From 89b8ddeabae81fd3a8891ce9d8191fbc9e27c83c Mon Sep 17 00:00:00 2001 From: 蒼時弦也 Date: Tue, 10 Jan 2017 10:02:37 +0800 Subject: Add limited and protected permission --- lib/models/note.js | 6 +++--- lib/realtime.js | 20 ++++++++++---------- lib/response.js | 9 +++++++-- 3 files changed, 20 insertions(+), 15 deletions(-) (limited to 'lib') diff --git a/lib/models/note.js b/lib/models/note.js index 132f8b1e..47d9b97a 100644 --- a/lib/models/note.js +++ b/lib/models/note.js @@ -23,7 +23,7 @@ var logger = require("../logger.js"); var ot = require("../ot/index.js"); // permission types -var permissionTypes = ["freely", "editable", "locked", "private"]; +var permissionTypes = ["freely", "editable", "locked", "private", "limited", "protected"]; module.exports = function (sequelize, DataTypes) { var Note = sequelize.define("Note", { @@ -333,7 +333,7 @@ module.exports = function (sequelize, DataTypes) { if (meta.slideOptions && (typeof meta.slideOptions == "object")) _meta.slideOptions = meta.slideOptions; } - return _meta; + return _meta; }, updateAuthorshipByOperation: function (operation, userId, authorships) { var index = 0; @@ -532,4 +532,4 @@ module.exports = function (sequelize, DataTypes) { }); return Note; -}; \ No newline at end of file +}; diff --git a/lib/realtime.js b/lib/realtime.js index a662deeb..b728622f 100644 --- a/lib/realtime.js +++ b/lib/realtime.js @@ -251,13 +251,13 @@ function getStatus(callback) { return logger.error('count user failed: ' + err); }); }).catch(function (err) { - return logger.error('count note failed: ' + err); + return logger.error('count note failed: ' + err); }); } function isReady() { - return realtime.io - && Object.keys(notes).length == 0 && Object.keys(users).length == 0 + return realtime.io + && Object.keys(notes).length == 0 && Object.keys(users).length == 0 && connectionSocketQueue.length == 0 && !isConnectionBusy && disconnectSocketQueue.length == 0 && !isDisconnectBusy; } @@ -420,7 +420,7 @@ function finishConnection(socket, note, user) { function startConnection(socket) { if (isConnectionBusy) return; isConnectionBusy = true; - + var noteId = socket.noteId; if (!noteId) { return failConnection(404, 'note id not found', socket); @@ -521,7 +521,7 @@ function disconnect(socket) { logger.info("SERVER disconnected a client"); logger.info(JSON.stringify(users[socket.id])); } - + if (users[socket.id]) { delete users[socket.id]; } @@ -618,12 +618,12 @@ function ifMayEdit(socket, callback) { case "freely": //not blocking anyone break; - case "editable": + case "editable": case: "limited": //only login user can change if (!socket.request.user || !socket.request.user.logged_in) mayEdit = false; break; - case "locked": case "private": + case "locked": case "private": case "protected": //only owner can change if (!note.owner || note.owner != socket.request.user.id) mayEdit = false; @@ -672,7 +672,7 @@ function operationCallback(socket, operation) { var noteId = note.alias ? note.alias : LZString.compressToBase64(note.id); if (note.server) history.updateHistory(userId, noteId, note.server.document); }, 0); - + } // save authorship note.authorship = models.Note.updateAuthorshipByOperation(operation, userId, note.authorship); @@ -689,10 +689,10 @@ function connection(socket) { } if (isDuplicatedInSocketQueue(socket, connectionSocketQueue)) return; - + // store noteId in this socket session socket.noteId = noteId; - + //initialize user data //random color var color = randomcolor(); diff --git a/lib/response.js b/lib/response.js index a0dc8b1f..4438be24 100755 --- a/lib/response.js +++ b/lib/response.js @@ -122,6 +122,11 @@ function checkViewPermission(req, note) { return false; else return true; + } else if (note.permission == 'limited' || note.permission == 'protected') { + if( !req.isAuthenticated() ) { + return false; + } + return true; } else { return true; } @@ -161,7 +166,7 @@ function showNote(req, res, next) { findNote(req, res, function (note) { // force to use note id var noteId = req.params.noteId; - var id = LZString.compressToBase64(note.id); + var id = LZString.compressToBase64(note.id); if ((note.alias && noteId != note.alias) || (!note.alias && noteId != id)) return res.redirect(config.serverurl + "/" + (note.alias || id)); return responseHackMD(res, note); @@ -413,7 +418,7 @@ function publishSlideActions(req, res, next) { res.redirect(config.serverurl + '/' + (note.alias ? note.alias : LZString.compressToBase64(note.id))); break; default: - res.redirect(config.serverurl + '/p/' + note.shortid); + res.redirect(config.serverurl + '/p/' + note.shortid); break; } }); -- cgit v1.2.3