From 58630bcd4c8697b73331521d382e20de0e6e6479 Mon Sep 17 00:00:00 2001 From: Samuel Bohn Date: Wed, 23 Aug 2023 21:34:48 +0200 Subject: [PATCH] Fix request safety issue in set_locale (#315) * fix request safety issue in set_locale * fix instructions to suggest request safe way to set locale --- bullet_train-api/test/dummy/config/locales/en.yml | 4 ++-- bullet_train-fields/test/dummy/config/locales/en.yml | 4 ++-- bullet_train-has_uuid/test/dummy/config/locales/en.yml | 4 ++-- .../test/dummy/config/locales/en.yml | 4 ++-- .../test/dummy/config/locales/en.yml | 4 ++-- bullet_train-integrations/test/dummy/config/locales/en.yml | 4 ++-- .../test/dummy/config/locales/en.yml | 4 ++-- .../test/dummy/config/locales/en.yml | 4 ++-- bullet_train-roles/test/dummy/config/locales/en.yml | 4 ++-- .../test/dummy/config/locales/en.yml | 4 ++-- bullet_train-sortable/test/dummy/config/locales/en.yml | 4 ++-- .../test/dummy/config/locales/en.yml | 4 ++-- .../test/dummy/config/locales/en.yml | 4 ++-- bullet_train-themes-light/test/dummy/config/locales/en.yml | 4 ++-- .../test/dummy/config/locales/en.yml | 4 ++-- bullet_train-themes/test/dummy/config/locales/en.yml | 4 ++-- bullet_train/app/controllers/concerns/controllers/base.rb | 7 +++---- bullet_train/config/locales/en/base.yml | 4 ++-- bullet_train/test/dummy/config/locales/en.yml | 4 ++-- 19 files changed, 39 insertions(+), 40 deletions(-) diff --git a/bullet_train-api/test/dummy/config/locales/en.yml b/bullet_train-api/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train-api/test/dummy/config/locales/en.yml +++ b/bullet_train-api/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train-fields/test/dummy/config/locales/en.yml b/bullet_train-fields/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train-fields/test/dummy/config/locales/en.yml +++ b/bullet_train-fields/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train-has_uuid/test/dummy/config/locales/en.yml b/bullet_train-has_uuid/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train-has_uuid/test/dummy/config/locales/en.yml +++ b/bullet_train-has_uuid/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train-incoming_webhooks/test/dummy/config/locales/en.yml b/bullet_train-incoming_webhooks/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train-incoming_webhooks/test/dummy/config/locales/en.yml +++ b/bullet_train-incoming_webhooks/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train-integrations-stripe/test/dummy/config/locales/en.yml b/bullet_train-integrations-stripe/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train-integrations-stripe/test/dummy/config/locales/en.yml +++ b/bullet_train-integrations-stripe/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train-integrations/test/dummy/config/locales/en.yml b/bullet_train-integrations/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train-integrations/test/dummy/config/locales/en.yml +++ b/bullet_train-integrations/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train-obfuscates_id/test/dummy/config/locales/en.yml b/bullet_train-obfuscates_id/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train-obfuscates_id/test/dummy/config/locales/en.yml +++ b/bullet_train-obfuscates_id/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train-outgoing_webhooks/test/dummy/config/locales/en.yml b/bullet_train-outgoing_webhooks/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train-outgoing_webhooks/test/dummy/config/locales/en.yml +++ b/bullet_train-outgoing_webhooks/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train-roles/test/dummy/config/locales/en.yml b/bullet_train-roles/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train-roles/test/dummy/config/locales/en.yml +++ b/bullet_train-roles/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train-scope_questions/test/dummy/config/locales/en.yml b/bullet_train-scope_questions/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train-scope_questions/test/dummy/config/locales/en.yml +++ b/bullet_train-scope_questions/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train-sortable/test/dummy/config/locales/en.yml b/bullet_train-sortable/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train-sortable/test/dummy/config/locales/en.yml +++ b/bullet_train-sortable/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train-super_load_and_authorize_resource/test/dummy/config/locales/en.yml b/bullet_train-super_load_and_authorize_resource/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train-super_load_and_authorize_resource/test/dummy/config/locales/en.yml +++ b/bullet_train-super_load_and_authorize_resource/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train-super_scaffolding/test/dummy/config/locales/en.yml b/bullet_train-super_scaffolding/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train-super_scaffolding/test/dummy/config/locales/en.yml +++ b/bullet_train-super_scaffolding/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train-themes-light/test/dummy/config/locales/en.yml b/bullet_train-themes-light/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train-themes-light/test/dummy/config/locales/en.yml +++ b/bullet_train-themes-light/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train-themes-tailwind_css/test/dummy/config/locales/en.yml b/bullet_train-themes-tailwind_css/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train-themes-tailwind_css/test/dummy/config/locales/en.yml +++ b/bullet_train-themes-tailwind_css/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train-themes/test/dummy/config/locales/en.yml b/bullet_train-themes/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train-themes/test/dummy/config/locales/en.yml +++ b/bullet_train-themes/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train/app/controllers/concerns/controllers/base.rb b/bullet_train/app/controllers/concerns/controllers/base.rb index 96863fb8d..56e2c88d5 100644 --- a/bullet_train/app/controllers/concerns/controllers/base.rb +++ b/bullet_train/app/controllers/concerns/controllers/base.rb @@ -85,15 +85,14 @@ def enforce_invitation_only end end - def set_locale - I18n.locale = [ + def set_locale(&action) + locale = [ current_user&.locale, current_user&.current_team&.locale, http_accept_language.compatible_language_from(I18n.available_locales), I18n.default_locale.to_s ].compact.find { |potential_locale| I18n.available_locales.include?(potential_locale.to_sym) } - yield - I18n.locale = I18n.default_locale + I18n.with_locale(locale, &action) end # Whitelist the account namespace and prevent JavaScript diff --git a/bullet_train/config/locales/en/base.yml b/bullet_train/config/locales/en/base.yml index c24615efd..b52fd1317 100644 --- a/bullet_train/config/locales/en/base.yml +++ b/bullet_train/config/locales/en/base.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. # diff --git a/bullet_train/test/dummy/config/locales/en.yml b/bullet_train/test/dummy/config/locales/en.yml index 8ca56fc74..4f9c15734 100644 --- a/bullet_train/test/dummy/config/locales/en.yml +++ b/bullet_train/test/dummy/config/locales/en.yml @@ -10,9 +10,9 @@ # # <%= t("hello") %> # -# To use a different locale, set it with `I18n.locale`: +# To use a different locale, set it with `I18n.with_locale`: # -# I18n.locale = :es +# I18n.with_locale(:es, &block) # # This would use the information in config/locales/es.yml. #