From 5c7eb483198d0d92dc88c7a7c25cca5c23eb5cf2 Mon Sep 17 00:00:00 2001 From: Wu Cheng-Han Date: Thu, 15 Dec 2016 14:07:12 +0800 Subject: [PATCH] Add support of allow anonymous config option with correspond modifications --- README.md | 2 ++ lib/config.js | 3 +++ lib/realtime.js | 1 + lib/response.js | 4 ++++ public/views/body.ejs | 2 +- public/views/index.ejs | 4 ++++ 6 files changed, 15 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index bdf97ee28..7aa8b0602 100644 --- a/README.md +++ b/README.md @@ -118,6 +118,7 @@ Environment variables (will overwrite other server configs) | HMD_PROTOCOL_USESSL | `true` or `false` | set to use ssl protocol for resources path (only applied when domain is set) | | HMD_URL_ADDPORT | `true` or `false` | set to add port on callback url (port 80 or 443 won't applied) (only applied when domain is set) | | HMD_USECDN | `true` or `false` | set to use CDN resources or not (default is `true`) | +| HMD_ALLOW_ANONMYOUS | `true` or `false` | set to allow anonmyous usage (default is `true`) | | HMD_FACEBOOK_CLIENTID | no example | Facebook API client id | | HMD_FACEBOOK_CLIENTSECRET | no example | Facebook API client secret | | HMD_TWITTER_CONSUMERKEY | no example | Twitter API consumer key | @@ -153,6 +154,7 @@ Server settings `config.json` | protocolusessl | `true` or `false` | set to use ssl protocol for resources path (only applied when domain is set) | | urladdport | `true` or `false` | set to add port on callback url (port 80 or 443 won't applied) (only applied when domain is set) | | usecdn | `true` or `false` | set to use CDN resources or not (default is `true`) | +| allowanonmyous | `true` or `false` | set to allow anonmyous usage (default is `true`) | | db | `{ "dialect": "sqlite", "storage": "./db.hackmd.sqlite" }` | set the db configs, [see more here](http://sequelize.readthedocs.org/en/latest/api/sequelize/) | | sslkeypath | `./cert/client.key` | ssl key path (only need when you set usessl) | | sslcertpath | `./cert/hackmd_io.crt` | ssl cert path (only need when you set usessl) | diff --git a/lib/config.js b/lib/config.js index 669fcaa8e..fb8d19070 100644 --- a/lib/config.js +++ b/lib/config.js @@ -19,6 +19,8 @@ var urladdport = process.env.HMD_URL_ADDPORT ? (process.env.HMD_URL_ADDPORT === var usecdn = process.env.HMD_USECDN ? (process.env.HMD_USECDN === 'true') : ((typeof config.usecdn === 'boolean') ? config.usecdn : true); +var allowanonmyous = process.env.HMD_ALLOW_ANONMYOUS ? (process.env.HMD_ALLOW_ANONMYOUS === 'true') : ((typeof config.allowanonmyous === 'boolean') ? config.allowanonmyous : true); + // db var db = config.db || { dialect: 'sqlite', @@ -125,6 +127,7 @@ module.exports = { usessl: usessl, serverurl: getserverurl(), usecdn: usecdn, + allowanonmyous: allowanonmyous, db: db, sslkeypath: path.join(cwd, sslkeypath), sslcertpath: path.join(cwd, sslcertpath), diff --git a/lib/realtime.js b/lib/realtime.js index 73f831f41..0b9e0c771 100644 --- a/lib/realtime.js +++ b/lib/realtime.js @@ -763,6 +763,7 @@ function connection(socket) { var note = notes[noteId]; //Only owner can change permission if (note.owner && note.owner == socket.request.user.id) { + if (permission == 'freely' && !config.allowanonmyous) return; note.permission = permission; models.Note.update({ permission: permission diff --git a/lib/response.js b/lib/response.js index aae398511..3f837e715 100755 --- a/lib/response.js +++ b/lib/response.js @@ -60,6 +60,7 @@ function showIndex(req, res, next) { res.render(config.indexpath, { url: config.serverurl, useCDN: config.usecdn, + allowAnonmyous: config.allowanonmyous, facebook: config.facebook, twitter: config.twitter, github: config.github, @@ -92,6 +93,7 @@ function responseHackMD(res, note) { url: config.serverurl, title: title, useCDN: config.usecdn, + allowAnonmyous: config.allowanonmyous, facebook: config.facebook, twitter: config.twitter, github: config.github, @@ -106,6 +108,8 @@ function newNote(req, res, next) { var owner = null; if (req.isAuthenticated()) { owner = req.user.id; + } else if (!config.allowanonmyous) { + return response.errorForbidden(res); } models.Note.create({ ownerId: owner diff --git a/public/views/body.ejs b/public/views/body.ejs index 79f2544e0..5de51f3fa 100644 --- a/public/views/body.ejs +++ b/public/views/body.ejs @@ -15,7 +15,7 @@