mirror of https://github.com/status-im/codimd.git
Add limited and protected permission
This commit is contained in:
parent
c21fb8e2a0
commit
89b8ddeaba
|
@ -23,7 +23,7 @@ var logger = require("../logger.js");
|
||||||
var ot = require("../ot/index.js");
|
var ot = require("../ot/index.js");
|
||||||
|
|
||||||
// permission types
|
// permission types
|
||||||
var permissionTypes = ["freely", "editable", "locked", "private"];
|
var permissionTypes = ["freely", "editable", "locked", "private", "limited", "protected"];
|
||||||
|
|
||||||
module.exports = function (sequelize, DataTypes) {
|
module.exports = function (sequelize, DataTypes) {
|
||||||
var Note = sequelize.define("Note", {
|
var Note = sequelize.define("Note", {
|
||||||
|
@ -333,7 +333,7 @@ module.exports = function (sequelize, DataTypes) {
|
||||||
if (meta.slideOptions && (typeof meta.slideOptions == "object"))
|
if (meta.slideOptions && (typeof meta.slideOptions == "object"))
|
||||||
_meta.slideOptions = meta.slideOptions;
|
_meta.slideOptions = meta.slideOptions;
|
||||||
}
|
}
|
||||||
return _meta;
|
return _meta;
|
||||||
},
|
},
|
||||||
updateAuthorshipByOperation: function (operation, userId, authorships) {
|
updateAuthorshipByOperation: function (operation, userId, authorships) {
|
||||||
var index = 0;
|
var index = 0;
|
||||||
|
@ -532,4 +532,4 @@ module.exports = function (sequelize, DataTypes) {
|
||||||
});
|
});
|
||||||
|
|
||||||
return Note;
|
return Note;
|
||||||
};
|
};
|
||||||
|
|
|
@ -251,13 +251,13 @@ function getStatus(callback) {
|
||||||
return logger.error('count user failed: ' + err);
|
return logger.error('count user failed: ' + err);
|
||||||
});
|
});
|
||||||
}).catch(function (err) {
|
}).catch(function (err) {
|
||||||
return logger.error('count note failed: ' + err);
|
return logger.error('count note failed: ' + err);
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
function isReady() {
|
function isReady() {
|
||||||
return realtime.io
|
return realtime.io
|
||||||
&& Object.keys(notes).length == 0 && Object.keys(users).length == 0
|
&& Object.keys(notes).length == 0 && Object.keys(users).length == 0
|
||||||
&& connectionSocketQueue.length == 0 && !isConnectionBusy
|
&& connectionSocketQueue.length == 0 && !isConnectionBusy
|
||||||
&& disconnectSocketQueue.length == 0 && !isDisconnectBusy;
|
&& disconnectSocketQueue.length == 0 && !isDisconnectBusy;
|
||||||
}
|
}
|
||||||
|
@ -420,7 +420,7 @@ function finishConnection(socket, note, user) {
|
||||||
function startConnection(socket) {
|
function startConnection(socket) {
|
||||||
if (isConnectionBusy) return;
|
if (isConnectionBusy) return;
|
||||||
isConnectionBusy = true;
|
isConnectionBusy = true;
|
||||||
|
|
||||||
var noteId = socket.noteId;
|
var noteId = socket.noteId;
|
||||||
if (!noteId) {
|
if (!noteId) {
|
||||||
return failConnection(404, 'note id not found', socket);
|
return failConnection(404, 'note id not found', socket);
|
||||||
|
@ -521,7 +521,7 @@ function disconnect(socket) {
|
||||||
logger.info("SERVER disconnected a client");
|
logger.info("SERVER disconnected a client");
|
||||||
logger.info(JSON.stringify(users[socket.id]));
|
logger.info(JSON.stringify(users[socket.id]));
|
||||||
}
|
}
|
||||||
|
|
||||||
if (users[socket.id]) {
|
if (users[socket.id]) {
|
||||||
delete users[socket.id];
|
delete users[socket.id];
|
||||||
}
|
}
|
||||||
|
@ -618,12 +618,12 @@ function ifMayEdit(socket, callback) {
|
||||||
case "freely":
|
case "freely":
|
||||||
//not blocking anyone
|
//not blocking anyone
|
||||||
break;
|
break;
|
||||||
case "editable":
|
case "editable": case: "limited":
|
||||||
//only login user can change
|
//only login user can change
|
||||||
if (!socket.request.user || !socket.request.user.logged_in)
|
if (!socket.request.user || !socket.request.user.logged_in)
|
||||||
mayEdit = false;
|
mayEdit = false;
|
||||||
break;
|
break;
|
||||||
case "locked": case "private":
|
case "locked": case "private": case "protected":
|
||||||
//only owner can change
|
//only owner can change
|
||||||
if (!note.owner || note.owner != socket.request.user.id)
|
if (!note.owner || note.owner != socket.request.user.id)
|
||||||
mayEdit = false;
|
mayEdit = false;
|
||||||
|
@ -672,7 +672,7 @@ function operationCallback(socket, operation) {
|
||||||
var noteId = note.alias ? note.alias : LZString.compressToBase64(note.id);
|
var noteId = note.alias ? note.alias : LZString.compressToBase64(note.id);
|
||||||
if (note.server) history.updateHistory(userId, noteId, note.server.document);
|
if (note.server) history.updateHistory(userId, noteId, note.server.document);
|
||||||
}, 0);
|
}, 0);
|
||||||
|
|
||||||
}
|
}
|
||||||
// save authorship
|
// save authorship
|
||||||
note.authorship = models.Note.updateAuthorshipByOperation(operation, userId, note.authorship);
|
note.authorship = models.Note.updateAuthorshipByOperation(operation, userId, note.authorship);
|
||||||
|
@ -689,10 +689,10 @@ function connection(socket) {
|
||||||
}
|
}
|
||||||
|
|
||||||
if (isDuplicatedInSocketQueue(socket, connectionSocketQueue)) return;
|
if (isDuplicatedInSocketQueue(socket, connectionSocketQueue)) return;
|
||||||
|
|
||||||
// store noteId in this socket session
|
// store noteId in this socket session
|
||||||
socket.noteId = noteId;
|
socket.noteId = noteId;
|
||||||
|
|
||||||
//initialize user data
|
//initialize user data
|
||||||
//random color
|
//random color
|
||||||
var color = randomcolor();
|
var color = randomcolor();
|
||||||
|
|
|
@ -122,6 +122,11 @@ function checkViewPermission(req, note) {
|
||||||
return false;
|
return false;
|
||||||
else
|
else
|
||||||
return true;
|
return true;
|
||||||
|
} else if (note.permission == 'limited' || note.permission == 'protected') {
|
||||||
|
if( !req.isAuthenticated() ) {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
return true;
|
||||||
} else {
|
} else {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
@ -161,7 +166,7 @@ function showNote(req, res, next) {
|
||||||
findNote(req, res, function (note) {
|
findNote(req, res, function (note) {
|
||||||
// force to use note id
|
// force to use note id
|
||||||
var noteId = req.params.noteId;
|
var noteId = req.params.noteId;
|
||||||
var id = LZString.compressToBase64(note.id);
|
var id = LZString.compressToBase64(note.id);
|
||||||
if ((note.alias && noteId != note.alias) || (!note.alias && noteId != id))
|
if ((note.alias && noteId != note.alias) || (!note.alias && noteId != id))
|
||||||
return res.redirect(config.serverurl + "/" + (note.alias || id));
|
return res.redirect(config.serverurl + "/" + (note.alias || id));
|
||||||
return responseHackMD(res, note);
|
return responseHackMD(res, note);
|
||||||
|
@ -413,7 +418,7 @@ function publishSlideActions(req, res, next) {
|
||||||
res.redirect(config.serverurl + '/' + (note.alias ? note.alias : LZString.compressToBase64(note.id)));
|
res.redirect(config.serverurl + '/' + (note.alias ? note.alias : LZString.compressToBase64(note.id)));
|
||||||
break;
|
break;
|
||||||
default:
|
default:
|
||||||
res.redirect(config.serverurl + '/p/' + note.shortid);
|
res.redirect(config.serverurl + '/p/' + note.shortid);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
|
@ -857,7 +857,9 @@ window.ui = {
|
||||||
freely: $(".ui-permission-freely"),
|
freely: $(".ui-permission-freely"),
|
||||||
editable: $(".ui-permission-editable"),
|
editable: $(".ui-permission-editable"),
|
||||||
locked: $(".ui-permission-locked"),
|
locked: $(".ui-permission-locked"),
|
||||||
private: $(".ui-permission-private")
|
private: $(".ui-permission-private"),
|
||||||
|
limited: $(".ui-permission-limited"),
|
||||||
|
protected: $(".ui-permission-protected")
|
||||||
},
|
},
|
||||||
delete: $(".ui-delete-note")
|
delete: $(".ui-delete-note")
|
||||||
},
|
},
|
||||||
|
@ -2247,6 +2249,14 @@ ui.infobar.permission.locked.click(function () {
|
||||||
ui.infobar.permission.private.click(function () {
|
ui.infobar.permission.private.click(function () {
|
||||||
emitPermission("private");
|
emitPermission("private");
|
||||||
});
|
});
|
||||||
|
//limited
|
||||||
|
ui.infobar.permission.limited.click(function() {
|
||||||
|
emitPermission("limited");
|
||||||
|
});
|
||||||
|
//protected
|
||||||
|
ui.infobar.permission.protected.click(function() {
|
||||||
|
emitPermission("protected");
|
||||||
|
});
|
||||||
// delete note
|
// delete note
|
||||||
ui.infobar.delete.click(function () {
|
ui.infobar.delete.click(function () {
|
||||||
$('.delete-modal').modal('show');
|
$('.delete-modal').modal('show');
|
||||||
|
@ -2285,6 +2295,14 @@ function updatePermission(newPermission) {
|
||||||
label = '<i class="fa fa-hand-stop-o"></i> Private';
|
label = '<i class="fa fa-hand-stop-o"></i> Private';
|
||||||
title = "Only owner can view & edit";
|
title = "Only owner can view & edit";
|
||||||
break;
|
break;
|
||||||
|
case "limited":
|
||||||
|
label = '<i class="fa fa-hand-shield"></i> Limited';
|
||||||
|
title = "Signed people can view and edit"
|
||||||
|
break;
|
||||||
|
case "protected":
|
||||||
|
label = '<i class="fa fa-hand-stop-o"></i> Protected';
|
||||||
|
title = "Signed people can view";
|
||||||
|
break;
|
||||||
}
|
}
|
||||||
if (personalInfo.userid && owner && personalInfo.userid == owner) {
|
if (personalInfo.userid && owner && personalInfo.userid == owner) {
|
||||||
label += ' <i class="fa fa-caret-down"></i>';
|
label += ' <i class="fa fa-caret-down"></i>';
|
||||||
|
@ -2302,6 +2320,7 @@ function havePermission() {
|
||||||
bool = true;
|
bool = true;
|
||||||
break;
|
break;
|
||||||
case "editable":
|
case "editable":
|
||||||
|
case "limited":
|
||||||
if (!personalInfo.login) {
|
if (!personalInfo.login) {
|
||||||
bool = false;
|
bool = false;
|
||||||
} else {
|
} else {
|
||||||
|
@ -2310,6 +2329,7 @@ function havePermission() {
|
||||||
break;
|
break;
|
||||||
case "locked":
|
case "locked":
|
||||||
case "private":
|
case "private":
|
||||||
|
case "protected":
|
||||||
if (!owner || personalInfo.userid != owner) {
|
if (!owner || personalInfo.userid != owner) {
|
||||||
bool = false;
|
bool = false;
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -19,6 +19,8 @@
|
||||||
<li class="ui-permission-editable"><a><i class="fa fa-shield fa-fw"></i> Editable - Signed people can edit</a></li>
|
<li class="ui-permission-editable"><a><i class="fa fa-shield fa-fw"></i> Editable - Signed people can edit</a></li>
|
||||||
<li class="ui-permission-locked"><a><i class="fa fa-lock fa-fw"></i> Locked - Only owner can edit</a></li>
|
<li class="ui-permission-locked"><a><i class="fa fa-lock fa-fw"></i> Locked - Only owner can edit</a></li>
|
||||||
<li class="ui-permission-private"><a><i class="fa fa-hand-stop-o fa-fw"></i> Private - Only owner can view & edit</a></li>
|
<li class="ui-permission-private"><a><i class="fa fa-hand-stop-o fa-fw"></i> Private - Only owner can view & edit</a></li>
|
||||||
|
<li class="ui-permission-limited"><a><i class="fa fa-shield fa-fw"></i> Limited - Signed people can edit & view</a></li>
|
||||||
|
<li class="ui-permission-protected"><a><i class="fa fa-hand-stop-o fa-fw"></i> Protected - Only owner can edit</a></li>
|
||||||
<li class="divider"></li>
|
<li class="divider"></li>
|
||||||
<li class="ui-delete-note"><a><i class="fa fa-trash-o fa-fw"></i> Delete this note</a></li>
|
<li class="ui-delete-note"><a><i class="fa fa-trash-o fa-fw"></i> Delete this note</a></li>
|
||||||
</ul>
|
</ul>
|
||||||
|
|
Loading…
Reference in New Issue