Maintenance: Improve application boot time by reducing initial asset payload

This commit is contained in:
Thorsten Eckel 2021-09-10 18:01:23 +02:00
parent f67cf3ab1e
commit f31aeec8db
5 changed files with 61 additions and 0 deletions

View file

@ -13,6 +13,7 @@ class SettingPolicy < ApplicationPolicy
private private
def permitted? def permitted?
return false if record.preferences[:protected]
return true if !record.preferences[:permission] return true if !record.preferences[:permission]
user.permissions?(record.preferences[:permission]) user.permissions?(record.preferences[:permission])

View file

@ -0,0 +1,15 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
class MaintenanceImproveSettingPreferences < ActiveRecord::Migration[6.0]
def change
return if !Setting.exists?(name: 'system_init_done')
protected_settings = %w[application_secret]
protected_settings.each do |name|
setting = Setting.find_by(name: name)
setting.preferences[:protected] = true
setting.save!
end
end
end

View file

@ -9,6 +9,7 @@ Setting.create_if_not_exists(
state: SecureRandom.hex(128), state: SecureRandom.hex(128),
preferences: { preferences: {
permission: ['admin'], permission: ['admin'],
protected: true,
}, },
frontend: false frontend: false
) )

View file

@ -0,0 +1,18 @@
# Copyright (C) 2012-2021 Zammad Foundation, http://zammad-foundation.org/
require 'rails_helper'
RSpec.describe MaintenanceImproveSettingPreferences, type: :db_migration do
context 'when having old setting preferences without protected flag' do
before do
setting.preferences.delete(:protected)
setting.save!
end
let(:setting) { Setting.find_by(name: 'application_secret') }
it 'add protected flag' do
expect { migrate }.to change { setting.reload.preferences[:protected] }.to(true)
end
end
end

View file

@ -225,5 +225,31 @@ RSpec.describe 'Settings', type: :request do
expect(response).to have_http_status(:forbidden) expect(response).to have_http_status(:forbidden)
expect(json_response['error']).to eq('Not authorized (user)!') expect(json_response['error']).to eq('Not authorized (user)!')
end end
it 'protected setting not existing in list' do
authenticated_as(admin)
get '/api/v1/settings', params: {}, as: :json
expect(json_response.detect { |setting| setting['name'] == 'application_secret' }).to eq(nil)
end
it 'can not show protected setting' do
setting = Setting.find_by(name: 'application_secret')
authenticated_as(admin)
get "/api/v1/settings/#{setting.id}", params: {}, as: :json
expect(response).to have_http_status(:forbidden)
end
it 'can not update protected setting' do
setting = Setting.find_by(name: 'application_secret')
params = {
id: setting.id,
state: 'Examaple'
}
put "/api/v1/settings/#{setting.id}", params: params, as: :json
authenticated_as(admin)
put "/api/v1/settings/#{setting.id}", params: {}, as: :json
expect(response).to have_http_status(:forbidden)
end
end end
end end