Add support of allow anonymous config option with correspond modifications

This commit is contained in:
Wu Cheng-Han 2016-12-15 14:07:12 +08:00
parent cf8bae32d1
commit 5c7eb48319
6 changed files with 15 additions and 1 deletions

View file

@ -118,6 +118,7 @@ Environment variables (will overwrite other server configs)
| HMD_PROTOCOL_USESSL | `true` or `false` | set to use ssl protocol for resources path (only applied when domain is set) | | HMD_PROTOCOL_USESSL | `true` or `false` | set to use ssl protocol for resources path (only applied when domain is set) |
| HMD_URL_ADDPORT | `true` or `false` | set to add port on callback url (port 80 or 443 won't applied) (only applied when domain is set) | | HMD_URL_ADDPORT | `true` or `false` | set to add port on callback url (port 80 or 443 won't applied) (only applied when domain is set) |
| HMD_USECDN | `true` or `false` | set to use CDN resources or not (default is `true`) | | HMD_USECDN | `true` or `false` | set to use CDN resources or not (default is `true`) |
| HMD_ALLOW_ANONMYOUS | `true` or `false` | set to allow anonmyous usage (default is `true`) |
| HMD_FACEBOOK_CLIENTID | no example | Facebook API client id | | HMD_FACEBOOK_CLIENTID | no example | Facebook API client id |
| HMD_FACEBOOK_CLIENTSECRET | no example | Facebook API client secret | | HMD_FACEBOOK_CLIENTSECRET | no example | Facebook API client secret |
| HMD_TWITTER_CONSUMERKEY | no example | Twitter API consumer key | | HMD_TWITTER_CONSUMERKEY | no example | Twitter API consumer key |
@ -153,6 +154,7 @@ Server settings `config.json`
| protocolusessl | `true` or `false` | set to use ssl protocol for resources path (only applied when domain is set) | | protocolusessl | `true` or `false` | set to use ssl protocol for resources path (only applied when domain is set) |
| urladdport | `true` or `false` | set to add port on callback url (port 80 or 443 won't applied) (only applied when domain is set) | | urladdport | `true` or `false` | set to add port on callback url (port 80 or 443 won't applied) (only applied when domain is set) |
| usecdn | `true` or `false` | set to use CDN resources or not (default is `true`) | | usecdn | `true` or `false` | set to use CDN resources or not (default is `true`) |
| allowanonmyous | `true` or `false` | set to allow anonmyous usage (default is `true`) |
| db | `{ "dialect": "sqlite", "storage": "./db.hackmd.sqlite" }` | set the db configs, [see more here](http://sequelize.readthedocs.org/en/latest/api/sequelize/) | | db | `{ "dialect": "sqlite", "storage": "./db.hackmd.sqlite" }` | set the db configs, [see more here](http://sequelize.readthedocs.org/en/latest/api/sequelize/) |
| sslkeypath | `./cert/client.key` | ssl key path (only need when you set usessl) | | sslkeypath | `./cert/client.key` | ssl key path (only need when you set usessl) |
| sslcertpath | `./cert/hackmd_io.crt` | ssl cert path (only need when you set usessl) | | sslcertpath | `./cert/hackmd_io.crt` | ssl cert path (only need when you set usessl) |

View file

@ -19,6 +19,8 @@ var urladdport = process.env.HMD_URL_ADDPORT ? (process.env.HMD_URL_ADDPORT ===
var usecdn = process.env.HMD_USECDN ? (process.env.HMD_USECDN === 'true') : ((typeof config.usecdn === 'boolean') ? config.usecdn : true); var usecdn = process.env.HMD_USECDN ? (process.env.HMD_USECDN === 'true') : ((typeof config.usecdn === 'boolean') ? config.usecdn : true);
var allowanonmyous = process.env.HMD_ALLOW_ANONMYOUS ? (process.env.HMD_ALLOW_ANONMYOUS === 'true') : ((typeof config.allowanonmyous === 'boolean') ? config.allowanonmyous : true);
// db // db
var db = config.db || { var db = config.db || {
dialect: 'sqlite', dialect: 'sqlite',
@ -125,6 +127,7 @@ module.exports = {
usessl: usessl, usessl: usessl,
serverurl: getserverurl(), serverurl: getserverurl(),
usecdn: usecdn, usecdn: usecdn,
allowanonmyous: allowanonmyous,
db: db, db: db,
sslkeypath: path.join(cwd, sslkeypath), sslkeypath: path.join(cwd, sslkeypath),
sslcertpath: path.join(cwd, sslcertpath), sslcertpath: path.join(cwd, sslcertpath),

View file

@ -763,6 +763,7 @@ function connection(socket) {
var note = notes[noteId]; var note = notes[noteId];
//Only owner can change permission //Only owner can change permission
if (note.owner && note.owner == socket.request.user.id) { if (note.owner && note.owner == socket.request.user.id) {
if (permission == 'freely' && !config.allowanonmyous) return;
note.permission = permission; note.permission = permission;
models.Note.update({ models.Note.update({
permission: permission permission: permission

View file

@ -60,6 +60,7 @@ function showIndex(req, res, next) {
res.render(config.indexpath, { res.render(config.indexpath, {
url: config.serverurl, url: config.serverurl,
useCDN: config.usecdn, useCDN: config.usecdn,
allowAnonmyous: config.allowanonmyous,
facebook: config.facebook, facebook: config.facebook,
twitter: config.twitter, twitter: config.twitter,
github: config.github, github: config.github,
@ -92,6 +93,7 @@ function responseHackMD(res, note) {
url: config.serverurl, url: config.serverurl,
title: title, title: title,
useCDN: config.usecdn, useCDN: config.usecdn,
allowAnonmyous: config.allowanonmyous,
facebook: config.facebook, facebook: config.facebook,
twitter: config.twitter, twitter: config.twitter,
github: config.github, github: config.github,
@ -106,6 +108,8 @@ function newNote(req, res, next) {
var owner = null; var owner = null;
if (req.isAuthenticated()) { if (req.isAuthenticated()) {
owner = req.user.id; owner = req.user.id;
} else if (!config.allowanonmyous) {
return response.errorForbidden(res);
} }
models.Note.create({ models.Note.create({
ownerId: owner ownerId: owner

View file

@ -15,7 +15,7 @@
<a id="permissionLabel" class="ui-permission-label text-uppercase" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false"> <a id="permissionLabel" class="ui-permission-label text-uppercase" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
</a> </a>
<ul class="dropdown-menu" aria-labelledby="permissionLabel"> <ul class="dropdown-menu" aria-labelledby="permissionLabel">
<li class="ui-permission-freely"><a><i class="fa fa-leaf fa-fw"></i> Freely - Anyone can edit</a></li> <li class="ui-permission-freely"<% if(!allowAnonmyous) { %> style="display: none;"<% } %>><a><i class="fa fa-leaf fa-fw"></i> Freely - Anyone can edit</a></li>
<li class="ui-permission-editable"><a><i class="fa fa-shield fa-fw"></i> Editable - Signed people can edit</a></li> <li class="ui-permission-editable"><a><i class="fa fa-shield fa-fw"></i> Editable - Signed people can edit</a></li>
<li class="ui-permission-locked"><a><i class="fa fa-lock fa-fw"></i> Locked - Only owner can edit</a></li> <li class="ui-permission-locked"><a><i class="fa fa-lock fa-fw"></i> Locked - Only owner can edit</a></li>
<li class="ui-permission-private"><a><i class="fa fa-hand-stop-o fa-fw"></i> Private - Only owner can view &amp; edit</a></li> <li class="ui-permission-private"><a><i class="fa fa-hand-stop-o fa-fw"></i> Private - Only owner can view &amp; edit</a></li>

View file

@ -62,13 +62,17 @@
<br> <br>
<a type="button" class="btn btn-lg btn-success ui-signin" data-toggle="modal" data-target=".signin-modal" style="min-width: 170px;"><%= __('Sign In') %></a> <a type="button" class="btn btn-lg btn-success ui-signin" data-toggle="modal" data-target=".signin-modal" style="min-width: 170px;"><%= __('Sign In') %></a>
</span> </span>
<% }%>
<% if((facebook || twitter || github || gitlab || dropbox || google || email) && allowAnonmyous) { %>
<span class="ui-or"><%= __('or') %></span> <span class="ui-or"><%= __('or') %></span>
<% }%> <% }%>
<% if(allowAnonmyous) { %>
<span class="ui-signin"> <span class="ui-signin">
<a href="<%- url %>/new" class="btn btn-lg btn-default" style="min-width: 170px;"><%= __('New guest note') %></a> <a href="<%- url %>/new" class="btn btn-lg btn-default" style="min-width: 170px;"><%= __('New guest note') %></a>
<br> <br>
<br> <br>
</span> </span>
<% }%>
<div class="lead row" style="width: 90%; margin: 0 auto;"> <div class="lead row" style="width: 90%; margin: 0 auto;">
<div class="col-md-4 inner"> <div class="col-md-4 inner">
<a href="<%- url %>/features#share-notes"> <a href="<%- url %>/features#share-notes">