Add option to enable freely permission in closed instance

Before, closed disallowed guest edits completely, by removing
the `freely` permission. This makes it possible to explicitely bring
back guest-editing, but not guest-note-creation, to closed instances.

Signed-off-by: Dario Ernst <dario@kanojo.de>
This commit is contained in:
Dario Ernst 2018-01-20 15:05:05 +01:00
parent 40d1d75704
commit 6ae4b8bf13
7 changed files with 9 additions and 3 deletions

View file

@ -143,6 +143,7 @@ There are some configs you need to change in the files below
| HMD_URL_ADDPORT | `true` or `false` | set to add port on callback url (port 80 or 443 won't applied) (only applied when domain is set) | | HMD_URL_ADDPORT | `true` or `false` | set to add port on callback url (port 80 or 443 won't applied) (only applied when domain is set) |
| HMD_USECDN | `true` or `false` | set to use CDN resources or not (default is `true`) | | HMD_USECDN | `true` or `false` | set to use CDN resources or not (default is `true`) |
| HMD_ALLOW_ANONYMOUS | `true` or `false` | set to allow anonymous usage (default is `true`) | | HMD_ALLOW_ANONYMOUS | `true` or `false` | set to allow anonymous usage (default is `true`) |
| HMD_ALLOW_ANONYMOUS_EDITS | `true` or `false` | if `allowanonymous` is `true`: allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) |
| HMD_ALLOW_FREEURL | `true` or `false` | set to allow new note by accessing not exist note url | | HMD_ALLOW_FREEURL | `true` or `false` | set to allow new note by accessing not exist note url |
| HMD_DEFAULT_PERMISSION | `freely`, `editable`, `limited`, `locked` or `private` | set notes default permission (only applied on signed users) | | HMD_DEFAULT_PERMISSION | `freely`, `editable`, `limited`, `locked` or `private` | set notes default permission (only applied on signed users) |
| HMD_DB_URL | `mysql://localhost:3306/database` | set the db url | | HMD_DB_URL | `mysql://localhost:3306/database` | set the db url |
@ -212,6 +213,7 @@ There are some configs you need to change in the files below
| urladdport | `true` or `false` | set to add port on callback url (port 80 or 443 won't applied) (only applied when domain is set) | | urladdport | `true` or `false` | set to add port on callback url (port 80 or 443 won't applied) (only applied when domain is set) |
| usecdn | `true` or `false` | set to use CDN resources or not (default is `true`) | | usecdn | `true` or `false` | set to use CDN resources or not (default is `true`) |
| allowanonymous | `true` or `false` | set to allow anonymous usage (default is `true`) | | allowanonymous | `true` or `false` | set to allow anonymous usage (default is `true`) |
| allowanonymousedits | `true` or `false` | if `allowanonymous` is `true`: allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) |
| allowfreeurl | `true` or `false` | set to allow new note by accessing not exist note url | | allowfreeurl | `true` or `false` | set to allow new note by accessing not exist note url |
| defaultpermission | `freely`, `editable`, `limited`, `locked`, `protected` or `private` | set notes default permission (only applied on signed users) | | defaultpermission | `freely`, `editable`, `limited`, `locked`, `protected` or `private` | set notes default permission (only applied on signed users) |
| dburl | `mysql://localhost:3306/database` | set the db url, if set this variable then below db config won't be applied | | dburl | `mysql://localhost:3306/database` | set the db url, if set this variable then below db config won't be applied |

View file

@ -16,6 +16,7 @@ module.exports = {
protocolusessl: false, protocolusessl: false,
usecdn: true, usecdn: true,
allowanonymous: true, allowanonymous: true,
allowanonymousedits: false,
allowfreeurl: false, allowfreeurl: false,
defaultpermission: 'editable', defaultpermission: 'editable',
dburl: '', dburl: '',

View file

@ -18,6 +18,7 @@ module.exports = {
alloworigin: toArrayConfig(process.env.HMD_ALLOW_ORIGIN), alloworigin: toArrayConfig(process.env.HMD_ALLOW_ORIGIN),
usecdn: toBooleanConfig(process.env.HMD_USECDN), usecdn: toBooleanConfig(process.env.HMD_USECDN),
allowanonymous: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS), allowanonymous: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS),
allowanonymousedits: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS_EDITS),
allowfreeurl: toBooleanConfig(process.env.HMD_ALLOW_FREEURL), allowfreeurl: toBooleanConfig(process.env.HMD_ALLOW_FREEURL),
defaultpermission: process.env.HMD_DEFAULT_PERMISSION, defaultpermission: process.env.HMD_DEFAULT_PERMISSION,
dburl: process.env.HMD_DB_URL, dburl: process.env.HMD_DB_URL,

View file

@ -49,7 +49,7 @@ if (config.ldap.tlsca) {
// Permission // Permission
config.permission = Permission config.permission = Permission
if (!config.allowanonymous) { if (!config.allowanonymous && !config.allowanonymousedits) {
delete config.permission.freely delete config.permission.freely
} }
if (!(config.defaultpermission in config.permission)) { if (!(config.defaultpermission in config.permission)) {

View file

@ -781,7 +781,7 @@ function connection (socket) {
var note = notes[noteId] var note = notes[noteId]
// Only owner can change permission // Only owner can change permission
if (note.owner && note.owner === socket.request.user.id) { if (note.owner && note.owner === socket.request.user.id) {
if (permission === 'freely' && !config.allowanonymous) return if (permission === 'freely' && !config.allowanonymous && !config.allowanonymousedits) return
note.permission = permission note.permission = permission
models.Note.update({ models.Note.update({
permission: permission permission: permission

View file

@ -60,6 +60,7 @@ function showIndex (req, res, next) {
url: config.serverurl, url: config.serverurl,
useCDN: config.usecdn, useCDN: config.usecdn,
allowAnonymous: config.allowanonymous, allowAnonymous: config.allowanonymous,
allowAnonymousEdits: config.allowanonymousedits,
facebook: config.isFacebookEnable, facebook: config.isFacebookEnable,
twitter: config.isTwitterEnable, twitter: config.isTwitterEnable,
github: config.isGitHubEnable, github: config.isGitHubEnable,
@ -93,6 +94,7 @@ function responseHackMD (res, note) {
title: title, title: title,
useCDN: config.usecdn, useCDN: config.usecdn,
allowAnonymous: config.allowanonymous, allowAnonymous: config.allowanonymous,
allowAnonymousEdits: config.allowanonymousedits,
facebook: config.isFacebookEnable, facebook: config.isFacebookEnable,
twitter: config.isTwitterEnable, twitter: config.isTwitterEnable,
github: config.isGitHubEnable, github: config.isGitHubEnable,

View file

@ -15,7 +15,7 @@
<a id="permissionLabel" class="ui-permission-label text-uppercase" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false"> <a id="permissionLabel" class="ui-permission-label text-uppercase" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
</a> </a>
<ul class="dropdown-menu" aria-labelledby="permissionLabel"> <ul class="dropdown-menu" aria-labelledby="permissionLabel">
<li class="ui-permission-freely"<% if(!allowAnonymous) { %> style="display: none;"<% } %>><a><i class="fa fa-leaf fa-fw"></i> Freely - Anyone can edit</a></li> <li class="ui-permission-freely"<% if(!allowAnonymous && !allowAnonymousEdits) { %> style="display: none;"<% } %>><a><i class="fa fa-leaf fa-fw"></i> Freely - Anyone can edit</a></li>
<li class="ui-permission-editable"><a><i class="fa fa-shield fa-fw"></i> Editable - Signed-in people can edit</a></li> <li class="ui-permission-editable"><a><i class="fa fa-shield fa-fw"></i> Editable - Signed-in people can edit</a></li>
<li class="ui-permission-limited"><a><i class="fa fa-id-card fa-fw"></i> Limited - Signed-in people can edit (forbid guests)</a></li> <li class="ui-permission-limited"><a><i class="fa fa-id-card fa-fw"></i> Limited - Signed-in people can edit (forbid guests)</a></li>
<li class="ui-permission-locked"><a><i class="fa fa-lock fa-fw"></i> Locked - Only owner can edit</a></li> <li class="ui-permission-locked"><a><i class="fa fa-lock fa-fw"></i> Locked - Only owner can edit</a></li>