From 3583515e445988142ebc32a5410c5ed1251abc3d Mon Sep 17 00:00:00 2001 From: Maurice Williams Date: Wed, 3 Sep 2014 00:27:37 -0400 Subject: [PATCH] adding config flags to control all items mentioned in PRIVACY.md closes #3241 - in config.js, the `privacy` attribute holds all privacy-related flags - `privacy.userTinfoil: true` disables everything (equivalent to setting all flags to false) - added helper function to core/server/config/index.js to checking privacy flags - added helper function to core/server/config/index.js to show warning about deprecated items --- config.example.js | 1 + core/server/config/index.js | 37 ++++++++++++++++++++++++++++++++ core/server/controllers/admin.js | 5 ++++- core/server/index.js | 2 ++ core/server/models/user.js | 5 +++++ core/server/update-check.js | 3 ++- core/server/views/default.hbs | 4 +++- core/server/xmlrpc.js | 2 +- 8 files changed, 55 insertions(+), 4 deletions(-) diff --git a/config.example.js b/config.example.js index d75dc3757c..3f65ed10e3 100644 --- a/config.example.js +++ b/config.example.js @@ -19,6 +19,7 @@ config = { }, debug: false }, + server: { // Host to be passed to node's `net.Server#listen()` host: '127.0.0.1', diff --git a/core/server/config/index.js b/core/server/config/index.js index a794de34cf..8ae0076c24 100644 --- a/core/server/config/index.js +++ b/core/server/config/index.js @@ -290,6 +290,43 @@ ConfigManager.prototype.validate = function () { return Promise.resolve(config); }; +/** + * Helper method for checking the state of a particular privacy flag + * @param privacyFlag The flag to check + * @returns {boolean} + */ +ConfigManager.prototype.isPrivacyDisabled = function (privacyFlag) { + if (!this.privacy) { + return false; + } + + if (this.privacy.useTinfoil === true) { + return true; + } + + return this.privacy[privacyFlag] === false; +}; + +/** + * Check if any of the currently set config items are deprecated, and issues a warning. + */ +ConfigManager.prototype.checkDeprecated = function () { + var deprecatedItems = ['updateCheck'], + self = this; + + _.each(deprecatedItems, function (item) { + if (self.hasOwnProperty(item)) { + var errorText = 'The configuration property [' + item.toString().bold + '] has been deprecated.', + explinationText = 'This will be removed in a future version, please update your config.js file.', + helpText = 'Please check http://support.ghost.org/config for the most up-to-date example.'; + + errors.logWarn(errorText, explinationText, helpText); + } + + }); +}; + + if (testingEnvs.indexOf(process.env.NODE_ENV) > -1) { defaultConfig = require('../../../config.example')[process.env.NODE_ENV]; } diff --git a/core/server/controllers/admin.js b/core/server/controllers/admin.js index 134fc58e5a..7b8bd35ca7 100644 --- a/core/server/controllers/admin.js +++ b/core/server/controllers/admin.js @@ -2,6 +2,7 @@ var _ = require('lodash'), api = require('../api'), errors = require('../errors'), updateCheck = require('../update-check'), + config = require('../config'), adminControllers; adminControllers = { @@ -12,7 +13,9 @@ adminControllers = { /*jslint unparam:true*/ function renderIndex() { - res.render('default'); + res.render('default', { + skip_google_fonts: config.isPrivacyDisabled('useGoogleFonts') + }); } updateCheck().then(function () { diff --git a/core/server/index.js b/core/server/index.js index f1fb4b92fd..aaca4c225f 100644 --- a/core/server/index.js +++ b/core/server/index.js @@ -142,6 +142,8 @@ function init(options) { // Load our config.js file from the local file system. return config.load(options.config).then(function () { + return config.checkDeprecated(); + }).then(function () { // Make sure javascript files have been built via grunt concat return builtFilesExist(); }).then(function () { diff --git a/core/server/models/user.js b/core/server/models/user.js index 8ca9652547..1449a8601e 100644 --- a/core/server/models/user.js +++ b/core/server/models/user.js @@ -7,6 +7,7 @@ var _ = require('lodash'), crypto = require('crypto'), validator = require('validator'), validation = require('../data/validation'), + config = require('../config'), bcryptGenSalt = Promise.promisify(bcrypt.genSalt), bcryptHash = Promise.promisify(bcrypt.hash), @@ -844,6 +845,10 @@ User = ghostBookshelf.Model.extend({ '?d=404&s=250'; return new Promise(function (resolve) { + if (config.isPrivacyDisabled('useGravatar')) { + resolve(userData); + } + http.get('http:' + gravatarUrl, function (res) { if (res.statusCode !== 404) { userData.image = gravatarUrl; diff --git a/core/server/update-check.js b/core/server/update-check.js index 1ac8605444..db025ffacc 100644 --- a/core/server/update-check.js +++ b/core/server/update-check.js @@ -168,7 +168,8 @@ function updateCheck() { // 1. updateCheck is defined as false in config.js // 2. we've already done a check this session // 3. we're not in production or development mode - if (config.updateCheck === false || _.indexOf(allowedCheckEnvironments, process.env.NODE_ENV) === -1) { + //TODO: need to remove config.updateCheck in favor of config.privacy.updateCheck in future version (it is now deprecated) + if (config.updateCheck === false || config.isPrivacyDisabled('useUpdateCheck') || _.indexOf(allowedCheckEnvironments, process.env.NODE_ENV) === -1) { // No update check return Promise.resolve(); } else { diff --git a/core/server/views/default.hbs b/core/server/views/default.hbs index a947c55c78..4a20216620 100644 --- a/core/server/views/default.hbs +++ b/core/server/views/default.hbs @@ -29,7 +29,9 @@ - + {{#unless skip_google_fonts}} + + {{/unless}} diff --git a/core/server/xmlrpc.js b/core/server/xmlrpc.js index b23a104615..ccca447e7a 100644 --- a/core/server/xmlrpc.js +++ b/core/server/xmlrpc.js @@ -17,7 +17,7 @@ function ping(post) { title = post.title; // Only ping when in production and not a page - if (process.env.NODE_ENV !== 'production' || post.page) { + if (process.env.NODE_ENV !== 'production' || post.page || config.isPrivacyDisabled('useRpcPing')) { return; }