Replace disable_require_employee_https with a feature flag

2026-01-23 05:48:11 -05:00 · 2014-08-15 13:25:02 -03:00
parent 4dbf7cb2cf
commit 25a890d8ed
4 changed files with 9 additions and 6 deletions
--- a/r2/example.ini
+++ b/r2/example.ini
@@ -129,7 +129,6 @@ disable_ads = false
 disable_captcha = false
 disable_ratelimit = false
 disable_require_admin_otp = false
-disable_require_employee_https = false
 disable_wiki = false


@@ -672,4 +671,8 @@ cflag_lower_bound = 0.4
 cflag_upper_bound = 0.6

 feature_search_auto_restrict_sr = off
+
+# Availability for the "force HTTPS" option
 feature_allow_force_https = {"employee": true}
+# Who is required to use HTTPS?
+feature_require_https = off
--- a/r2/r2/controllers/api.py
+++ b/r2/r2/controllers/api.py
@@ -1052,9 +1052,9 @@ class ApiController(RedditController):
        """
        if form.has_errors("curpass", errors.WRONG_PASSWORD):
            return
-        can_disable = g.disable_require_employee_https or not c.user.employee
-        if not force_https and not can_disable:
-            form.set_html(".status", _("employees are required to use HTTPS"))
+        if not force_https and feature.is_enabled("require_https"):
+            form.set_html(".status",
+                          _("you may not disable HTTPS on this account"))
            return
        c.user.pref_force_https = force_https
        # Most pages we'd try to frame would be http:, and most browsers
--- a/r2/r2/lib/app_globals.py
+++ b/r2/r2/lib/app_globals.py
@@ -213,7 +213,6 @@ class Globals(object):
            'disable_captcha',
            'disable_ads',
            'disable_require_admin_otp',
-            'disable_require_employee_https',
            'trust_local_proxies',
            'shard_link_vote_queues',
            'shard_commentstree_queues',
--- a/r2/r2/models/account.py
+++ b/r2/r2/models/account.py
@@ -20,6 +20,7 @@
 # Inc. All Rights Reserved.
 ###############################################################################

+from r2.config import feature
 from r2.lib.db.thing     import Thing, Relation, NotFound
 from r2.lib.db.operators import lower
 from r2.lib.db.userrel   import UserRel
@@ -655,7 +656,7 @@ class Account(Thing):
    @property
    def https_forced(self):
        """Return whether this account may only be used via HTTPS."""
-        if not g.disable_require_employee_https and self.employee:
+        if feature.is_enabled_for("require_https", self):
            return True
        return self.pref_force_https