Allow whitelisting whole groups
This commit is contained in:
parent
5c6f575315
commit
20cbfb5cb5
3 changed files with 20 additions and 8 deletions
|
@ -919,7 +919,8 @@ Example:
|
||||||
```elixir
|
```elixir
|
||||||
config :pleroma, :database_config_whitelist, [
|
config :pleroma, :database_config_whitelist, [
|
||||||
{:pleroma, :instance},
|
{:pleroma, :instance},
|
||||||
{:pleroma, Pleroma.Web.Metadata}
|
{:pleroma, Pleroma.Web.Metadata},
|
||||||
|
{:auto_linker}
|
||||||
]
|
]
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
|
@ -1015,8 +1015,12 @@ defp configurable_from_database(conn) do
|
||||||
|
|
||||||
defp whitelisted_config?(group, key) do
|
defp whitelisted_config?(group, key) do
|
||||||
if whitelisted_configs = Config.get(:database_config_whitelist) do
|
if whitelisted_configs = Config.get(:database_config_whitelist) do
|
||||||
Enum.any?(whitelisted_configs, fn {whitelisted_group, whitelisted_key} ->
|
Enum.any?(whitelisted_configs, fn
|
||||||
group == inspect(whitelisted_group) && key == inspect(whitelisted_key)
|
{whitelisted_group} ->
|
||||||
|
group == inspect(whitelisted_group)
|
||||||
|
|
||||||
|
{whitelisted_group, whitelisted_key} ->
|
||||||
|
group == inspect(whitelisted_group) && key == inspect(whitelisted_key)
|
||||||
end)
|
end)
|
||||||
else
|
else
|
||||||
true
|
true
|
||||||
|
|
|
@ -2948,7 +2948,8 @@ test "doesn't set keys not in the whitelist", %{conn: conn} do
|
||||||
clear_config(:database_config_whitelist, [
|
clear_config(:database_config_whitelist, [
|
||||||
{:pleroma, :key1},
|
{:pleroma, :key1},
|
||||||
{:pleroma, :key2},
|
{:pleroma, :key2},
|
||||||
{:pleroma, Pleroma.Captcha.NotReal}
|
{:pleroma, Pleroma.Captcha.NotReal},
|
||||||
|
{:not_real}
|
||||||
])
|
])
|
||||||
|
|
||||||
post(conn, "/api/pleroma/admin/config", %{
|
post(conn, "/api/pleroma/admin/config", %{
|
||||||
|
@ -2957,7 +2958,8 @@ test "doesn't set keys not in the whitelist", %{conn: conn} do
|
||||||
%{group: ":pleroma", key: ":key2", value: "value2"},
|
%{group: ":pleroma", key: ":key2", value: "value2"},
|
||||||
%{group: ":pleroma", key: ":key3", value: "value3"},
|
%{group: ":pleroma", key: ":key3", value: "value3"},
|
||||||
%{group: ":pleroma", key: "Pleroma.Web.Endpoint.NotReal", value: "value4"},
|
%{group: ":pleroma", key: "Pleroma.Web.Endpoint.NotReal", value: "value4"},
|
||||||
%{group: ":pleroma", key: "Pleroma.Captcha.NotReal", value: "value5"}
|
%{group: ":pleroma", key: "Pleroma.Captcha.NotReal", value: "value5"},
|
||||||
|
%{group: ":not_real", key: ":anything", value: "value6"}
|
||||||
]
|
]
|
||||||
})
|
})
|
||||||
|
|
||||||
|
@ -2966,6 +2968,7 @@ test "doesn't set keys not in the whitelist", %{conn: conn} do
|
||||||
assert Application.get_env(:pleroma, :key3) == nil
|
assert Application.get_env(:pleroma, :key3) == nil
|
||||||
assert Application.get_env(:pleroma, Pleroma.Web.Endpoint.NotReal) == nil
|
assert Application.get_env(:pleroma, Pleroma.Web.Endpoint.NotReal) == nil
|
||||||
assert Application.get_env(:pleroma, Pleroma.Captcha.NotReal) == "value5"
|
assert Application.get_env(:pleroma, Pleroma.Captcha.NotReal) == "value5"
|
||||||
|
assert Application.get_env(:not_real, :anything) == "value6"
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
@ -3624,7 +3627,8 @@ test "filters by database configuration whitelist", %{conn: conn} do
|
||||||
clear_config(:database_config_whitelist, [
|
clear_config(:database_config_whitelist, [
|
||||||
{:pleroma, :instance},
|
{:pleroma, :instance},
|
||||||
{:pleroma, :activitypub},
|
{:pleroma, :activitypub},
|
||||||
{:pleroma, Pleroma.Upload}
|
{:pleroma, Pleroma.Upload},
|
||||||
|
{:esshd}
|
||||||
])
|
])
|
||||||
|
|
||||||
admin = insert(:user, is_admin: true)
|
admin = insert(:user, is_admin: true)
|
||||||
|
@ -3635,9 +3639,9 @@ test "filters by database configuration whitelist", %{conn: conn} do
|
||||||
|
|
||||||
children = json_response(conn, 200)
|
children = json_response(conn, 200)
|
||||||
|
|
||||||
assert length(children) == 3
|
assert length(children) == 4
|
||||||
|
|
||||||
assert Enum.all?(children, fn c -> c["group"] == ":pleroma" end)
|
assert Enum.count(children, fn c -> c["group"] == ":pleroma" end) == 3
|
||||||
|
|
||||||
instance = Enum.find(children, fn c -> c["key"] == ":instance" end)
|
instance = Enum.find(children, fn c -> c["key"] == ":instance" end)
|
||||||
assert instance["children"]
|
assert instance["children"]
|
||||||
|
@ -3647,6 +3651,9 @@ test "filters by database configuration whitelist", %{conn: conn} do
|
||||||
|
|
||||||
web_endpoint = Enum.find(children, fn c -> c["key"] == "Pleroma.Upload" end)
|
web_endpoint = Enum.find(children, fn c -> c["key"] == "Pleroma.Upload" end)
|
||||||
assert web_endpoint["children"]
|
assert web_endpoint["children"]
|
||||||
|
|
||||||
|
esshd = Enum.find(children, fn c -> c["group"] == ":esshd" end)
|
||||||
|
assert esshd["children"]
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue