我认为这是一个最近出现的 bug。我的客户使用的是由 Discourse 团队提供的托管 Discourse 服务。我们使用 /posts.json API 端点在网站上列出论坛中最新的 5 篇帖子(https://forum.bonsaimirai.com/posts.json)。我们通过 curl 在服务器端发起此请求。
最近我们注意到,在网站上只能看到最新的 3 或 4 篇帖子。看起来,当请求未携带 API 密钥时,我们只能看到如此短的近期帖子列表;而当使用 API 密钥和 API 用户名时,我们则能看到更多的帖子。
我们希望 /posts.json 端点能恢复之前的行为。我们应该能够获取到与以前相同数量的历史帖子。如果使用 API 密钥加用户名,我们最终会检索到一些不希望向所有用户展示的帖子(来自具有用户层级/群组限制的类别)。
/posts.json 请求是否有新的可用参数,可以用来指定所需的结果数量?这是否是托管服务所使用的特定 Discourse 版本独有的 bug?我注意到 meta.discourse.org 并没有出现这个问题。
That implies you may have special security that keeps some of the posts from being visible to anonymous users?
@codinghorror I think I just realized why this is happening. We do have a category on our forum that is restricted to a special group of paying users on our main site. Anonymous / “normal” logged in users can’t access this category.
I’m going to guess that if a single topic in that special category contains some large number of the most recent posts to the site, then they’re simply omitted from the posts.json endpoint for anonymous users. And thus, we exceed whatever the behind-the-scenes limit is for that endpoint. So we end up getting the truncated list that I’m seeing in this specific moment in time when requesting that feed anonymously.
Am I on to something here?
This is probably an edge case. But does it make sense to make a feature request for that endpoint so that it always returns the X number of most recent posts, relevant to whatever level of permissions the request is being made from?
That feature already exists, include the API key of a user with the desired permissions.
Thanks @codinghorror.
This is exactly what I’ve done. I make a request for the /posts.json using my API key with a “dummy” user possessing the desired permissions since not all members of our website have created accounts on the forum yet.
Everything is working as expected.