Enabling Badge SQL entails security and performance risks.
Starting from Discourse 1.6 badge sql can no longer be edited by admins unless explicitly enabled.
This change was made for a couple of reasons
Security: allowing admins to enter SQL directly allows them raw access to the database, generally we are opting that raw access to the database from the web UI is a feature you opt-in for. Even though the queries only return user_ids, an admin attacker can discover any information in the database using badge queries. If column A of table Y has the letter A in it return user_id 1 else 2.
Performance: getting badge SQL “just right” is an art, it is not something that is trivial for admins to do correctly. There is huge amount of risk that people who are not experts can create enormous load on a database by entering bad SQL
You can still get full authoring access by running:
./launcher enter app rails c > SiteSetting.enable_badge_sql = true
SiteSetting.enable_badge_sql = false (the default) disables all new badge SQL authoring. Existing badges will continue to work just fine with the SQL you have created. You can safely disable badge SQL after authoring your required badges for extra safety.
All site settings can be shadowed by globals … using
DISCOURSE_ENABLE_BADGE_SQL: true in your container config will enable this.