I’ve got a site admin trying to update the logo on their site, but they’re getting the error “Sorry, no files are authorized to be uploaded”. Based on my reading of the code, it appears that should only be reported if authorizesOneOrMoreExtensions returns false, and that function should return true if the user is a staff member and authorized_extensions_for_staff contains *, and on this site:
discourse(prod)> SiteSetting.authorized_extensions
=> ""
discourse(prod)> SiteSetting.authorized_extensions_for_staff
=> "*"
Based on this, I’m somewhat perplexed as to how they’re possibly seeing that error, and I’m assuming I’m misunderstanding how the code works. Pointers as to what I’m getting wrong, or further avenues for investigation, would be greatly appreciated.
I’m relatively confident that the user who I’m supporting is, indeed, logged in as an admin, since the screenshot they’ve shared with me (sorry, I can’t post it publicly for non-disclosure reasons) is of the “Admin > Site logo” page, with the error dialog showing the above error superimposed over it. If there’s a plausible explanation for how/why a non-staff member could end up on that screen, I’d be willing to give temporarily changing the user file extensions setting a go, but the site owners are quite adamant about not letting ordinary users upload media, so it’s not something to undertake lightly.