diff --git a/data/config.ini b/data/config.ini index d634d50a..2598620c 100644 --- a/data/config.ini +++ b/data/config.ini @@ -25,6 +25,7 @@ needEmailActivationToRegister = 1 [security.privileges] register = anonymous listUsers = regularUser, powerUser, moderator, administrator +viewUsers = regularUser, powerUser, moderator, administrator deleteOwnAccount = regularUser, powerUser, moderator, administrator deleteAllAccounts = administrator changeOwnName = regularUser, powerUser, moderator, administrator @@ -40,9 +41,8 @@ changeAccessRank = administrator viewAllEmailAddresses = moderator, administrator ban = moderator, administrator -listSafePosts = anonymous, regularUser, powerUser, moderator, administrator -listSketchyPosts = anonymous, regularUser, powerUser, moderator, administrator -listUnsafePosts = anonymous, regularUser, powerUser, moderator, administrator +listPosts = anonymous, regularUser, powerUser, moderator, administrator +viewPosts = anonymous, regularUser, powerUser, moderator, administrator uploadPosts = regularUser, powerUser, moderator, administrator uploadPostsAnonymously = regularUser, powerUser, moderator, administrator deletePosts = moderator, administrator diff --git a/public_html/js/Auth.js b/public_html/js/Auth.js index 65eeb07a..c04ba2d4 100644 --- a/public_html/js/Auth.js +++ b/public_html/js/Auth.js @@ -5,6 +5,7 @@ App.Auth = function(_, jQuery, util, api, appState, promise) { var privileges = { register: 'register', listUsers: 'listUsers', + viewUsers: 'viewUsers', viewAllEmailAddresses: 'viewAllEmailAddresses', changeAccessRank: 'changeAccessRank', changeOwnAvatarStyle: 'changeOwnAvatarStyle', @@ -19,9 +20,8 @@ App.Auth = function(_, jQuery, util, api, appState, promise) { deleteAllAccounts: 'deleteAllAccounts', ban: 'ban', - listSafePosts: 'listSafePosts', - listSketchyPosts: 'listSketchyPosts', - listUnsafePosts: 'listUnsafePosts', + listPosts: 'listPosts', + viewPosts: 'viewPosts', uploadPosts: 'uploadPosts', uploadPostsAnonymously: 'uploadPostsAnonymously', deletePosts: 'deletePosts', diff --git a/public_html/js/Presenters/HomePresenter.js b/public_html/js/Presenters/HomePresenter.js index 4f732452..81799960 100644 --- a/public_html/js/Presenters/HomePresenter.js +++ b/public_html/js/Presenters/HomePresenter.js @@ -7,6 +7,7 @@ App.Presenters.HomePresenter = function( util, promise, api, + auth, topNavigationPresenter, messagePresenter) { @@ -50,6 +51,8 @@ App.Presenters.HomePresenter = function( postContentTemplate: postContentTemplate, globals: globals, title: topNavigationPresenter.getBaseTitle(), + canViewUsers: auth.hasPrivilege(auth.privileges.viewUsers), + canViewPosts: auth.hasPrivilege(auth.privileges.viewPosts), formatRelativeTime: util.formatRelativeTime, formatFileSize: util.formatFileSize, })); @@ -62,4 +65,4 @@ App.Presenters.HomePresenter = function( }; -App.DI.register('homePresenter', ['_', 'jQuery', 'util', 'promise', 'api', 'topNavigationPresenter', 'messagePresenter'], App.Presenters.HomePresenter); +App.DI.register('homePresenter', ['_', 'jQuery', 'util', 'promise', 'api', 'auth', 'topNavigationPresenter', 'messagePresenter'], App.Presenters.HomePresenter); diff --git a/public_html/js/Presenters/PostPresenter.js b/public_html/js/Presenters/PostPresenter.js index 6ebc247b..73679950 100644 --- a/public_html/js/Presenters/PostPresenter.js +++ b/public_html/js/Presenters/PostPresenter.js @@ -79,7 +79,7 @@ App.Presenters.PostPresenter = function( topNavigationPresenter.changeTitle('@' + post.id); render(); loaded(); - }); + }).fail(loaded); } function refreshPost() { @@ -344,6 +344,9 @@ App.Presenters.PostPresenter = function( } function showGenericError(response) { + if ($messages === $el) { + $el.empty(); + } messagePresenter.showError($messages, response.json && response.json.error || response); } diff --git a/public_html/js/Presenters/TopNavigationPresenter.js b/public_html/js/Presenters/TopNavigationPresenter.js index 5b70ce70..cc2e7056 100644 --- a/public_html/js/Presenters/TopNavigationPresenter.js +++ b/public_html/js/Presenters/TopNavigationPresenter.js @@ -38,9 +38,7 @@ App.Presenters.TopNavigationPresenter = function( loggedIn: auth.isLoggedIn(), user: auth.getCurrentUser(), canListUsers: auth.hasPrivilege(auth.privileges.listUsers), - canListPosts: auth.hasPrivilege(auth.privileges.listSafePosts) || - auth.hasPrivilege(auth.privileges.listSketchyPosts) || - auth.hasPrivilege(auth.privileges.listUnsafePosts), + canListPosts: auth.hasPrivilege(auth.privileges.listPosts), canListTags: auth.hasPrivilege(auth.privileges.listTags), canUploadPosts: auth.hasPrivilege(auth.privileges.uploadPosts), })); diff --git a/public_html/templates/home.tpl b/public_html/templates/home.tpl index f44c4f55..915ca507 100644 --- a/public_html/templates/home.tpl +++ b/public_html/templates/home.tpl @@ -10,9 +10,17 @@
- - <%= post.idMarkdown %> - + <% var showLink = canViewPosts %> + + <% if (showLink) { %> + + <% } %> + + <%= post.idMarkdown %> + + <% if (showLink) { %> + + <% } %> uploaded <%= formatRelativeTime(post.uploadTime) %> @@ -21,7 +29,9 @@ featured by - <% if (post.user.name) { %> + <% var showLink = canViewUsers && post.user.name %> + + <% if (showLink) { %> <% } %> @@ -31,7 +41,7 @@ <%= post.user.name || 'Anonymous user' %> - <% if (post.user.name) { %> + <% if (showLink) { %> <% } %> diff --git a/src/Controllers/PostController.php b/src/Controllers/PostController.php index 07cd9d27..cffeda2e 100644 --- a/src/Controllers/PostController.php +++ b/src/Controllers/PostController.php @@ -43,18 +43,23 @@ final class PostController extends AbstractController public function getByNameOrId($postNameOrId) { + if ($postNameOrId !== 'featured') + $this->privilegeService->assertPrivilege(\Szurubooru\Privilege::VIEW_POSTS); + $post = $this->getByNameOrIdWithoutProxy($postNameOrId); return $this->postViewProxy->fromEntity($post, $this->getFullFetchConfig()); } public function getHistory($postNameOrId) { + $this->privilegeService->assertPrivilege(\Szurubooru\Privilege::VIEW_HISTORY); $post = $this->getByNameOrIdWithoutProxy($postNameOrId); return ['data' => $this->snapshotViewProxy->fromArray($this->postService->getHistory($post))]; } public function getFiltered() { + $this->privilegeService->assertPrivilege(\Szurubooru\Privilege::LIST_POSTS); $filter = $this->postSearchParser->createFilterFromInputReader($this->inputReader); $filter->setPageSize($this->config->posts->postsPerPage); $result = $this->postService->getFiltered($filter); diff --git a/src/Controllers/UserController.php b/src/Controllers/UserController.php index 38e33bdc..610b3b99 100644 --- a/src/Controllers/UserController.php +++ b/src/Controllers/UserController.php @@ -44,6 +44,7 @@ final class UserController extends AbstractController public function getByNameOrEmail($userNameOrEmail) { + $this->privilegeService->assertPrivilege(\Szurubooru\Privilege::VIEW_USERS); $user = $this->userService->getByNameOrEmail($userNameOrEmail); return $this->userViewProxy->fromEntity($user); } diff --git a/src/Privilege.php b/src/Privilege.php index 070f2da1..f064f320 100644 --- a/src/Privilege.php +++ b/src/Privilege.php @@ -5,6 +5,7 @@ class Privilege { const REGISTER = 'register'; const LIST_USERS = 'listUsers'; + const VIEW_USERS = 'viewUsers'; const VIEW_ALL_EMAIL_ADDRESSES = 'viewAllEmailAddresses'; const CHANGE_ACCESS_RANK = 'changeAccessRank'; const CHANGE_OWN_AVATAR_STYLE = 'changeOwnAvatarStyle'; @@ -19,9 +20,8 @@ class Privilege const DELETE_ALL_ACCOUNTS = 'deleteAllAccounts'; const BAN = 'ban'; - const LIST_SAFE_POSTS = 'listSafePosts'; - const LIST_SKETCHY_POSTS = 'listSketchyPosts'; - const LIST_UNSAFE_POSTS = 'listUnsafePosts'; + const LIST_POSTS = 'listPosts'; + const VIEW_POSTS = 'viewPosts'; const UPLOAD_POSTS = 'uploadPosts'; const UPLOAD_POSTS_ANONYMOUSLY = 'uploadPostsAnonymously'; const DELETE_POSTS = 'deletePosts';