indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Check authorization on person options

merge-requests/30/head
Bob Mottram 2021-02-23 17:29:22 +00:00
parent e03b2e0fd8
commit 0dbd048a15
2 changed files with 125 additions and 115 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
daemon.py
View File

@ -2819,7 +2819,7 @@ class PubServer(BaseHTTPRequestHandler):
domain, domainFull, domain, domainFull,
GETstartTime, GETtimings, GETstartTime, GETtimings,
onionDomain, i2pDomain, onionDomain, i2pDomain,
cookie, debug) cookie, debug, authorized)
return return
else: else:
showPublishedDateOnly = self.server.showPublishedDateOnly showPublishedDateOnly = self.server.showPublishedDateOnly
@ -5486,7 +5486,8 @@ class PubServer(BaseHTTPRequestHandler):
domain: str, domainFull: str, domain: str, domainFull: str,
GETstartTime, GETtimings: {}, GETstartTime, GETtimings: {},
onionDomain: str, i2pDomain: str, onionDomain: str, i2pDomain: str,
cookie: str, debug: bool) -> None: cookie: str, debug: bool,
authorized: bool) -> None:
"""Show person options screen """Show person options screen
""" """
backToPath = '' backToPath = ''
@ -5576,7 +5577,8 @@ class PubServer(BaseHTTPRequestHandler):
lockedAccount, lockedAccount,
movedTo, alsoKnownAs, movedTo, alsoKnownAs,
self.server.textModeBanner, self.server.textModeBanner,
self.server.newsInstance).encode('utf-8') self.server.newsInstance,
authorized).encode('utf-8')
msglen = len(msg) msglen = len(msg)
self._set_headers('text/html', msglen, self._set_headers('text/html', msglen,
cookie, callingDomain) cookie, callingDomain)
@ -10495,7 +10497,8 @@ class PubServer(BaseHTTPRequestHandler):
GETstartTime, GETtimings, GETstartTime, GETtimings,
self.server.onionDomain, self.server.onionDomain,
self.server.i2pDomain, self.server.i2pDomain,
cookie, self.server.debug) cookie, self.server.debug,
authorized)
return return
self._benchmarkGETtimings(GETstartTime, GETtimings, self._benchmarkGETtimings(GETstartTime, GETtimings,

19
webapp_person_options.py
View File

@ -53,7 +53,8 @@ def htmlPersonOptions(defaultTimeline: str,
movedTo: str, movedTo: str,
alsoKnownAs: [], alsoKnownAs: [],
textModeBanner: str, textModeBanner: str,
newsInstance: bool) -> str: newsInstance: bool,
authorized: bool) -> str:
"""Show options for a person: view/follow/block/report """Show options for a person: view/follow/block/report
""" """
optionsDomain, optionsPort = getDomainFromActor(optionsActor) optionsDomain, optionsPort = getDomainFromActor(optionsActor)
@ -225,6 +226,7 @@ def htmlPersonOptions(defaultTimeline: str,
optionsActor + '">\n' optionsActor + '">\n'
optionsStr += ' <input type="hidden" name="avatarUrl" value="' + \ optionsStr += ' <input type="hidden" name="avatarUrl" value="' + \
optionsProfileUrl + '">\n' optionsProfileUrl + '">\n'
if authorized:
if optionsNickname: if optionsNickname:
handle = optionsNickname + '@' + optionsDomainFull handle = optionsNickname + '@' + optionsDomainFull
petname = getPetName(baseDir, nickname, domain, handle) petname = getPetName(baseDir, nickname, domain, handle)
@ -246,7 +248,8 @@ def htmlPersonOptions(defaultTimeline: str,
'name="submitOnCalendar">' + \ 'name="submitOnCalendar">' + \
translate['Submit'] + '</button><br>\n' translate['Submit'] + '</button><br>\n'
if not receivingCalendarEvents(baseDir, nickname, domain, if not receivingCalendarEvents(baseDir, nickname, domain,
optionsNickname, optionsDomainFull): optionsNickname,
optionsDomainFull):
checkboxStr = checkboxStr.replace(' checked>', '>') checkboxStr = checkboxStr.replace(' checked>', '>')
optionsStr += checkboxStr optionsStr += checkboxStr
@ -297,7 +300,8 @@ def htmlPersonOptions(defaultTimeline: str,
not isModerator(baseDir, optionsNickname))): not isModerator(baseDir, optionsNickname))):
checkboxStr = \ checkboxStr = \
' <input type="checkbox" ' + \ ' <input type="checkbox" ' + \
'class="profilecheckbox" name="postsToFeatures" checked> ' + \ 'class="profilecheckbox" ' + \
'name="postsToFeatures" checked> ' + \
translate['Featured writer'] + \ translate['Featured writer'] + \
'\n <button type="submit" class="buttonsmall" ' + \ '\n <button type="submit" class="buttonsmall" ' + \
'name="submitPostToFeatures">' + \ 'name="submitPostToFeatures">' + \
@ -317,10 +321,12 @@ def htmlPersonOptions(defaultTimeline: str,
' <a href="' + backPath + '"><button type="button" ' + \ ' <a href="' + backPath + '"><button type="button" ' + \
'class="buttonIcon" name="submitBack">' + translate['Go Back'] + \ 'class="buttonIcon" name="submitBack">' + translate['Go Back'] + \
'</button></a>\n' '</button></a>\n'
if authorized:
optionsStr += \ optionsStr += \
' <button type="submit" class="button" name="submitView">' + \ ' <button type="submit" class="button" name="submitView">' + \
translate['View'] + '</button>\n' translate['View'] + '</button>\n'
optionsStr += donateStr optionsStr += donateStr
if authorized:
optionsStr += \ optionsStr += \
' <button type="submit" class="button" name="submit' + \ ' <button type="submit" class="button" name="submit' + \
followStr + '">' + translate[followStr] + '</button>\n' followStr + '">' + translate[followStr] + '</button>\n'
@ -332,10 +338,11 @@ def htmlPersonOptions(defaultTimeline: str,
translate['DM'] + '</button>\n' translate['DM'] + '</button>\n'
optionsStr += \ optionsStr += \
' <button type="submit" class="button" name="submit' + \ ' <button type="submit" class="button" name="submit' + \
snoozeButtonStr + '">' + translate[snoozeButtonStr] + '</button>\n' snoozeButtonStr + '">' + translate[snoozeButtonStr] + \
'</button>\n'
optionsStr += \ optionsStr += \
' <button type="submit" class="button" name="submitReport">' + \ ' <button type="submit" class="button" ' + \
translate['Report'] + '</button>\n' 'name="submitReport">' + translate['Report'] + '</button>\n'
if isModerator(baseDir, nickname): if isModerator(baseDir, nickname):
optionsStr += \ optionsStr += \