Bat
parent
8ab25b1ca2
commit
65e819c425
6
po/en.po
6
po/en.po
@ -274,3 +274,9 @@ msgstr ""
|
||||
|
||||
msgid "The link that led you here may be broken."
|
||||
msgstr ""
|
||||
|
||||
msgid "You are not authorized."
|
||||
msgstr ""
|
||||
|
||||
msgid "You are not author in this blog."
|
||||
msgstr ""
|
||||
|
||||
6
po/fr.po
6
po/fr.po
@ -274,3 +274,9 @@ msgstr ""
|
||||
|
||||
msgid "The link that led you here may be broken."
|
||||
msgstr ""
|
||||
|
||||
msgid "You are not authorized."
|
||||
msgstr ""
|
||||
|
||||
msgid "You are not author in this blog."
|
||||
msgstr ""
|
||||
|
||||
6
po/pl.po
6
po/pl.po
@ -279,5 +279,11 @@ msgstr "Nie udało się odnaleźć tej strony."
|
||||
msgid "The link that led you here may be broken."
|
||||
msgstr "Odnośnik który Cię tu zaprowadził może być uszkodzony."
|
||||
|
||||
msgid "You are not authorized."
|
||||
msgstr ""
|
||||
|
||||
msgid "You are not author in this blog."
|
||||
msgstr ""
|
||||
|
||||
#~ msgid "Logowanie"
|
||||
#~ msgstr "Zaloguj się"
|
||||
|
||||
@ -269,3 +269,9 @@ msgstr ""
|
||||
|
||||
msgid "The link that led you here may be broken."
|
||||
msgstr ""
|
||||
|
||||
msgid "You are not authorized."
|
||||
msgstr ""
|
||||
|
||||
msgid "You are not author in this blog."
|
||||
msgstr ""
|
||||
|
||||
@ -86,6 +86,10 @@ pub struct NewUser {
|
||||
|
||||
impl User {
|
||||
insert!(users, NewUser);
|
||||
get!(users);
|
||||
find_by!(users, find_by_email, email as String);
|
||||
find_by!(users, find_by_name, username as String, instance_id as i32);
|
||||
|
||||
|
||||
pub fn grant_admin_rights(&self, conn: &PgConnection) {
|
||||
diesel::update(self)
|
||||
@ -105,8 +109,6 @@ impl User {
|
||||
.into_iter().nth(0).unwrap()
|
||||
}
|
||||
|
||||
get!(users);
|
||||
|
||||
pub fn count_local(conn: &PgConnection) -> usize {
|
||||
users::table.filter(users::instance_id.eq(Instance::local_id(conn)))
|
||||
.load::<User>(conn)
|
||||
@ -114,9 +116,6 @@ impl User {
|
||||
.len()
|
||||
}
|
||||
|
||||
find_by!(users, find_by_email, email as String);
|
||||
find_by!(users, find_by_name, username as String, instance_id as i32);
|
||||
|
||||
pub fn find_local(conn: &PgConnection, username: String) -> Option<User> {
|
||||
User::find_by_name(conn, username, Instance::local_id(conn))
|
||||
}
|
||||
|
||||
@ -55,11 +55,18 @@ fn new_auth(blog: String) -> Flash<Redirect> {
|
||||
}
|
||||
|
||||
#[get("/~/<blog>/new", rank = 1)]
|
||||
#[allow(unused_variables)]
|
||||
fn new(blog: String, user: User) -> Template {
|
||||
fn new(blog: String, user: User, conn: DbConn) -> Template {
|
||||
let b = Blog::find_by_fqn(&*conn, blog.to_string()).unwrap();
|
||||
|
||||
if !user.is_author_in(&*conn, b.clone()) {
|
||||
Template::render("errors/403", json!({
|
||||
"error_message": "You are not author in this blog."
|
||||
}))
|
||||
} else {
|
||||
Template::render("posts/new", json!({
|
||||
"account": user
|
||||
}))
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(FromForm)]
|
||||
@ -75,6 +82,9 @@ fn create(blog_name: String, data: Form<NewPostForm>, user: User, conn: DbConn)
|
||||
let form = data.get();
|
||||
let slug = form.title.to_string().to_kebab_case();
|
||||
|
||||
if !user.is_author_in(&*conn, blog.clone()) {
|
||||
Redirect::to(uri!(super::blogs::details: name = blog_name))
|
||||
} else {
|
||||
if slug == "new" || Post::find_by_slug(&*conn, slug.clone(), blog.id).is_some() {
|
||||
Redirect::to(uri!(new: blog = blog_name))
|
||||
} else {
|
||||
@ -112,4 +122,5 @@ fn create(blog_name: String, data: Form<NewPostForm>, user: User, conn: DbConn)
|
||||
|
||||
Redirect::to(uri!(details: blog = blog_name, slug = slug))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
5
templates/errors/403.html.tera
Normal file
5
templates/errors/403.html.tera
Normal file
@ -0,0 +1,5 @@
|
||||
{% extends "errors/base" %}
|
||||
|
||||
{% block error %}
|
||||
<h1>{{ "You are not authorized." | _ }}</h1>
|
||||
{% endblock error %}
|
||||
Loading…
Reference in New Issue
Block a user