From 5c7eb483198d0d92dc88c7a7c25cca5c23eb5cf2 Mon Sep 17 00:00:00 2001
From: Wu Cheng-Han
Date: Thu, 15 Dec 2016 14:07:12 +0800
Subject: Add support of allow anonymous config option with correspond
 modifications

---
 lib/config.js   | 3 +++
 lib/realtime.js | 1 +
 lib/response.js | 4 ++++
 3 files changed, 8 insertions(+)

(limited to 'lib')

diff --git a/lib/config.js b/lib/config.js
index 669fcaa8..fb8d1907 100644
--- a/lib/config.js
+++ b/lib/config.js
@@ -19,6 +19,8 @@ var urladdport = process.env.HMD_URL_ADDPORT ? (process.env.HMD_URL_ADDPORT ===
 
 var usecdn = process.env.HMD_USECDN ? (process.env.HMD_USECDN === 'true') : ((typeof config.usecdn === 'boolean') ? config.usecdn : true);
 
+var allowanonmyous = process.env.HMD_ALLOW_ANONMYOUS ?  (process.env.HMD_ALLOW_ANONMYOUS === 'true') : ((typeof config.allowanonmyous === 'boolean') ? config.allowanonmyous : true);
+
 // db
 var db = config.db || {
     dialect: 'sqlite',
@@ -125,6 +127,7 @@ module.exports = {
     usessl: usessl,
     serverurl: getserverurl(),
     usecdn: usecdn,
+    allowanonmyous: allowanonmyous,
     db: db,
     sslkeypath: path.join(cwd, sslkeypath),
     sslcertpath: path.join(cwd, sslcertpath),
diff --git a/lib/realtime.js b/lib/realtime.js
index 73f831f4..0b9e0c77 100644
--- a/lib/realtime.js
+++ b/lib/realtime.js
@@ -763,6 +763,7 @@ function connection(socket) {
             var note = notes[noteId];
             //Only owner can change permission
             if (note.owner && note.owner == socket.request.user.id) {
+                if (permission == 'freely' && !config.allowanonmyous) return;
                 note.permission = permission;
                 models.Note.update({
                     permission: permission
diff --git a/lib/response.js b/lib/response.js
index aae39851..3f837e71 100755
--- a/lib/response.js
+++ b/lib/response.js
@@ -60,6 +60,7 @@ function showIndex(req, res, next) {
     res.render(config.indexpath, {
         url: config.serverurl,
         useCDN: config.usecdn,
+        allowAnonmyous: config.allowanonmyous,
         facebook: config.facebook,
         twitter: config.twitter,
         github: config.github,
@@ -92,6 +93,7 @@ function responseHackMD(res, note) {
         url: config.serverurl,
         title: title,
         useCDN: config.usecdn,
+        allowAnonmyous: config.allowanonmyous,
         facebook: config.facebook,
         twitter: config.twitter,
         github: config.github,
@@ -106,6 +108,8 @@ function newNote(req, res, next) {
     var owner = null;
     if (req.isAuthenticated()) {
         owner = req.user.id;
+    } else if (!config.allowanonmyous) {
+        return response.errorForbidden(res);
     }
     models.Note.create({
         ownerId: owner
-- 
cgit v1.2.3