From 89b8ddeabae81fd3a8891ce9d8191fbc9e27c83c Mon Sep 17 00:00:00 2001
From: 蒼時弦也
Date: Tue, 10 Jan 2017 10:02:37 +0800
Subject: Add limited and protected permission

---
 lib/response.js | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

(limited to 'lib/response.js')

diff --git a/lib/response.js b/lib/response.js
index a0dc8b1f..4438be24 100755
--- a/lib/response.js
+++ b/lib/response.js
@@ -122,6 +122,11 @@ function checkViewPermission(req, note) {
             return false;
         else
             return true;
+    } else if (note.permission == 'limited' || note.permission == 'protected') {
+        if( !req.isAuthenticated() ) {
+            return false;
+        }
+        return true;
     } else {
         return true;
     }
@@ -161,7 +166,7 @@ function showNote(req, res, next) {
     findNote(req, res, function (note) {
         // force to use note id
         var noteId = req.params.noteId;
-        var id = LZString.compressToBase64(note.id); 
+        var id = LZString.compressToBase64(note.id);
         if ((note.alias && noteId != note.alias) || (!note.alias && noteId != id))
             return res.redirect(config.serverurl + "/" + (note.alias || id));
         return responseHackMD(res, note);
@@ -413,7 +418,7 @@ function publishSlideActions(req, res, next) {
             res.redirect(config.serverurl + '/' + (note.alias ? note.alias : LZString.compressToBase64(note.id)));
             break;
         default:
-            res.redirect(config.serverurl + '/p/' + note.shortid);    
+            res.redirect(config.serverurl + '/p/' + note.shortid);
             break;
         }
     });
-- 
cgit v1.2.3