port tootsuite#11292 to monsterfork: Add whitelist mode

author: Eugen Rochko <eugen@zeonfederated.com> 2019-07-30 11:10:46 +0200
committer: multiple creatures <dev@multiple-creature.party> 2020-02-21 01:02:20 -0600
commit: b4d97bc26baff0a9867f1e510a7630dd34b8049d (patch)
tree: 4637f1ead39e9e0748066445f94798b0d5f38fd4 /app/controllers/application_controller.rb
parent: 08f6b74097aacb2cf1c3894d4a58c0b2272a9fa5 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 22445dc83..8802af7ac 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -11,6 +11,7 @@ class ApplicationController < ActionController::Base
   include UserTrackingConcern
   include SessionTrackingConcern
   include CacheConcern
+  include DomainControlHelper
 
   helper_method :current_account
   helper_method :current_session
@@ -18,6 +19,7 @@ class ApplicationController < ActionController::Base
   helper_method :current_skin
   helper_method :single_user_mode?
   helper_method :use_seamless_external_login?
+  helper_method :whitelist_mode?
 
   rescue_from ActionController::RoutingError, with: :not_found
   rescue_from ActionController::InvalidAuthenticityToken, with: :unprocessable_entity
@@ -45,7 +47,7 @@ class ApplicationController < ActionController::Base
   end
 
   def authorized_fetch_mode?
-    ENV['AUTHORIZED_FETCH'] == 'true' || Setting.auto_reject_unknown
+    ENV['AUTHORIZED_FETCH'] == 'true' || Setting.auto_reject_unknown || Rails.configuration.x.whitelist_mode
   end
 
   def public_fetch_mode?
author	Eugen Rochko <eugen@zeonfederated.com>	2019-07-30 11:10:46 +0200
committer	multiple creatures <dev@multiple-creature.party>	2020-02-21 01:02:20 -0600
commit	b4d97bc26baff0a9867f1e510a7630dd34b8049d (patch)
tree	4637f1ead39e9e0748066445f94798b0d5f38fd4 /app/controllers/application_controller.rb
parent	08f6b74097aacb2cf1c3894d4a58c0b2272a9fa5 (diff)