name: "運行本站點的公司短名,用于法律文檔,例如服務條款 /tos" company_domain: "運行本站點的公司域名,用于法律文檔,例如服務條款 /tos" api_key: "加密的應用開發接口密鑰(API key),用于創建和更新主題。使用 /admin/api 來對它進行設置。" - access_password: "當啓用訪問限制時,必須填寫此密碼" queue_jobs: "如果失敗隊列在排隊,使用 Sidekiq 消息引擎對不同的工作排隊" crawl_images: "允許從第三方獲取圖片來插入寬、高數值" ninja_edit_window: "在多少秒鍾之內,對帖子的多次編輯不生成新版本" @@ -693,15 +692,7 @@ zh_TW: 在每封你發送的郵件底部應該都有取消訂閱的鏈接,讓我們模擬一下。這封郵件發送自 中華人民共和國 北京市海澱區中關村南大街3號 海澱資本中心 14層 公司名稱,郵編 100081。如果你不希望將來繼續收到我們的郵件,[點擊此處取消訂閱][5]. - request_access: - code: "訪問碼" - instructions: "本站點限制訪問,請在下面輸入訪問碼:" - enter: "進入" - incorrect: "訪問碼不正確" - system_messages: - site_password: "另外,如果你需要,此站點密碼是 `%{access_password}`。" - post_hidden: subject_template: "%{site_name} 提示:由于論壇用戶舉報,系統隱藏了你的帖子" text_body_template: | diff --git a/config/routes.rb b/config/routes.rb index 424ce3a3612..1057ceff846 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -14,12 +14,7 @@ Discourse::Application.routes.draw do mount Sidekiq::Web => '/sidekiq', constraints: AdminConstraint.new - resources :forums do - collection do - get 'request_access' - post 'request_access_submit' - end - end + resources :forums get 'srv/status' => 'forums#status' namespace :admin, constraints: StaffConstraint.new do @@ -233,9 +228,6 @@ Discourse::Application.routes.draw do resources :invites delete 'invites' => 'invites#destroy' - get 'request_access' => 'request_access#new' - post 'request_access' => 'request_access#create' - get 'onebox' => 'onebox#show' get 'error' => 'forums#error' diff --git a/db/migrate/20130625170842_remove_access_password.rb b/db/migrate/20130625170842_remove_access_password.rb new file mode 100644 index 00000000000..c1fd54084fc --- /dev/null +++ b/db/migrate/20130625170842_remove_access_password.rb @@ -0,0 +1,15 @@ +class RemoveAccessPassword < ActiveRecord::Migration + def up + result = execute("SELECT count(*) FROM site_settings where name='access_password'") + if result[0] and result[0]["count"].to_i > 0 + execute "DELETE FROM site_settings where name='access_password'" + SiteSetting.login_required = true + SiteSetting.must_approve_users = true + AdminDashboardData.report_access_password_removal rescue nil + end + end + + def down + # Don't undo + end +end diff --git a/lib/system_message.rb b/lib/system_message.rb index 8e5ed4e5d4c..40e19d3d10c 100644 --- a/lib/system_message.rb +++ b/lib/system_message.rb @@ -24,9 +24,6 @@ class SystemMessage params = defaults.merge(params) - if SiteSetting.access_password.present? - params[:site_password] = I18n.t('system_messages.site_password', access_password: SiteSetting.access_password) - end title = I18n.t("system_messages.#{type}.subject_template", params) raw_body = I18n.t("system_messages.#{type}.text_body_template", params) diff --git a/spec/controllers/invites_controller_spec.rb b/spec/controllers/invites_controller_spec.rb index 29c3a3da2aa..88e4978fc44 100644 --- a/spec/controllers/invites_controller_spec.rb +++ b/spec/controllers/invites_controller_spec.rb @@ -122,24 +122,6 @@ describe InvitesController do end - context 'access_required' do - - it "doesn't set a cookie for access if there is no access required" do - SiteSetting.stubs(:access_password).returns(nil) - Invite.any_instance.expects(:redeem).returns(user) - get :show, id: invite.invite_key - cookies[:_access].should be_blank - end - - it "sets the cookie when access is required" do - SiteSetting.stubs(:access_password).returns('adventure time!') - Invite.any_instance.expects(:redeem).returns(user) - get :show, id: invite.invite_key - cookies[:_access].should == 'adventure time!' - end - - end - end end diff --git a/spec/controllers/request_access_controller_spec.rb b/spec/controllers/request_access_controller_spec.rb deleted file mode 100644 index 07ec02274cc..00000000000 --- a/spec/controllers/request_access_controller_spec.rb +++ /dev/null @@ -1,56 +0,0 @@ -require 'spec_helper' - -describe RequestAccessController do - - context '.new' do - it "sets a default return path" do - get :new - assigns(:return_path).should == "/" - end - - it "assigns the return path we provide" do - get :new, return_path: '/asdf' - assigns(:return_path).should == "/asdf" - end - end - - - context '.create' do - - context 'without an invalid password' do - before do - post :create, password: 'asdf' - end - - it "adds a flash" do - flash[:error].should be_present - end - - it "doesn't set the cookie" do - cookies[:_access].should be_blank - end - end - - context 'with a valid password' do - before do - SiteSetting.stubs(:access_password).returns 'test password' - post :create, password: 'test password', return_path: '/the-path' - end - - it 'creates the cookie' do - cookies[:_access].should == 'test password' - end - - it 'redirects to the return path' do - response.should redirect_to('/the-path') - end - - it 'sets no flash error' do - flash[:error].should be_blank - end - - end - - end - -end diff --git a/spec/controllers/robots_txt_controller_spec.rb b/spec/controllers/robots_txt_controller_spec.rb index d256814342b..4b034f9dfd7 100644 --- a/spec/controllers/robots_txt_controller_spec.rb +++ b/spec/controllers/robots_txt_controller_spec.rb @@ -16,12 +16,5 @@ describe RobotsTxtController do response.should render_template :no_index end - it "serves noindex when in private mode regardless of the configuration" do - SiteSetting.stubs(:allow_index_in_robots_txt).returns(true) - SiteSetting.stubs(:access_password).returns('adventure time!') - get :index - response.should render_template :no_index - end - end end