mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2024-11-22 01:36:29 -05:00
Add limited and protected permission
This commit is contained in:
parent
c21fb8e2a0
commit
89b8ddeaba
5 changed files with 43 additions and 16 deletions
|
@ -23,7 +23,7 @@ var logger = require("../logger.js");
|
|||
var ot = require("../ot/index.js");
|
||||
|
||||
// permission types
|
||||
var permissionTypes = ["freely", "editable", "locked", "private"];
|
||||
var permissionTypes = ["freely", "editable", "locked", "private", "limited", "protected"];
|
||||
|
||||
module.exports = function (sequelize, DataTypes) {
|
||||
var Note = sequelize.define("Note", {
|
||||
|
@ -333,7 +333,7 @@ module.exports = function (sequelize, DataTypes) {
|
|||
if (meta.slideOptions && (typeof meta.slideOptions == "object"))
|
||||
_meta.slideOptions = meta.slideOptions;
|
||||
}
|
||||
return _meta;
|
||||
return _meta;
|
||||
},
|
||||
updateAuthorshipByOperation: function (operation, userId, authorships) {
|
||||
var index = 0;
|
||||
|
@ -532,4 +532,4 @@ module.exports = function (sequelize, DataTypes) {
|
|||
});
|
||||
|
||||
return Note;
|
||||
};
|
||||
};
|
||||
|
|
|
@ -251,13 +251,13 @@ function getStatus(callback) {
|
|||
return logger.error('count user failed: ' + err);
|
||||
});
|
||||
}).catch(function (err) {
|
||||
return logger.error('count note failed: ' + err);
|
||||
return logger.error('count note failed: ' + err);
|
||||
});
|
||||
}
|
||||
|
||||
function isReady() {
|
||||
return realtime.io
|
||||
&& Object.keys(notes).length == 0 && Object.keys(users).length == 0
|
||||
return realtime.io
|
||||
&& Object.keys(notes).length == 0 && Object.keys(users).length == 0
|
||||
&& connectionSocketQueue.length == 0 && !isConnectionBusy
|
||||
&& disconnectSocketQueue.length == 0 && !isDisconnectBusy;
|
||||
}
|
||||
|
@ -420,7 +420,7 @@ function finishConnection(socket, note, user) {
|
|||
function startConnection(socket) {
|
||||
if (isConnectionBusy) return;
|
||||
isConnectionBusy = true;
|
||||
|
||||
|
||||
var noteId = socket.noteId;
|
||||
if (!noteId) {
|
||||
return failConnection(404, 'note id not found', socket);
|
||||
|
@ -521,7 +521,7 @@ function disconnect(socket) {
|
|||
logger.info("SERVER disconnected a client");
|
||||
logger.info(JSON.stringify(users[socket.id]));
|
||||
}
|
||||
|
||||
|
||||
if (users[socket.id]) {
|
||||
delete users[socket.id];
|
||||
}
|
||||
|
@ -618,12 +618,12 @@ function ifMayEdit(socket, callback) {
|
|||
case "freely":
|
||||
//not blocking anyone
|
||||
break;
|
||||
case "editable":
|
||||
case "editable": case: "limited":
|
||||
//only login user can change
|
||||
if (!socket.request.user || !socket.request.user.logged_in)
|
||||
mayEdit = false;
|
||||
break;
|
||||
case "locked": case "private":
|
||||
case "locked": case "private": case "protected":
|
||||
//only owner can change
|
||||
if (!note.owner || note.owner != socket.request.user.id)
|
||||
mayEdit = false;
|
||||
|
@ -672,7 +672,7 @@ function operationCallback(socket, operation) {
|
|||
var noteId = note.alias ? note.alias : LZString.compressToBase64(note.id);
|
||||
if (note.server) history.updateHistory(userId, noteId, note.server.document);
|
||||
}, 0);
|
||||
|
||||
|
||||
}
|
||||
// save authorship
|
||||
note.authorship = models.Note.updateAuthorshipByOperation(operation, userId, note.authorship);
|
||||
|
@ -689,10 +689,10 @@ function connection(socket) {
|
|||
}
|
||||
|
||||
if (isDuplicatedInSocketQueue(socket, connectionSocketQueue)) return;
|
||||
|
||||
|
||||
// store noteId in this socket session
|
||||
socket.noteId = noteId;
|
||||
|
||||
|
||||
//initialize user data
|
||||
//random color
|
||||
var color = randomcolor();
|
||||
|
|
|
@ -122,6 +122,11 @@ function checkViewPermission(req, note) {
|
|||
return false;
|
||||
else
|
||||
return true;
|
||||
} else if (note.permission == 'limited' || note.permission == 'protected') {
|
||||
if( !req.isAuthenticated() ) {
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
} else {
|
||||
return true;
|
||||
}
|
||||
|
@ -161,7 +166,7 @@ function showNote(req, res, next) {
|
|||
findNote(req, res, function (note) {
|
||||
// force to use note id
|
||||
var noteId = req.params.noteId;
|
||||
var id = LZString.compressToBase64(note.id);
|
||||
var id = LZString.compressToBase64(note.id);
|
||||
if ((note.alias && noteId != note.alias) || (!note.alias && noteId != id))
|
||||
return res.redirect(config.serverurl + "/" + (note.alias || id));
|
||||
return responseHackMD(res, note);
|
||||
|
@ -413,7 +418,7 @@ function publishSlideActions(req, res, next) {
|
|||
res.redirect(config.serverurl + '/' + (note.alias ? note.alias : LZString.compressToBase64(note.id)));
|
||||
break;
|
||||
default:
|
||||
res.redirect(config.serverurl + '/p/' + note.shortid);
|
||||
res.redirect(config.serverurl + '/p/' + note.shortid);
|
||||
break;
|
||||
}
|
||||
});
|
||||
|
|
|
@ -857,7 +857,9 @@ window.ui = {
|
|||
freely: $(".ui-permission-freely"),
|
||||
editable: $(".ui-permission-editable"),
|
||||
locked: $(".ui-permission-locked"),
|
||||
private: $(".ui-permission-private")
|
||||
private: $(".ui-permission-private"),
|
||||
limited: $(".ui-permission-limited"),
|
||||
protected: $(".ui-permission-protected")
|
||||
},
|
||||
delete: $(".ui-delete-note")
|
||||
},
|
||||
|
@ -2247,6 +2249,14 @@ ui.infobar.permission.locked.click(function () {
|
|||
ui.infobar.permission.private.click(function () {
|
||||
emitPermission("private");
|
||||
});
|
||||
//limited
|
||||
ui.infobar.permission.limited.click(function() {
|
||||
emitPermission("limited");
|
||||
});
|
||||
//protected
|
||||
ui.infobar.permission.protected.click(function() {
|
||||
emitPermission("protected");
|
||||
});
|
||||
// delete note
|
||||
ui.infobar.delete.click(function () {
|
||||
$('.delete-modal').modal('show');
|
||||
|
@ -2285,6 +2295,14 @@ function updatePermission(newPermission) {
|
|||
label = '<i class="fa fa-hand-stop-o"></i> Private';
|
||||
title = "Only owner can view & edit";
|
||||
break;
|
||||
case "limited":
|
||||
label = '<i class="fa fa-hand-shield"></i> Limited';
|
||||
title = "Signed people can view and edit"
|
||||
break;
|
||||
case "protected":
|
||||
label = '<i class="fa fa-hand-stop-o"></i> Protected';
|
||||
title = "Signed people can view";
|
||||
break;
|
||||
}
|
||||
if (personalInfo.userid && owner && personalInfo.userid == owner) {
|
||||
label += ' <i class="fa fa-caret-down"></i>';
|
||||
|
@ -2302,6 +2320,7 @@ function havePermission() {
|
|||
bool = true;
|
||||
break;
|
||||
case "editable":
|
||||
case "limited":
|
||||
if (!personalInfo.login) {
|
||||
bool = false;
|
||||
} else {
|
||||
|
@ -2310,6 +2329,7 @@ function havePermission() {
|
|||
break;
|
||||
case "locked":
|
||||
case "private":
|
||||
case "protected":
|
||||
if (!owner || personalInfo.userid != owner) {
|
||||
bool = false;
|
||||
} else {
|
||||
|
|
|
@ -19,6 +19,8 @@
|
|||
<li class="ui-permission-editable"><a><i class="fa fa-shield fa-fw"></i> Editable - Signed people can edit</a></li>
|
||||
<li class="ui-permission-locked"><a><i class="fa fa-lock fa-fw"></i> Locked - Only owner can edit</a></li>
|
||||
<li class="ui-permission-private"><a><i class="fa fa-hand-stop-o fa-fw"></i> Private - Only owner can view & edit</a></li>
|
||||
<li class="ui-permission-limited"><a><i class="fa fa-shield fa-fw"></i> Limited - Signed people can edit & view</a></li>
|
||||
<li class="ui-permission-protected"><a><i class="fa fa-hand-stop-o fa-fw"></i> Protected - Only owner can edit</a></li>
|
||||
<li class="divider"></li>
|
||||
<li class="ui-delete-note"><a><i class="fa fa-trash-o fa-fw"></i> Delete this note</a></li>
|
||||
</ul>
|
||||
|
|
Loading…
Reference in a new issue