jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
f7794de0b7791f0008d239675e4aaf90fabe2e9a
danbooru/app/policies/background_job_policy.rb
evazion f38910f0a2 jobs: hide job arguments and errors from non-admins. 
These can sometimes contain sensitive information, such as IP addresses
or what files a user is trying to upload.
2022-01-04 17:20:43 -06:00

27 lines
459 B
Ruby
Raw Blame History

# frozen_string_literal: true
class BackgroundJobPolicy < ApplicationPolicy
def index?
true
end
def update?
user.is_admin?
end
def can_see_params?
user.is_admin?
end
alias_method :cancel?, :update?
alias_method :destroy?, :update?
alias_method :retry?, :update?
alias_method :run?, :update?
def api_attributes
attributes = super
attributes -= [:serialized_params] unless can_see_params?
attributes
end
end
Reference in New Issue View Git Blame Copy Permalink