Add OptionFilter for bulk option api #1345
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
JohnNiang
added
the
kind/feature
ruibaby
requested changes
Apr 8, 2021
ruibaby
requested changes
Apr 8, 2021
src/main/java/run/halo/app/controller/content/api/OptionController.java
Outdated
Show resolved
Hide resolved
ruibaby
approved these changes
Apr 9, 2021
guqing
approved these changes
Apr 9, 2021
JohnNiang
commented
Apr 9, 2021
| EmailProperties.PROTOCOL.getValue(), | ||
| EmailProperties.SSL_PORT.getValue(), | ||
| EmailProperties.USERNAME.getValue(), | ||
| EmailProperties.PASSWORD.getValue(), |
There was a problem hiding this comment.
我认为这里只需要禁用 password 就好。
There was a problem hiding this comment.
邮箱也能随便让人知道吗
我建议,默认仅屏蔽重要字段。邮箱可以屏蔽,也可以不屏蔽掉。
|
/approve |
|
您好,想询问下在博客设置中是否有 |
|
这个 private_options 仅仅是用作于内部变量的设置,暂不支持自定义,自定义变量不受影响。 |
理论上这个 option 可以随意设置,不过我们还没有来得及添加这个功能到 halo-admin 中。 |
|
@fuzui 不过你可以打开开发者选项,手动添加 private_options。 |
|
了解了,感谢! |
|
@fuzui 我们默认会对极其敏感的 option 进行过滤,不用担心后续版本中会暴露敏感的 option。后面我们会在文档中提及我们已经过滤了哪些 option(s)。 |
|
@JohnNiang 收到,感谢您的回复! |
XuCpeng
added a commit
to XuCpeng/halo
that referenced
this pull request
Apr 17, 2021
* Create SECURITY.md (halo-dev#1144) * doc: update swagger contact email. (halo-dev#1147) * Update README.md * feat: halo-dev#1103 (halo-dev#1173) * feat: halo-dev#1174 (halo-dev#1177) * feat: halo-dev#1158 (halo-dev#1176) * Upgrade dependencies (halo-dev#1184) * Update spring boot version and source compatibility version * Rearrange some configs * Upgrade swagger to 3.0.0 * Make swagger configurable * Make swagger-ui.html path backward compatible * Change jdk version into 11 in ci/cd scripts and Dockerfile * chore: remove redis cache store (halo-dev#1190) * chore: remove redis cache store. * chore: remove redis cache store. * chore: update build.gradle. * Make more friendly error track (halo-dev#1191) * Update gradle wrapper version to 6.6.1 * Upgrade h2 version to 1.4.197 * Make controller log more details * Refactor FileHandler * Fix image reader error * fix: halo-dev#1200 (halo-dev#1207) * feat: halo-dev#1160. (halo-dev#1203) * fix: halo-dev#1180 (halo-dev#1209) * feat: halo-dev#766 (halo-dev#1210) * feat: add api for markdown export (halo-dev#1199) * add API for markdown-export * add front-matter support * optimize fileName for markdown-export * fornt-matter与正文中间增加换行符 * Replace travis ci with github action (halo-dev#1212) * 1196 refactor/ci (#3) * Remove .travis.yml * Refactor github action partially * Fix yaml syntax error * Add run command for every step * Set current branch name into halo.yml temporarily * Test validation.yml * Add upload-release-asset step into release.yml * Perfect release.yml * Fix indent error * Refactor on condition in release.yml * Refactor on condition in validation.yml * Fix release.yml * Fix upload_url value set * Fix environment set error * Change artifact variable from output into global environment * Fix deprecated environment set method * Fix environment variable set error * Change assert_content_type with application/zip * Refactor upload release step * Fix release id set * Fix release id set again * Fix syntax error * Refactor upload process * Refactor halo ci * Make build step rely on check step * Inspect docker action * Inspect docker action again * Refine bootBuildImage config * Refactor bootBuildImage config and halo ci * Fix download artifact path error * Fix docker image name concat error * Remove downloaded files inspect tips * perft: Reduce the scope of pointcut to make the package scope of tangent point as small as possible (halo-dev#1238) * feat: support custom post password template. (halo-dev#1236) * pref: clean unnecessary code. (halo-dev#1237) * pref: clean unnecessary code. * chore: change org.jetbrains.annotations.NotNull to org.springframework.lang.NonNull. * Refactor checkstyle (halo-dev#1241) * Refactor checkstyle.xml and add .editorconfig * Optimized imports * Rearrange codes * Fix check sytle error in source codes * Reformat test codes * Fix check style error in test codes * Config checkstyle plugin * Fix merge conflicts * fix: halo-dev#1214. (halo-dev#1242) * release: 1.4.3-beta.1. * release: 1.4.3-beta.2. * Update README.md * Fix theme updation error (halo-dev#1217) * Make rest controller loggable * Refactor pull from git process * Replace Callback interface with Consumer * Tag theme fetch apis and services deprecated * Add getAllBranchesTest * Refactor theme fetcher partially * Refactor theme property scanner * Add ThemeFetcherComposite * Add InputStreamThemeFetcher * Accomplish multipart zip file theme fetcher * Reformat ThemeServiceImpl * Reformat codes * Provide ThemeRepository * Complete MultipartFileThemeUpdater * Make CommonsMultipartResolver support put request method * Replace some methods with ThemeRepository * Add GitThemeUpdater * Add merge two local repo test * Refine merge process with two repos * Add more test entry point in GitTest * Add shutdown hook after creating temporary directory * Add test: find commit by tag * Refactor git clone process in GitThemeFetcher * Refine merge process of two repo * Make sure that RevWalk closed * Fix FileUtils#findRootPath bug * Add clean task before gradle check * Add fallback theme fetcher * Disable logback-test.xml * Set testLogging.showStandardStreams with true * Fix test error while missing halo-test folder * Enhance git theme fetcher * Add copy hidden folder test * Refine GitThemeFetcherTest * Accomplish GitThemeUpdater * Accomplish theme update * Fix checkstyle error * Add more deprecated details * Refactor Dockerfile with layered jar (halo-dev#1248) * Refactor Dockerfile with layered jar * Add projectVersion print task * Refactor docker build process * Remove aliyun maven mirror * Correct multi platforms list * Correct multi platforms list again * Make docker platforms configurable * Fix folder copy error: ProviderMismatchException (halo-dev#1249) * fix: unable to access custom sheet. (halo-dev#1246) * release: 1.4.3-beta.2. * doc: add document website. (halo-dev#1215) * doc: add document website. * doc: add document website. * doc: add document website. * release: 1.4.3. * Update README.md * Update README.md * feat: halo-dev#1225 (halo-dev#1235) * feat: halo-dev#1225 * fix: compatible with jdk1.8 * fix: format code * fix: fix the problem that the status of the recycle bin file is incorrect when revocering * fix: format code * fix: format code * fix: fix the post cannot be converted to recyling mode * fix: post cannot be published on deleting the category password * fix: fix jpa error * fix: format code * fix: encryption type extracted into enum * fix: format code * fix: format code * fix: changes requested * fix: format code * fix: revert checkstyle.xml * fix: change request * fix: not encrypt 方法改为重载方法 * fix: 修复因调整 git 版本被回退的代码 Co-authored-by: xiangbei.yzx <[email protected]> * fix: halo-dev#1255. (halo-dev#1256) * fix: halo-dev#1255. * fix: halo-dev#1255. * release: 1.4.4. * fix: category authentication redirect url. (halo-dev#1264) * pref: journals likes api. (halo-dev#1266) * pref: sitemap.xml (halo-dev#1267) * release: 1.4.5. * pref: grouping assertions (halo-dev#1273) * Grouping assertions Signed-off-by: Elvys Soares <[email protected]> * Grouping assertions Signed-off-by: Elvys Soares <[email protected]> * Grouping assertions Signed-off-by: Elvys Soares <[email protected]> * fix: code style check. Co-authored-by: Ryan Wang <[email protected]> * Fix Page response model inconsistent in swagger ui (halo-dev#1277) * Provide backup dto fetch api (halo-dev#1278) * Fix swagger security reference config error * Add backup dto fetch api * Rearrange fetch api * Fix incorrect cache lock of journal like api (halo-dev#1279) * fix: fetch work dir backup api. (halo-dev#1282) * feat: support import user. (halo-dev#1283) * fix: theme update by upload. (halo-dev#1284) * Cache current theme in theme repository (halo-dev#1286) * pref: halo-dev#1050 (halo-dev#1287) * Update FUNDING.yml * pref: init default theme. (halo-dev#1297) * feat: 扩展 freemarker 实现 block (halo-dev#1295) * fix halo-dev#950 附件不存在时删除报错的问题 * pref: 扩展 freemarker 增加 block 功能 close halo-dev#1292 * checkStyle * add unit test * update test * Upgrade spring boot version (halo-dev#1289) * Update gradle wrapper version * Update spring boot version to 2.5.0-M2 * Fix wrong const of temp_dir * Refactor error controller * Fix startup error due to theme not found * Refine error controller handler * Refine multipart resolver config * Fix ThemeRepositoryImplTest error * Fix freemarker not found error * chore: change jetty to undertow. * Remove useless throws Co-authored-by: Ryan Wang <[email protected]> * Make more tolerant of reading image (halo-dev#1298) * Fix error for updating activated theme (halo-dev#1300) * Fix error about response committed (halo-dev#1301) * Add index page request test * Add test for first page request * Create session before requesting content * chore: sync default theme. (halo-dev#1304) * Refactor system configuration (halo-dev#1303) * Refactor application*.yml * Remove application-user.yaml * Fix invalid config for aspect * Remove random theme folder generation (halo-dev#1305) * release: 1.4.6. * feat: halo-dev#1313 (halo-dev#1315) * release: 1.4.7-beta.1 * release: 1.4.7 * feat: add index page to sitemap.xml (halo-dev#1318) * style: set the color of log to default after banner (halo-dev#1321) * Upgrade to Spring Boot 2.5.0-M3 (halo-dev#1324) * feat: enable swagger configuration in development. (halo-dev#1328) * Automate attribute converter (halo-dev#1325) * Deprecate AbstractConverter * Remove unused enum and attribute converter * Add AttributeConverterApplyTest * Add JpaConfiguration * Add AttributeConverterAutoGenerator * Integrate automate-attribute-converter * Rename JpaConfiguration * Remove useless attribute converters * Exclude property enums for auto-generating * Refine JournalType definition * Fix an error about existing injected type * fix: halo-dev#1311 (halo-dev#1327) * feat: halo-dev#1036 (halo-dev#1331) * feat: halo-dev#1036 * revert: BaseCommentRepository. * fix: incorrect number of children comment. (halo-dev#1332) * feat: add gravatar source field for comment options api. (halo-dev#1333) * chore: remove deprecated code. (halo-dev#1334) * chore(deps): upgrade ali oss sdk dependency. (halo-dev#1335) * revert: halo-dev#1297 (halo-dev#1343) * pref: RSS/Atom (halo-dev#1342) * 1.Add the lastBuildDate in RSS. 2.Add the updated in Atom. 3.Change the date format in RSS and Atom 4.Add the lastModified in the response header. * fix code style * Add OptionFilter for bulk option api (halo-dev#1345) * Add OptionFilter for bulk option api * Add another filter method for single option * Restrict OptionController response * Remove redundant api * feat: complete private option keys. * feat: complete private option keys. Co-authored-by: Ryan Wang <[email protected]> * release: 1.4.8 * doc: update readme. * doc: update readme. * fix: Returns the result in the content api for options getby (halo-dev#1353) Co-authored-by: GalvinGao <[email protected]> Co-authored-by: Ryan Wang <[email protected]> Co-authored-by: John Niang <[email protected]> Co-authored-by: Raremaa <[email protected]> Co-authored-by: guqing <[email protected]> Co-authored-by: zhixiangyuan <[email protected]> Co-authored-by: xiangbei.yzx <[email protected]> Co-authored-by: Elvys Soares <[email protected]> Co-authored-by: Li <[email protected]> Co-authored-by: 知雨 <[email protected]> Co-authored-by: 肥鱼先生 <[email protected]> Co-authored-by: Lay <[email protected]> Co-authored-by: 扶醉 <[email protected]>
ruibaby
added a commit
to ruibaby/halo
that referenced
this pull request
Jun 11, 2021
* Add OptionFilter for bulk option api * Add another filter method for single option * Restrict OptionController response * Remove redundant api * feat: complete private option keys. * feat: complete private option keys. Co-authored-by: Ryan Wang <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Close #1280