parent
8ab25b1ca2
commit
65e819c425
6
po/en.po
6
po/en.po
@ -274,3 +274,9 @@ msgstr ""
|
|||||||
|
|
||||||
msgid "The link that led you here may be broken."
|
msgid "The link that led you here may be broken."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
msgid "You are not authorized."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
msgid "You are not author in this blog."
|
||||||
|
msgstr ""
|
||||||
|
6
po/fr.po
6
po/fr.po
@ -274,3 +274,9 @@ msgstr ""
|
|||||||
|
|
||||||
msgid "The link that led you here may be broken."
|
msgid "The link that led you here may be broken."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
msgid "You are not authorized."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
msgid "You are not author in this blog."
|
||||||
|
msgstr ""
|
||||||
|
6
po/pl.po
6
po/pl.po
@ -279,5 +279,11 @@ msgstr "Nie udało się odnaleźć tej strony."
|
|||||||
msgid "The link that led you here may be broken."
|
msgid "The link that led you here may be broken."
|
||||||
msgstr "Odnośnik który Cię tu zaprowadził może być uszkodzony."
|
msgstr "Odnośnik który Cię tu zaprowadził może być uszkodzony."
|
||||||
|
|
||||||
|
msgid "You are not authorized."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
msgid "You are not author in this blog."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
#~ msgid "Logowanie"
|
#~ msgid "Logowanie"
|
||||||
#~ msgstr "Zaloguj się"
|
#~ msgstr "Zaloguj się"
|
||||||
|
@ -269,3 +269,9 @@ msgstr ""
|
|||||||
|
|
||||||
msgid "The link that led you here may be broken."
|
msgid "The link that led you here may be broken."
|
||||||
msgstr ""
|
msgstr ""
|
||||||
|
|
||||||
|
msgid "You are not authorized."
|
||||||
|
msgstr ""
|
||||||
|
|
||||||
|
msgid "You are not author in this blog."
|
||||||
|
msgstr ""
|
||||||
|
@ -86,6 +86,10 @@ pub struct NewUser {
|
|||||||
|
|
||||||
impl User {
|
impl User {
|
||||||
insert!(users, NewUser);
|
insert!(users, NewUser);
|
||||||
|
get!(users);
|
||||||
|
find_by!(users, find_by_email, email as String);
|
||||||
|
find_by!(users, find_by_name, username as String, instance_id as i32);
|
||||||
|
|
||||||
|
|
||||||
pub fn grant_admin_rights(&self, conn: &PgConnection) {
|
pub fn grant_admin_rights(&self, conn: &PgConnection) {
|
||||||
diesel::update(self)
|
diesel::update(self)
|
||||||
@ -105,8 +109,6 @@ impl User {
|
|||||||
.into_iter().nth(0).unwrap()
|
.into_iter().nth(0).unwrap()
|
||||||
}
|
}
|
||||||
|
|
||||||
get!(users);
|
|
||||||
|
|
||||||
pub fn count_local(conn: &PgConnection) -> usize {
|
pub fn count_local(conn: &PgConnection) -> usize {
|
||||||
users::table.filter(users::instance_id.eq(Instance::local_id(conn)))
|
users::table.filter(users::instance_id.eq(Instance::local_id(conn)))
|
||||||
.load::<User>(conn)
|
.load::<User>(conn)
|
||||||
@ -114,9 +116,6 @@ impl User {
|
|||||||
.len()
|
.len()
|
||||||
}
|
}
|
||||||
|
|
||||||
find_by!(users, find_by_email, email as String);
|
|
||||||
find_by!(users, find_by_name, username as String, instance_id as i32);
|
|
||||||
|
|
||||||
pub fn find_local(conn: &PgConnection, username: String) -> Option<User> {
|
pub fn find_local(conn: &PgConnection, username: String) -> Option<User> {
|
||||||
User::find_by_name(conn, username, Instance::local_id(conn))
|
User::find_by_name(conn, username, Instance::local_id(conn))
|
||||||
}
|
}
|
||||||
|
@ -55,11 +55,18 @@ fn new_auth(blog: String) -> Flash<Redirect> {
|
|||||||
}
|
}
|
||||||
|
|
||||||
#[get("/~/<blog>/new", rank = 1)]
|
#[get("/~/<blog>/new", rank = 1)]
|
||||||
#[allow(unused_variables)]
|
fn new(blog: String, user: User, conn: DbConn) -> Template {
|
||||||
fn new(blog: String, user: User) -> Template {
|
let b = Blog::find_by_fqn(&*conn, blog.to_string()).unwrap();
|
||||||
Template::render("posts/new", json!({
|
|
||||||
"account": user
|
if !user.is_author_in(&*conn, b.clone()) {
|
||||||
}))
|
Template::render("errors/403", json!({
|
||||||
|
"error_message": "You are not author in this blog."
|
||||||
|
}))
|
||||||
|
} else {
|
||||||
|
Template::render("posts/new", json!({
|
||||||
|
"account": user
|
||||||
|
}))
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
#[derive(FromForm)]
|
#[derive(FromForm)]
|
||||||
@ -75,41 +82,45 @@ fn create(blog_name: String, data: Form<NewPostForm>, user: User, conn: DbConn)
|
|||||||
let form = data.get();
|
let form = data.get();
|
||||||
let slug = form.title.to_string().to_kebab_case();
|
let slug = form.title.to_string().to_kebab_case();
|
||||||
|
|
||||||
if slug == "new" || Post::find_by_slug(&*conn, slug.clone(), blog.id).is_some() {
|
if !user.is_author_in(&*conn, blog.clone()) {
|
||||||
Redirect::to(uri!(new: blog = blog_name))
|
Redirect::to(uri!(super::blogs::details: name = blog_name))
|
||||||
} else {
|
} else {
|
||||||
let content = markdown_to_html(form.content.to_string().as_ref(), &ComrakOptions{
|
if slug == "new" || Post::find_by_slug(&*conn, slug.clone(), blog.id).is_some() {
|
||||||
smart: true,
|
Redirect::to(uri!(new: blog = blog_name))
|
||||||
safe: true,
|
} else {
|
||||||
ext_strikethrough: true,
|
let content = markdown_to_html(form.content.to_string().as_ref(), &ComrakOptions{
|
||||||
ext_tagfilter: true,
|
smart: true,
|
||||||
ext_table: true,
|
safe: true,
|
||||||
ext_autolink: true,
|
ext_strikethrough: true,
|
||||||
ext_tasklist: true,
|
ext_tagfilter: true,
|
||||||
ext_superscript: true,
|
ext_table: true,
|
||||||
ext_header_ids: Some("title".to_string()),
|
ext_autolink: true,
|
||||||
ext_footnotes: true,
|
ext_tasklist: true,
|
||||||
..ComrakOptions::default()
|
ext_superscript: true,
|
||||||
});
|
ext_header_ids: Some("title".to_string()),
|
||||||
|
ext_footnotes: true,
|
||||||
|
..ComrakOptions::default()
|
||||||
|
});
|
||||||
|
|
||||||
let post = Post::insert(&*conn, NewPost {
|
let post = Post::insert(&*conn, NewPost {
|
||||||
blog_id: blog.id,
|
blog_id: blog.id,
|
||||||
slug: slug.to_string(),
|
slug: slug.to_string(),
|
||||||
title: form.title.to_string(),
|
title: form.title.to_string(),
|
||||||
content: SafeString::new(&content),
|
content: SafeString::new(&content),
|
||||||
published: true,
|
published: true,
|
||||||
license: form.license.to_string(),
|
license: form.license.to_string(),
|
||||||
ap_url: "".to_string()
|
ap_url: "".to_string()
|
||||||
});
|
});
|
||||||
post.update_ap_url(&*conn);
|
post.update_ap_url(&*conn);
|
||||||
PostAuthor::insert(&*conn, NewPostAuthor {
|
PostAuthor::insert(&*conn, NewPostAuthor {
|
||||||
post_id: post.id,
|
post_id: post.id,
|
||||||
author_id: user.id
|
author_id: user.id
|
||||||
});
|
});
|
||||||
|
|
||||||
let act = post.create_activity(&*conn);
|
let act = post.create_activity(&*conn);
|
||||||
broadcast(&*conn, &user, act, user.get_followers(&*conn));
|
broadcast(&*conn, &user, act, user.get_followers(&*conn));
|
||||||
|
|
||||||
Redirect::to(uri!(details: blog = blog_name, slug = slug))
|
Redirect::to(uri!(details: blog = blog_name, slug = slug))
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
5
templates/errors/403.html.tera
Normal file
5
templates/errors/403.html.tera
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
{% extends "errors/base" %}
|
||||||
|
|
||||||
|
{% block error %}
|
||||||
|
<h1>{{ "You are not authorized." | _ }}</h1>
|
||||||
|
{% endblock error %}
|
Loading…
Reference in New Issue
Block a user