mirror of
https://github.com/overleaf/overleaf.git
synced 2024-09-16 02:52:31 -04:00
Only show users controls they have permission to use
This commit is contained in:
James Allen
parent
953371ad2d
commit
e7ab92b7c9
8 changed files with 41 additions and 13 deletions
|
|
@ -233,7 +233,8 @@ module.exports = class Router
|
|||
webRouter.get "/project/:project_id/messages", AuthorizationMiddlewear.ensureUserCanReadProject, ChatController.getMessages
|
||||
webRouter.post "/project/:project_id/messages", AuthorizationMiddlewear.ensureUserCanReadProject, ChatController.sendMessage
|
||||
|
||||
webRouter.post "/project/:project_id/thread/:thread_id/messages", AuthorizationMiddlewear.ensureUserCanWriteProjectContent, CommentsController.sendComment
|
||||
# Note: Read only users can still comment
|
||||
webRouter.post "/project/:project_id/thread/:thread_id/messages", AuthorizationMiddlewear.ensureUserCanReadProject, CommentsController.sendComment
|
||||
webRouter.get "/project/:project_id/threads", AuthorizationMiddlewear.ensureUserCanReadProject, CommentsController.getThreads
|
||||
webRouter.post "/project/:project_id/thread/:thread_id/resolve", AuthorizationMiddlewear.ensureUserCanWriteProjectContent, CommentsController.resolveThread
|
||||
webRouter.post "/project/:project_id/thread/:thread_id/reopen", AuthorizationMiddlewear.ensureUserCanWriteProjectContent, CommentsController.reopenThread
|
||||
|
|
|
|||
|
|
@ -9,12 +9,19 @@
|
|||
on-unresolve="unresolveComment(threadId);"
|
||||
on-delete="deleteComment(entryId, threadId);"
|
||||
is-loading="reviewPanel.dropdown.loading"
|
||||
permissions="permissions"
|
||||
)
|
||||
span.review-panel-toolbar-label(ng-click="toggleTrackChanges(true)", ng-if="editor.wantTrackChanges === false") Track Changes is
|
||||
strong off
|
||||
span.review-panel-toolbar-label(ng-click="toggleTrackChanges(false)", ng-if="editor.wantTrackChanges === true") Track Changes is
|
||||
strong on
|
||||
review-panel-toggle(ng-if="editor.wantTrackChanges == editor.trackChanges", ng-model="editor.wantTrackChanges", on-toggle="toggleTrackChanges")
|
||||
span.review-panel-toolbar-label(ng-if="permissions.write")
|
||||
span(ng-click="toggleTrackChanges(true)", ng-if="editor.wantTrackChanges === false") Track Changes is
|
||||
strong off
|
||||
span(ng-click="toggleTrackChanges(false)", ng-if="editor.wantTrackChanges === true") Track Changes is
|
||||
strong on
|
||||
review-panel-toggle(ng-if="editor.wantTrackChanges == editor.trackChanges", ng-model="editor.wantTrackChanges", on-toggle="toggleTrackChanges")
|
||||
span.review-panel-toolbar-label.review-panel-toolbar-label-disabled(ng-if="!permissions.write")
|
||||
span(ng-if="editor.wantTrackChanges === false") Track Changes is
|
||||
strong off
|
||||
span(ng-if="editor.wantTrackChanges === true") Track Changes is
|
||||
strong on
|
||||
span.review-panel-toolbar-spinner(ng-if="editor.wantTrackChanges != editor.trackChanges")
|
||||
i.fa.fa-spin.fa-spinner
|
||||
|
||||
|
|
@ -34,6 +41,7 @@
|
|||
on-reject="rejectChange(entry_id);"
|
||||
on-accept="acceptChange(entry_id);"
|
||||
on-indicator-click="toggleReviewPanel();"
|
||||
permissions="permissions"
|
||||
)
|
||||
|
||||
div(ng-if="entry.type === 'comment'")
|
||||
|
|
@ -43,9 +51,10 @@
|
|||
on-resolve="resolveComment(entry, entry_id)"
|
||||
on-reply="submitReply(entry, entry_id);"
|
||||
on-indicator-click="toggleReviewPanel();"
|
||||
permissions="permissions"
|
||||
)
|
||||
|
||||
div(ng-if="entry.type === 'add-comment'")
|
||||
div(ng-if="entry.type === 'add-comment' && permissions.comment")
|
||||
add-comment-entry(
|
||||
on-start-new="startNewComment();"
|
||||
on-submit="submitNewComment(content);"
|
||||
|
|
@ -76,6 +85,7 @@
|
|||
user="users[entry.metadata.user_id]"
|
||||
on-indicator-click="toggleReviewPanel();"
|
||||
ng-click="gotoEntry(doc_id, entry)"
|
||||
permissions="permissions"
|
||||
)
|
||||
|
||||
div(ng-if="entry.type === 'comment'")
|
||||
|
|
@ -85,6 +95,7 @@
|
|||
on-reply="submitReply(entry, entry_id);"
|
||||
on-indicator-click="toggleReviewPanel();"
|
||||
ng-click="gotoEntry(doc_id, entry)"
|
||||
permissions="permissions"
|
||||
)
|
||||
|
||||
.rp-nav
|
||||
|
|
@ -132,7 +143,7 @@ script(type='text/ng-template', id='changeEntryTemplate')
|
|||
.rp-entry-metadata
|
||||
| {{ entry.metadata.ts | date : 'MMM d, y h:mm a' }} •
|
||||
span.rp-entry-user(style="color: hsl({{ user.hue }}, 70%, 40%);") {{ user.name }}
|
||||
.rp-entry-actions
|
||||
.rp-entry-actions(ng-if="permissions.write")
|
||||
a.rp-entry-button(href, ng-click="onReject();")
|
||||
i.fa.fa-times
|
||||
| Reject
|
||||
|
|
@ -163,7 +174,7 @@ script(type='text/ng-template', id='commentEntryTemplate')
|
|||
| {{ comment.content }}
|
||||
.rp-entry-metadata
|
||||
| {{ comment.timestamp | date : 'MMM d, y h:mm a' }}
|
||||
.rp-comment-reply
|
||||
.rp-comment-reply(ng-if="permissions.comment")
|
||||
textarea.rp-comment-input(
|
||||
ng-model="entry.replyContent"
|
||||
ng-keypress="handleCommentReplyKeyPress($event);"
|
||||
|
|
@ -171,10 +182,10 @@ script(type='text/ng-template', id='commentEntryTemplate')
|
|||
placeholder="{{ 'Hit \"Enter\" to reply' + (entry.resolved ? ' and re-open' : '') }}"
|
||||
)
|
||||
.rp-entry-actions
|
||||
a.rp-entry-button(href, ng-click="onResolve();")
|
||||
a.rp-entry-button(href, ng-click="onResolve();", ng-if="permissions.comment && permissions.write")
|
||||
i.fa.fa-inbox
|
||||
| Resolve
|
||||
a.rp-entry-button(href, ng-click="onReply();")
|
||||
a.rp-entry-button(href, ng-click="onReply();", ng-if="permissions.comment")
|
||||
i.fa.fa-reply
|
||||
| Reply
|
||||
|
||||
|
|
@ -205,7 +216,7 @@ script(type='text/ng-template', id='resolvedCommentEntryTemplate')
|
|||
.rp-entry-metadata
|
||||
| {{ thread.resolved_at | date : 'MMM d, y h:mm a' }}
|
||||
|
||||
.rp-entry-actions
|
||||
.rp-entry-actions(ng-if="permissions.comment && permissions.write")
|
||||
a.rp-entry-button(
|
||||
href
|
||||
ng-click="onUnresolve({ 'threadId': thread.threadId });"
|
||||
|
|
@ -278,6 +289,7 @@ script(type='text/ng-template', id='resolvedCommentsDropdownTemplate')
|
|||
thread="thread"
|
||||
on-unresolve="handleUnresolve(threadId);"
|
||||
on-delete="handleDelete(entryId, threadId);"
|
||||
permissions="permissions"
|
||||
)
|
||||
.rp-loading(ng-if="!resolvedComments.length")
|
||||
| No resolved threads.
|
||||
|
|
|
|||
|
|
@ -5,15 +5,22 @@ define [], () ->
|
|||
read: false
|
||||
write: false
|
||||
admin: false
|
||||
comment: false
|
||||
@$scope.$watch "permissionsLevel", (permissionsLevel) =>
|
||||
|
||||
if permissionsLevel?
|
||||
if permissionsLevel == "readOnly"
|
||||
@$scope.permissions.read = true
|
||||
@$scope.permissions.comment = true
|
||||
else if permissionsLevel == "readAndWrite"
|
||||
@$scope.permissions.read = true
|
||||
@$scope.permissions.write = true
|
||||
@$scope.permissions.comment = true
|
||||
else if permissionsLevel == "owner"
|
||||
@$scope.permissions.read = true
|
||||
@$scope.permissions.write = true
|
||||
@$scope.permissions.admin = true
|
||||
@$scope.permissions.comment = true
|
||||
|
||||
if @$scope.anonymous
|
||||
@$scope.permissions.comment = false
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ define [
|
|||
scope:
|
||||
entry: "="
|
||||
user: "="
|
||||
permissions: "="
|
||||
onAccept: "&"
|
||||
onReject: "&"
|
||||
onIndicatorClick: "&"
|
||||
|
|
|
|||
|
|
@ -7,6 +7,7 @@ define [
|
|||
scope:
|
||||
entry: "="
|
||||
threads: "="
|
||||
permissions: "="
|
||||
onResolve: "&"
|
||||
onReply: "&"
|
||||
onIndicatorClick: "&"
|
||||
|
|
|
|||
|
|
@ -6,5 +6,6 @@ define [
|
|||
templateUrl: "resolvedCommentEntryTemplate"
|
||||
scope:
|
||||
thread: "="
|
||||
permissions: "="
|
||||
onUnresolve: "&"
|
||||
onDelete: "&"
|
||||
|
|
@ -9,6 +9,7 @@ define [
|
|||
threads : "="
|
||||
resolvedIds : "="
|
||||
docs : "="
|
||||
permissions: "="
|
||||
onOpen : "&"
|
||||
onUnresolve : "&"
|
||||
onDelete : "&"
|
||||
|
|
|
|||
|
|
@ -119,10 +119,13 @@
|
|||
}
|
||||
.review-panel-toolbar-label {
|
||||
cursor: pointer;
|
||||
margin-right: 5px;
|
||||
text-align: right;
|
||||
flex-grow: 1;
|
||||
}
|
||||
.review-panel-toolbar-label-disabled {
|
||||
cursor: auto;
|
||||
margin-right: 5px;
|
||||
}
|
||||
|
||||
.rp-entry-list {
|
||||
.rp-size-expanded & {
|
||||
|
|
@ -574,6 +577,7 @@
|
|||
.rp-toggle {
|
||||
display: inline-block;
|
||||
vertical-align: middle;
|
||||
margin-left: 5px;
|
||||
}
|
||||
.rp-toggle-hidden-input {
|
||||
display: none;
|
||||
|
|
|
|||
Loading…
Reference in a new issue