forked from cybrespace/mastodon
Fix functional user requirements in whitelist mode (#14093)
Fixes #14092
This commit is contained in:
parent
b1d492f30a
commit
ac8a788370
|
@ -11,7 +11,7 @@ class AccountsController < ApplicationController
|
||||||
before_action :set_body_classes
|
before_action :set_body_classes
|
||||||
|
|
||||||
skip_around_action :set_locale, if: -> { [:json, :rss].include?(request.format&.to_sym) }
|
skip_around_action :set_locale, if: -> { [:json, :rss].include?(request.format&.to_sym) }
|
||||||
skip_before_action :require_functional!
|
skip_before_action :require_functional!, unless: :whitelist_mode?
|
||||||
|
|
||||||
def show
|
def show
|
||||||
respond_to do |format|
|
respond_to do |format|
|
||||||
|
|
|
@ -7,7 +7,7 @@ class Api::BaseController < ApplicationController
|
||||||
include RateLimitHeaders
|
include RateLimitHeaders
|
||||||
|
|
||||||
skip_before_action :store_current_location
|
skip_before_action :store_current_location
|
||||||
skip_before_action :require_functional!
|
skip_before_action :require_functional!, unless: :whitelist_mode?
|
||||||
|
|
||||||
before_action :require_authenticated_user!, if: :disallow_unauthenticated_api_access?
|
before_action :require_authenticated_user!, if: :disallow_unauthenticated_api_access?
|
||||||
before_action :set_cache_headers
|
before_action :set_cache_headers
|
||||||
|
|
|
@ -9,7 +9,7 @@ class DirectoriesController < ApplicationController
|
||||||
before_action :set_tag, only: :show
|
before_action :set_tag, only: :show
|
||||||
before_action :set_accounts
|
before_action :set_accounts
|
||||||
|
|
||||||
skip_before_action :require_functional!
|
skip_before_action :require_functional!, unless: :whitelist_mode?
|
||||||
|
|
||||||
def index
|
def index
|
||||||
render :index
|
render :index
|
||||||
|
|
|
@ -8,7 +8,7 @@ class FollowerAccountsController < ApplicationController
|
||||||
before_action :set_cache_headers
|
before_action :set_cache_headers
|
||||||
|
|
||||||
skip_around_action :set_locale, if: -> { request.format == :json }
|
skip_around_action :set_locale, if: -> { request.format == :json }
|
||||||
skip_before_action :require_functional!
|
skip_before_action :require_functional!, unless: :whitelist_mode?
|
||||||
|
|
||||||
def index
|
def index
|
||||||
respond_to do |format|
|
respond_to do |format|
|
||||||
|
|
|
@ -8,7 +8,7 @@ class FollowingAccountsController < ApplicationController
|
||||||
before_action :set_cache_headers
|
before_action :set_cache_headers
|
||||||
|
|
||||||
skip_around_action :set_locale, if: -> { request.format == :json }
|
skip_around_action :set_locale, if: -> { request.format == :json }
|
||||||
skip_before_action :require_functional!
|
skip_before_action :require_functional!, unless: :whitelist_mode?
|
||||||
|
|
||||||
def index
|
def index
|
||||||
respond_to do |format|
|
respond_to do |format|
|
||||||
|
|
|
@ -4,7 +4,7 @@ class MediaController < ApplicationController
|
||||||
include Authorization
|
include Authorization
|
||||||
|
|
||||||
skip_before_action :store_current_location
|
skip_before_action :store_current_location
|
||||||
skip_before_action :require_functional!
|
skip_before_action :require_functional!, unless: :whitelist_mode?
|
||||||
|
|
||||||
before_action :authenticate_user!, if: :whitelist_mode?
|
before_action :authenticate_user!, if: :whitelist_mode?
|
||||||
before_action :set_media_attachment
|
before_action :set_media_attachment
|
||||||
|
|
|
@ -10,7 +10,7 @@ class RemoteInteractionController < ApplicationController
|
||||||
before_action :set_status
|
before_action :set_status
|
||||||
before_action :set_body_classes
|
before_action :set_body_classes
|
||||||
|
|
||||||
skip_before_action :require_functional!
|
skip_before_action :require_functional!, unless: :whitelist_mode?
|
||||||
|
|
||||||
def new
|
def new
|
||||||
@remote_follow = RemoteFollow.new(session_params)
|
@remote_follow = RemoteFollow.new(session_params)
|
||||||
|
|
|
@ -19,7 +19,7 @@ class StatusesController < ApplicationController
|
||||||
before_action :set_autoplay, only: :embed
|
before_action :set_autoplay, only: :embed
|
||||||
|
|
||||||
skip_around_action :set_locale, if: -> { request.format == :json }
|
skip_around_action :set_locale, if: -> { request.format == :json }
|
||||||
skip_before_action :require_functional!, only: [:show, :embed]
|
skip_before_action :require_functional!, only: [:show, :embed], unless: :whitelist_mode?
|
||||||
|
|
||||||
content_security_policy only: :embed do |p|
|
content_security_policy only: :embed do |p|
|
||||||
p.frame_ancestors(false)
|
p.frame_ancestors(false)
|
||||||
|
|
|
@ -15,7 +15,7 @@ class TagsController < ApplicationController
|
||||||
before_action :set_body_classes
|
before_action :set_body_classes
|
||||||
before_action :set_instance_presenter
|
before_action :set_instance_presenter
|
||||||
|
|
||||||
skip_before_action :require_functional!
|
skip_before_action :require_functional!, unless: :whitelist_mode?
|
||||||
|
|
||||||
def show
|
def show
|
||||||
respond_to do |format|
|
respond_to do |format|
|
||||||
|
|
Loading…
Reference in New Issue