feat: guest + user permissions
This commit is contained in:
Nicolas Giard
@@ -5,6 +5,18 @@ const _ = require('lodash')
|
||||
|
||||
/* global WIKI */
|
||||
|
||||
/**
|
||||
* Robots.txt
|
||||
*/
|
||||
router.get('/robots.txt', (req, res, next) => {
|
||||
res.type('text/plain')
|
||||
if (_.includes(WIKI.config.seo.robots, 'noindex')) {
|
||||
res.send("User-agent: *\nDisallow: /")
|
||||
} else {
|
||||
res.status(200).end()
|
||||
}
|
||||
})
|
||||
|
||||
/**
|
||||
* Create/Edit document
|
||||
*/
|
||||
@@ -17,12 +29,20 @@ router.get(['/e', '/e/*'], async (req, res, next) => {
|
||||
isPrivate: false
|
||||
})
|
||||
if (page) {
|
||||
if (!WIKI.auth.checkAccess(req.user, ['manage:pages'], pageArgs)) {
|
||||
return res.render('unauthorized', { action: 'edit'})
|
||||
}
|
||||
|
||||
_.set(res.locals, 'pageMeta.title', `Edit ${page.title}`)
|
||||
_.set(res.locals, 'pageMeta.description', page.description)
|
||||
page.mode = 'update'
|
||||
page.isPublished = (page.isPublished === true || page.isPublished === 1) ? 'true' : 'false'
|
||||
page.content = Buffer.from(page.content).toString('base64')
|
||||
} else {
|
||||
if (!WIKI.auth.checkAccess(req.user, ['write:pages'], pageArgs)) {
|
||||
return res.render('unauthorized', { action: 'create'})
|
||||
}
|
||||
|
||||
_.set(res.locals, 'pageMeta.title', `New Page`)
|
||||
page = {
|
||||
path: pageArgs.path,
|
||||
@@ -56,6 +76,11 @@ router.get(['/p', '/p/*'], (req, res, next) => {
|
||||
*/
|
||||
router.get(['/h', '/h/*'], async (req, res, next) => {
|
||||
const pageArgs = pageHelper.parsePath(req.path)
|
||||
|
||||
if (!WIKI.auth.checkAccess(req.user, ['read:pages'], pageArgs)) {
|
||||
return res.render('unauthorized', { action: 'history'})
|
||||
}
|
||||
|
||||
const page = await WIKI.models.pages.getPageFromDb({
|
||||
path: pageArgs.path,
|
||||
locale: pageArgs.locale,
|
||||
@@ -76,6 +101,11 @@ router.get(['/h', '/h/*'], async (req, res, next) => {
|
||||
*/
|
||||
router.get(['/s', '/s/*'], async (req, res, next) => {
|
||||
const pageArgs = pageHelper.parsePath(req.path)
|
||||
|
||||
if (!WIKI.auth.checkAccess(req.user, ['read:pages'], pageArgs)) {
|
||||
return res.render('unauthorized', { action: 'source'})
|
||||
}
|
||||
|
||||
const page = await WIKI.models.pages.getPageFromDb({
|
||||
path: pageArgs.path,
|
||||
locale: pageArgs.locale,
|
||||
@@ -96,6 +126,15 @@ router.get(['/s', '/s/*'], async (req, res, next) => {
|
||||
*/
|
||||
router.get('/*', async (req, res, next) => {
|
||||
const pageArgs = pageHelper.parsePath(req.path)
|
||||
|
||||
if (!WIKI.auth.checkAccess(req.user, ['read:pages'], pageArgs)) {
|
||||
if (pageArgs.path === 'home') {
|
||||
return res.redirect('/login')
|
||||
} else {
|
||||
return res.render('unauthorized', { action: 'view'})
|
||||
}
|
||||
}
|
||||
|
||||
const page = await WIKI.models.pages.getPage({
|
||||
path: pageArgs.path,
|
||||
locale: pageArgs.locale,
|
||||
@@ -108,8 +147,10 @@ router.get('/*', async (req, res, next) => {
|
||||
const sidebar = await WIKI.models.navigation.getTree({ cache: true })
|
||||
res.render('page', { page, sidebar })
|
||||
} else if (pageArgs.path === 'home') {
|
||||
_.set(res.locals, 'pageMeta.title', 'Welcome')
|
||||
res.render('welcome')
|
||||
} else {
|
||||
_.set(res.locals, 'pageMeta.title', 'Page Not Found')
|
||||
res.status(404).render('new', { pagePath: req.path })
|
||||
}
|
||||
})
|
||||
|
||||
Reference in New Issue
Block a user