Unfloyded/Legamunt
0
0
Fork 0
Code Activity

Refactor settings controllers (#14767)

Browse source 
- Disallow suspended accounts from revoking sessions and apps
- Allow suspended accounts to access exports
This commit is contained in:
Eugen Rochko 2020-09-11 20:56:35 +02:00 committed by GitHub
parent e6b272e5c9
commit 4e4b3a0c8e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
31 changed files with 65 additions and 118 deletions
Download patch file Download diff file Expand all files Collapse all files

11
app/controllers/settings/exports_controller.rb
View file

@ -3,11 +3,6 @@
class Settings::ExportsController < Settings::BaseController
include Authorization
layout 'admin'
before_action :authenticate_user!
before_action :require_not_suspended!
skip_before_action :require_functional!
def show
@ -16,8 +11,6 @@ class Settings::ExportsController < Settings::BaseController
end
def create
raise Mastodon::NotPermittedError unless user_signed_in?
backup = nil
RedisLock.acquire(lock_options) do |lock|
@ -37,8 +30,4 @@ class Settings::ExportsController < Settings::BaseController
def lock_options
{ redis: Redis.current, key: "backup:#{current_user.id}" }
end
def require_not_suspended!
forbidden if current_account.suspended?
end
end