0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00

🐛 Ensured import does not override private setting (#10882)

closes #10788

This adds an extra filter to the preImport method of the settings
importer to removes settings with the key `is_private`

This message is specifically only for when an import has privacy mode ON
and the current site has privacy mode OFF.
This commit is contained in:
Fabien O'Carroll 2019-08-06 16:15:40 +08:00 committed by GitHub
parent 13b1a9e7ef
commit 373627223c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 123 additions and 0 deletions

View file

@ -6,6 +6,33 @@ const debug = require('ghost-ignition').debug('importer:settings'),
defaultSettings = require('../../../schema').defaultSettings,
labsDefaults = JSON.parse(defaultSettings.blog.labs.defaultValue);
const isFalse = (value) => {
// Catches false, null, undefined, empty string
if (!value) {
return true;
}
if (value === 'false') {
return true;
}
if (value === '0') {
return true;
}
return false;
};
const isTrue = (value) => {
if (value === true) {
return true;
}
if (value === 'true') {
return true;
}
if (value === '1') {
return true;
}
return false;
};
class SettingsImporter extends BaseImporter {
constructor(allDataFromFile) {
super(allDataFromFile, {
@ -80,6 +107,26 @@ class SettingsImporter extends BaseImporter {
return ['core', 'theme'].indexOf(data.type) === -1;
});
const newIsPrivate = _.find(this.dataToImport, {key: 'is_private'});
const oldIsPrivate = _.find(this.existingData, {key: 'is_private'});
this.dataToImport = _.filter(this.dataToImport, (data) => {
return data.key !== 'is_private';
});
this.dataToImport = _.filter(this.dataToImport, (data) => {
return data.key !== 'password';
});
// Only show warning if we are importing a private site into a non-private site.
if (oldIsPrivate && newIsPrivate && isFalse(oldIsPrivate.value) && isTrue(newIsPrivate.value)) {
this.problems.push({
message: 'IMPORTANT: Content in this import was previously published on a private Ghost install, but the current site is public. Are your privacy settings up to date?',
help: this.modelName,
context: JSON.stringify(newIsPrivate)
});
}
_.each(this.dataToImport, (obj) => {
if (obj.key === 'labs' && obj.value) {
// Overwrite the labs setting with our current defaults
@ -108,6 +155,13 @@ class SettingsImporter extends BaseImporter {
return super.beforeImport();
}
fetchExisting(modelOptions) {
return models.Settings.findAll(modelOptions)
.then((existingData) => {
this.existingData = existingData.toJSON();
});
}
generateIdentifier() {
this.stripProperties(['id']);
return Promise.resolve();

View file

@ -0,0 +1,69 @@
const find = require('lodash/find');
const should = require('should');
const SettingsImporter = require('../../../../../../server/data/importer/importers/data/settings');
describe('SettingsImporter', function () {
describe('#beforeImport', function () {
it('Removes the password setting', function () {
const fakeSettings = [{
key: 'password',
value: 'hunter2'
}, {
key: 'is_private',
value: true
}];
const importer = new SettingsImporter({settings: fakeSettings}, {dataKeyToImport: 'settings'});
importer.beforeImport();
const passwordSetting = find(importer.dataToImport, {key: 'password'});
should.equal(passwordSetting, undefined);
});
it('Removes the is_private setting', function () {
const fakeSettings = [{
key: 'password',
value: 'hunter2'
}, {
key: 'is_private',
value: true
}];
const importer = new SettingsImporter({settings: fakeSettings}, {dataKeyToImport: 'settings'});
importer.beforeImport();
const passwordSetting = find(importer.dataToImport, {key: 'is_private'});
should.equal(passwordSetting, undefined);
});
it('Adds a problem if the existing data is_private is false, and new data is_private is true', function () {
const fakeSettings = [{
key: 'password',
value: 'hunter2'
}, {
key: 'is_private',
value: true
}];
const fakeExistingSettings = [{
key: 'is_private',
value: false
}];
const importer = new SettingsImporter({settings: fakeSettings}, {dataKeyToImport: 'settings'});
importer.existingData = fakeExistingSettings;
importer.beforeImport();
const problem = find(importer.problems, {
message: 'IMPORTANT: Content in this import was previously published on a private Ghost install, but the current site is public. Are your privacy settings up to date?'
});
should.exist(problem);
});
});
});