Add SELF_DESTRUCT env variable to process self-destructions in the background (#26439)

2023-10-23 17:46:21 +02:00 · 2023-10-23 17:46:21 +02:00 · 379115e601
commit 379115e601
parent 26d2a2a0cc
22 changed files with 193 additions and 57 deletions
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@ -12,6 +12,7 @@ class ApplicationController < ActionController::Base
  include DomainControlHelper
  include DatabaseHelper
  include AuthorizedFetchHelper
+  include SelfDestructHelper

  helper_method :current_account
  helper_method :current_session
@ -39,6 +40,8 @@ class ApplicationController < ActionController::Base
    service_unavailable
  end

+  before_action :check_self_destruct!
+
  before_action :store_referrer, except: :raise_not_found, if: :devise_controller?
  before_action :require_functional!, if: :user_signed_in?

@ -170,6 +173,15 @@ class ApplicationController < ActionController::Base
    end
  end

+  def check_self_destruct!
+    return unless self_destruct?
+
+    respond_to do |format|
+      format.any  { render 'errors/self_destruct', layout: 'auth', status: 410, formats: [:html] }
+      format.json { render json: { error: Rack::Utils::HTTP_STATUS_CODES[410] }, status: code }
+    end
+  end
+
  def set_cache_control_defaults
    response.cache_control.replace(private: true, no_store: true)
  end
--- a/app/controllers/auth/challenges_controller.rb
+++ b/app/controllers/auth/challenges_controller.rb
@ -7,6 +7,7 @@ class Auth::ChallengesController < ApplicationController

  before_action :authenticate_user!

+  skip_before_action :check_self_destruct!
  skip_before_action :require_functional!

  def create
--- a/app/controllers/auth/confirmations_controller.rb
+++ b/app/controllers/auth/confirmations_controller.rb
@ -12,6 +12,7 @@ class Auth::ConfirmationsController < Devise::ConfirmationsController
  before_action :extend_csp_for_captcha!, only: [:show, :confirm_captcha]
  before_action :require_captcha_if_needed!, only: [:show]

+  skip_before_action :check_self_destruct!
  skip_before_action :require_functional!

  def show
--- a/app/controllers/auth/omniauth_callbacks_controller.rb
+++ b/app/controllers/auth/omniauth_callbacks_controller.rb
@ -1,6 +1,7 @@
 # frozen_string_literal: true

 class Auth::OmniauthCallbacksController < Devise::OmniauthCallbacksController
+  skip_before_action :check_self_destruct!
  skip_before_action :verify_authenticity_token

  def self.provides_callback_for(provider)
--- a/app/controllers/auth/passwords_controller.rb
+++ b/app/controllers/auth/passwords_controller.rb
@ -1,6 +1,7 @@
 # frozen_string_literal: true

 class Auth::PasswordsController < Devise::PasswordsController
+  skip_before_action :check_self_destruct!
  before_action :check_validity_of_reset_password_token, only: :edit
  before_action :set_body_classes

--- a/app/controllers/auth/registrations_controller.rb
+++ b/app/controllers/auth/registrations_controller.rb
@ -17,6 +17,7 @@ class Auth::RegistrationsController < Devise::RegistrationsController
  before_action :require_rules_acceptance!, only: :new
  before_action :set_registration_form_time, only: :new

+  skip_before_action :check_self_destruct!, only: [:edit, :update]
  skip_before_action :require_functional!, only: [:edit, :update]

  def new
--- a/app/controllers/auth/sessions_controller.rb
+++ b/app/controllers/auth/sessions_controller.rb
@ -3,6 +3,7 @@
 class Auth::SessionsController < Devise::SessionsController
  layout 'auth'

+  skip_before_action :check_self_destruct!
  skip_before_action :require_no_authentication, only: [:create]
  skip_before_action :require_functional!
  skip_before_action :update_user_sign_in
--- a/app/controllers/backups_controller.rb
+++ b/app/controllers/backups_controller.rb
@ -3,6 +3,7 @@
 class BackupsController < ApplicationController
  include RoutingHelper

+  skip_before_action :check_self_destruct!
  skip_before_action :require_functional!

  before_action :authenticate_user!
--- a/app/controllers/concerns/export_controller_concern.rb
+++ b/app/controllers/concerns/export_controller_concern.rb
@ -7,6 +7,7 @@ module ExportControllerConcern
    before_action :authenticate_user!
    before_action :load_export

+    skip_before_action :check_self_destruct!
    skip_before_action :require_functional!
  end

--- a/app/controllers/settings/exports_controller.rb
+++ b/app/controllers/settings/exports_controller.rb
@ -5,6 +5,7 @@ class Settings::ExportsController < Settings::BaseController
  include Redisable
  include Lockable

+  skip_before_action :check_self_destruct!
  skip_before_action :require_functional!

  def show
--- a/app/controllers/settings/login_activities_controller.rb
+++ b/app/controllers/settings/login_activities_controller.rb
@ -1,6 +1,9 @@
 # frozen_string_literal: true

 class Settings::LoginActivitiesController < Settings::BaseController
+  skip_before_action :check_self_destruct!
+  skip_before_action :require_functional!
+
  def index
    @login_activities = LoginActivity.where(user: current_user).order(id: :desc).page(params[:page])
  end
--- a/app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb
+++ b/app/controllers/settings/two_factor_authentication/webauthn_credentials_controller.rb
@ -3,6 +3,7 @@
 module Settings
  module TwoFactorAuthentication
    class WebauthnCredentialsController < BaseController
+      skip_before_action :check_self_destruct!
      skip_before_action :require_functional!

      before_action :require_otp_enabled
--- a/app/controllers/settings/two_factor_authentication_methods_controller.rb
+++ b/app/controllers/settings/two_factor_authentication_methods_controller.rb
@ -4,6 +4,7 @@ module Settings
  class TwoFactorAuthenticationMethodsController < BaseController
    include ChallengableConcern

+    skip_before_action :check_self_destruct!
    skip_before_action :require_functional!

    before_action :require_challenge!, only: :disable