indymedia
/
epicyon
mirror of https://gitlab.com/bashrc2/epicyon
7
4
Fork 1
Code Issues 14 Releases Wiki Activity

Additional check for authorization when displaying notes

merge-requests/30/head
Bob Mottram 2023-12-21 10:32:24 +00:00
parent fc5b2d4875
commit d12660212f
2 changed files with 23 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
daemon.py
View File

@ -3278,7 +3278,8 @@ class PubServer(BaseHTTPRequestHandler):
base_dir: str, http_prefix: str,
domain: str, domain_full: str, port: int,
onion_domain: str, i2p_domain: str,
debug: bool, curr_session) -> None:
debug: bool, curr_session,
authorized: bool) -> None:
"""Receive POST from person options screen
"""
page_number = 1
@ -3469,7 +3470,8 @@ class PubServer(BaseHTTPRequestHandler):
max_shares_on_profile = \
self.server.max_shares_on_profile
profile_str = \
html_profile_after_search(recent_posts_cache,
html_profile_after_search(authorized,
recent_posts_cache,
self.server.max_recent_posts,
self.server.translate,
base_dir,
@ -5108,7 +5110,8 @@ class PubServer(BaseHTTPRequestHandler):
max_shares_on_profile = \
self.server.max_shares_on_profile
profile_str = \
html_profile_after_search(recent_posts_cache,
html_profile_after_search(authorized,
recent_posts_cache,
self.server.max_recent_posts,
self.server.translate,
base_dir,
@ -23447,7 +23450,8 @@ class PubServer(BaseHTTPRequestHandler):
self.server.onion_domain,
self.server.i2p_domain,
self.server.debug,
curr_session)
curr_session,
authorized)
self.server.postreq_busy = False
return

26
webapp_profile.py
View File

@ -182,7 +182,8 @@ def _valid_profile_preview_post(post_json_object: {},
return True, post_json_object
def html_profile_after_search(recent_posts_cache: {}, max_recent_posts: int,
def html_profile_after_search(authorized: bool,
recent_posts_cache: {}, max_recent_posts: int,
translate: {},
base_dir: str, path: str, http_prefix: str,
nickname: str, domain: str, port: int,
@ -395,7 +396,8 @@ def html_profile_after_search(recent_posts_cache: {}, max_recent_posts: int,
joined_date, actor_proxied,
attached_shared_items,
website_url, repo_url,
send_blocks_str)
send_blocks_str,
authorized)
domain_full = get_full_domain(domain, port)
@ -729,7 +731,8 @@ def _get_profile_header_after_search(base_dir: str,
attached_shared_items: str,
website_url: str,
repo_url: str,
send_blocks_str: str) -> str:
send_blocks_str: str,
authorized: bool) -> str:
"""The header of a searched for handle, containing background
image and avatar
"""
@ -838,14 +841,15 @@ def _get_profile_header_after_search(base_dir: str,
' <p>' + profile_description_short + '</p>\n' + \
featured_hashtags
# show any notes about this account
handle = search_nickname + '@' + search_domain_full
person_notes = \
get_person_notes(base_dir, nickname, domain, handle)
if person_notes:
person_notes_html = person_notes.replace('\n', '<br>')
html_str += ' <p><b>' + \
translate['Notes'].upper() + ': ' + \
person_notes_html + '</b></p>\n'
if authorized:
handle = search_nickname + '@' + search_domain_full
person_notes = \
get_person_notes(base_dir, nickname, domain, handle)
if person_notes:
person_notes_html = person_notes.replace('\n', '<br>')
html_str += ' <p><b>' + \
translate['Notes'].upper() + ': ' + \
person_notes_html + '</b></p>\n'
html_str += \
' </figcaption>\n' + \
' </figure>\n\n'