mirror of
https://github.com/writefreely/writefreely
synced 2024-11-10 11:24:13 +00:00
Merge pull request #528 from isaacsu/protect-drafts
Protect drafts if they are part of a Private or Protected collection
This commit is contained in:
commit
3e7d236c6d
1 changed files with 16 additions and 1 deletions
17
posts.go
17
posts.go
|
@ -341,6 +341,7 @@ func handleViewPost(app *App, w http.ResponseWriter, r *http.Request) error {
|
|||
}
|
||||
|
||||
var ownerID sql.NullInt64
|
||||
var collectionID sql.NullInt64
|
||||
var title string
|
||||
var content string
|
||||
var font string
|
||||
|
@ -356,7 +357,7 @@ func handleViewPost(app *App, w http.ResponseWriter, r *http.Request) error {
|
|||
return impart.HTTPError{http.StatusFound, fmt.Sprintf("/%s%s", fixedID, ext)}
|
||||
}
|
||||
|
||||
err := app.db.QueryRow("SELECT owner_id, title, content, text_appearance, view_count, language, rtl FROM posts WHERE id = ?", friendlyID).Scan(&ownerID, &title, &content, &font, &views, &language, &rtl)
|
||||
err := app.db.QueryRow("SELECT owner_id, collection_id, title, content, text_appearance, view_count, language, rtl FROM posts WHERE id = ?", friendlyID).Scan(&ownerID, &collectionID, &title, &content, &font, &views, &language, &rtl)
|
||||
switch {
|
||||
case err == sql.ErrNoRows:
|
||||
found = false
|
||||
|
@ -426,6 +427,16 @@ func handleViewPost(app *App, w http.ResponseWriter, r *http.Request) error {
|
|||
}
|
||||
}
|
||||
|
||||
var protectDraft bool
|
||||
if found && collectionID.Valid {
|
||||
collection, err := app.db.GetCollectionByID(collectionID.Int64)
|
||||
if err != nil {
|
||||
log.Error("view post: %v", err)
|
||||
}
|
||||
|
||||
protectDraft = collection.IsPrivate() || collection.IsProtected()
|
||||
}
|
||||
|
||||
// Check if post has been unpublished
|
||||
if title == "" && content == "" {
|
||||
gone = true
|
||||
|
@ -490,6 +501,10 @@ func handleViewPost(app *App, w http.ResponseWriter, r *http.Request) error {
|
|||
if !page.IsOwner && silenced {
|
||||
return ErrPostNotFound
|
||||
}
|
||||
|
||||
if !page.IsOwner && protectDraft {
|
||||
return ErrPostNotFound
|
||||
}
|
||||
page.Silenced = silenced
|
||||
err = templates["post"].ExecuteTemplate(w, "post", page)
|
||||
if err != nil {
|
||||
|
|
Loading…
Reference in a new issue