Add limited and protected permission

author: 蒼時弦也 2017-01-10 10:02:37 +0800
committer: 蒼時弦也 2017-01-10 10:02:37 +0800
commit: 89b8ddeabae81fd3a8891ce9d8191fbc9e27c83c (patch)
tree: 761f2a0d7129db7d01cb19b912fc056dbc01352b /lib/response.js
parent: c21fb8e2a0030095fd8dbfd13f6ba84e933b0e2e (diff)
1 files changed, 7 insertions, 2 deletions
diff --git a/lib/response.js b/lib/response.js
index a0dc8b1f..4438be24 100755
--- a/lib/response.js
+++ b/lib/response.js
@@ -122,6 +122,11 @@ function checkViewPermission(req, note) {
             return false;
         else
             return true;
+    } else if (note.permission == 'limited' || note.permission == 'protected') {
+        if( !req.isAuthenticated() ) {
+            return false;
+        }
+        return true;
     } else {
         return true;
     }
@@ -161,7 +166,7 @@ function showNote(req, res, next) {
     findNote(req, res, function (note) {
         // force to use note id
         var noteId = req.params.noteId;
-        var id = LZString.compressToBase64(note.id); 
+        var id = LZString.compressToBase64(note.id);
         if ((note.alias && noteId != note.alias) || (!note.alias && noteId != id))
             return res.redirect(config.serverurl + "/" + (note.alias || id));
         return responseHackMD(res, note);
@@ -413,7 +418,7 @@ function publishSlideActions(req, res, next) {
             res.redirect(config.serverurl + '/' + (note.alias ? note.alias : LZString.compressToBase64(note.id)));
             break;
         default:
-            res.redirect(config.serverurl + '/p/' + note.shortid);    
+            res.redirect(config.serverurl + '/p/' + note.shortid);
             break;
         }
     });
author	蒼時弦也	2017-01-10 10:02:37 +0800
committer	蒼時弦也	2017-01-10 10:02:37 +0800
commit	89b8ddeabae81fd3a8891ce9d8191fbc9e27c83c (patch)
tree	761f2a0d7129db7d01cb19b912fc056dbc01352b /lib/response.js
parent	c21fb8e2a0030095fd8dbfd13f6ba84e933b0e2e (diff)