Filter config descriptions by config whitelist

This commit is contained in:
Stephanie Wilde-Hobbs 2020-05-12 21:07:33 +01:00
parent 620247a015
commit a2fcfc78c9
No known key found for this signature in database
GPG Key ID: CEF2BBFE18BD0E67
3 changed files with 57 additions and 14 deletions

View File

@ -18,7 +18,6 @@ defmodule Pleroma.Docs.JSON do
with config <- Pleroma.Config.Loader.read("config/description.exs") do
config[:pleroma][:config_description]
|> Pleroma.Docs.Generator.convert_to_strings()
|> Jason.encode!()
end
end
end

View File

@ -37,7 +37,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
require Logger
@descriptions_json Pleroma.Docs.JSON.compile()
@descriptions Pleroma.Docs.JSON.compile()
@users_page_size 50
plug(
@ -892,9 +892,14 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
end
def config_descriptions(conn, _params) do
descriptions_json =
@descriptions
|> Enum.filter(&whitelisted_config?/1)
|> Jason.encode!()
conn
|> Plug.Conn.put_resp_content_type("application/json")
|> Plug.Conn.send_resp(200, @descriptions_json)
|> Plug.Conn.send_resp(200, descriptions_json)
end
def config_show(conn, %{"only_db" => true}) do
@ -1012,7 +1017,7 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
end
end
defp whitelisted_config?(%{"group" => group, "key" => key}) do
defp whitelisted_config?(group, key) do
if whitelisted_configs = Config.get(:database_config_whitelist) do
Enum.any?(whitelisted_configs, fn {whitelisted_group, whitelisted_key} ->
group == inspect(whitelisted_group) && key == inspect(whitelisted_key)
@ -1022,6 +1027,14 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
end
end
defp whitelisted_config?(%{"group" => group, "key" => key}) do
whitelisted_config?(group, key)
end
defp whitelisted_config?(%{:group => group} = config) do
whitelisted_config?(group, config[:key])
end
def reload_emoji(conn, _params) do
Pleroma.Emoji.reload()

View File

@ -3604,7 +3604,8 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
end
end
test "GET /api/pleroma/admin/config/descriptions", %{conn: conn} do
describe "GET /api/pleroma/admin/config/descriptions" do
test "structure", %{conn: conn} do
admin = insert(:user, is_admin: true)
conn =
@ -3619,6 +3620,36 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIControllerTest do
assert child["description"]
end
test "filters by database configuration whitelist", %{conn: conn} do
clear_config(:database_config_whitelist, [
{:pleroma, :instance},
{:pleroma, :activitypub},
{:pleroma, Pleroma.Upload}
])
admin = insert(:user, is_admin: true)
conn =
assign(conn, :user, admin)
|> get("/api/pleroma/admin/config/descriptions")
children = json_response(conn, 200)
assert length(children) == 3
assert Enum.all?(children, fn c -> c["group"] == ":pleroma" end)
instance = Enum.find(children, fn c -> c["key"] == ":instance" end)
assert instance["children"]
activitypub = Enum.find(children, fn c -> c["key"] == ":activitypub" end)
assert activitypub["children"]
web_endpoint = Enum.find(children, fn c -> c["key"] == "Pleroma.Upload" end)
assert web_endpoint["children"]
end
end
describe "/api/pleroma/admin/stats" do
test "status visibility count", %{conn: conn} do
admin = insert(:user, is_admin: true)