From b310666bdaeabdd494af1b6d6f2a1a66e84d2a64 Mon Sep 17 00:00:00 2001 From: Hannah Wolfe Date: Wed, 3 Mar 2021 12:47:09 +0000 Subject: [PATCH] Added custom theme feature limit refs: https://github.com/TryGhost/Team/issues/510 - in the case that host config is provided, limits Ghost to only permitting official themes to be installed and used --- core/server/api/canary/themes.js | 11 ++++++++++- core/server/api/v2/themes.js | 11 +++++++++-- core/server/api/v3/themes.js | 7 ++++++- 3 files changed, 25 insertions(+), 4 deletions(-) diff --git a/core/server/api/canary/themes.js b/core/server/api/canary/themes.js index 94fb9c4e80..6d68678140 100644 --- a/core/server/api/canary/themes.js +++ b/core/server/api/canary/themes.js @@ -4,6 +4,7 @@ const path = require('path'); const security = require('@tryghost/security'); const {events} = require('../../lib/common'); const themeService = require('../../../frontend/services/themes'); +const limitService = require('../../services/limits'); const models = require('../../models'); const request = require('../../lib/request'); const errors = require('@tryghost/errors/lib/errors'); @@ -75,6 +76,10 @@ module.exports = { if (frame.options.source === 'github') { const [org, repo] = frame.options.ref.toLowerCase().split('/'); + if (limitService.isLimited('custom_themes') && org.toLowerCase() !== 'tryghost') { + await limitService.errorIfWouldGoOverLimit('custom_themes'); + } + // omit /:ref so we fetch the default branch const zipUrl = `https://api.github.com/repos/${org}/${repo}/zipball`; const zipName = `${repo}.zip`; @@ -133,7 +138,11 @@ module.exports = { permissions: { method: 'add' }, - query(frame) { + async query(frame) { + if (limitService.isLimited('custom_themes')) { + return await limitService.errorIfWouldGoOverLimit('custom_themes'); + } + // @NOTE: consistent filename uploads frame.options.originalname = frame.file.originalname.toLowerCase(); diff --git a/core/server/api/v2/themes.js b/core/server/api/v2/themes.js index 173cc43933..c3ff04a23c 100644 --- a/core/server/api/v2/themes.js +++ b/core/server/api/v2/themes.js @@ -1,5 +1,6 @@ const {events} = require('../../lib/common'); const themeService = require('../../../frontend/services/themes'); +const limitService = require('../../services/limits'); const models = require('../../models'); module.exports = { @@ -51,9 +52,15 @@ module.exports = { permissions: { method: 'add' }, - query(frame) { + async query(frame) { + if (limitService.isLimited('custom_themes')) { + return await limitService.errorIfWouldGoOverLimit('custom_themes'); + } + // @NOTE: consistent filename uploads - frame.options.originalname = frame.file.originalname.toLowerCase(); + { + frame.options.originalname = frame.file.originalname.toLowerCase(); + } let zip = { path: frame.file.path, diff --git a/core/server/api/v3/themes.js b/core/server/api/v3/themes.js index 173cc43933..a75413f7b8 100644 --- a/core/server/api/v3/themes.js +++ b/core/server/api/v3/themes.js @@ -1,5 +1,6 @@ const {events} = require('../../lib/common'); const themeService = require('../../../frontend/services/themes'); +const limitService = require('../../services/limits'); const models = require('../../models'); module.exports = { @@ -51,7 +52,11 @@ module.exports = { permissions: { method: 'add' }, - query(frame) { + async query(frame) { + if (limitService.isLimited('custom_themes')) { + return await limitService.errorIfWouldGoOverLimit('custom_themes'); + } + // @NOTE: consistent filename uploads frame.options.originalname = frame.file.originalname.toLowerCase();