check if plugin is enabled

2025-10-30 20:55:42 +00:00 · 2021-11-12 01:12:13 +01:00
parent 8ef7a813ec
commit 36c0fad8e1
1 changed files with 15 additions and 6 deletions
--- a/InvenTree/plugin/apps.py
+++ b/InvenTree/plugin/apps.py
@@ -22,6 +22,7 @@ class PluginConfig(AppConfig):

    def ready(self):
        from common.models import InvenTreeSetting
+        from plugin.models import PluginConfig

        # Collect plugins from paths
        for plugin in settings.PLUGIN_DIRS:
@@ -40,8 +41,16 @@ class PluginConfig(AppConfig):
            # check if package
            was_packaged = getattr(plugin, 'is_package', False)

+            # check if activated
+            # these checks only use attributes - never use plugin supplied functions -> that would lead to arbitrary code execution!!
+            plug_name = plugin.PLUGIN_NAME
+            plug_key = plugin.PLUGIN_SLUG if getattr(plugin, 'PLUGIN_SLUG', None) else plug_name
+            plugin_db_setting, _ = PluginConfig.objects.get_or_create(key=plug_key, name=plug_name)
+
+            if plugin_db_setting.active:
                # init package
-            plugin.is_package = was_packaged
+                # now we can be sure that an admin has activated the plugin -> as of Nov 2021 there are not many checks in place
+                # but we could enhance those to check signatures, run the plugin against a whitelist etc.
                plugin = plugin()
                plugin.is_package = was_packaged
                # safe reference