From 6ae4b8bf1369bff8cc50325b66db66659d2718a5 Mon Sep 17 00:00:00 2001
From: Dario Ernst
Date: Sat, 20 Jan 2018 15:05:05 +0100
Subject: Add option to enable `freely` permission in closed instance

Before, closed disallowed guest edits completely, by removing
the `freely` permission. This makes it possible to explicitely bring
back guest-editing, but not guest-note-creation, to closed instances.

Signed-off-by: Dario Ernst <dario@kanojo.de>
---
 lib/config/default.js     | 1 +
 lib/config/environment.js | 1 +
 lib/config/index.js       | 2 +-
 lib/realtime.js           | 2 +-
 lib/response.js           | 2 ++
 5 files changed, 6 insertions(+), 2 deletions(-)

(limited to 'lib')

diff --git a/lib/config/default.js b/lib/config/default.js
index 40803476..000c154a 100644
--- a/lib/config/default.js
+++ b/lib/config/default.js
@@ -16,6 +16,7 @@ module.exports = {
   protocolusessl: false,
   usecdn: true,
   allowanonymous: true,
+  allowanonymousedits: false,
   allowfreeurl: false,
   defaultpermission: 'editable',
   dburl: '',
diff --git a/lib/config/environment.js b/lib/config/environment.js
index 5a297382..eedd4913 100644
--- a/lib/config/environment.js
+++ b/lib/config/environment.js
@@ -18,6 +18,7 @@ module.exports = {
   alloworigin: toArrayConfig(process.env.HMD_ALLOW_ORIGIN),
   usecdn: toBooleanConfig(process.env.HMD_USECDN),
   allowanonymous: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS),
+  allowanonymousedits: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS_EDITS),
   allowfreeurl: toBooleanConfig(process.env.HMD_ALLOW_FREEURL),
   defaultpermission: process.env.HMD_DEFAULT_PERMISSION,
   dburl: process.env.HMD_DB_URL,
diff --git a/lib/config/index.js b/lib/config/index.js
index d44207bf..3d22c3c3 100644
--- a/lib/config/index.js
+++ b/lib/config/index.js
@@ -49,7 +49,7 @@ if (config.ldap.tlsca) {
 
 // Permission
 config.permission = Permission
-if (!config.allowanonymous) {
+if (!config.allowanonymous && !config.allowanonymousedits) {
   delete config.permission.freely
 }
 if (!(config.defaultpermission in config.permission)) {
diff --git a/lib/realtime.js b/lib/realtime.js
index e03e2d0b..c731e5b0 100644
--- a/lib/realtime.js
+++ b/lib/realtime.js
@@ -781,7 +781,7 @@ function connection (socket) {
       var note = notes[noteId]
       // Only owner can change permission
       if (note.owner && note.owner === socket.request.user.id) {
-        if (permission === 'freely' && !config.allowanonymous) return
+        if (permission === 'freely' && !config.allowanonymous && !config.allowanonymousedits) return
         note.permission = permission
         models.Note.update({
           permission: permission
diff --git a/lib/response.js b/lib/response.js
index 9f3d5a44..6c64d245 100644
--- a/lib/response.js
+++ b/lib/response.js
@@ -60,6 +60,7 @@ function showIndex (req, res, next) {
     url: config.serverurl,
     useCDN: config.usecdn,
     allowAnonymous: config.allowanonymous,
+    allowAnonymousEdits: config.allowanonymousedits,
     facebook: config.isFacebookEnable,
     twitter: config.isTwitterEnable,
     github: config.isGitHubEnable,
@@ -93,6 +94,7 @@ function responseHackMD (res, note) {
     title: title,
     useCDN: config.usecdn,
     allowAnonymous: config.allowanonymous,
+    allowAnonymousEdits: config.allowanonymousedits,
     facebook: config.isFacebookEnable,
     twitter: config.isTwitterEnable,
     github: config.isGitHubEnable,
-- 
cgit v1.2.3