parent
8ab25b1ca2
commit
65e819c425
6
po/en.po
6
po/en.po
@ -274,3 +274,9 @@ msgstr ""
|
||||
|
||||
msgid "The link that led you here may be broken."
|
||||
msgstr ""
|
||||
|
||||
msgid "You are not authorized."
|
||||
msgstr ""
|
||||
|
||||
msgid "You are not author in this blog."
|
||||
msgstr ""
|
||||
|
6
po/fr.po
6
po/fr.po
@ -274,3 +274,9 @@ msgstr ""
|
||||
|
||||
msgid "The link that led you here may be broken."
|
||||
msgstr ""
|
||||
|
||||
msgid "You are not authorized."
|
||||
msgstr ""
|
||||
|
||||
msgid "You are not author in this blog."
|
||||
msgstr ""
|
||||
|
6
po/pl.po
6
po/pl.po
@ -279,5 +279,11 @@ msgstr "Nie udało się odnaleźć tej strony."
|
||||
msgid "The link that led you here may be broken."
|
||||
msgstr "Odnośnik który Cię tu zaprowadził może być uszkodzony."
|
||||
|
||||
msgid "You are not authorized."
|
||||
msgstr ""
|
||||
|
||||
msgid "You are not author in this blog."
|
||||
msgstr ""
|
||||
|
||||
#~ msgid "Logowanie"
|
||||
#~ msgstr "Zaloguj się"
|
||||
|
@ -269,3 +269,9 @@ msgstr ""
|
||||
|
||||
msgid "The link that led you here may be broken."
|
||||
msgstr ""
|
||||
|
||||
msgid "You are not authorized."
|
||||
msgstr ""
|
||||
|
||||
msgid "You are not author in this blog."
|
||||
msgstr ""
|
||||
|
@ -86,6 +86,10 @@ pub struct NewUser {
|
||||
|
||||
impl User {
|
||||
insert!(users, NewUser);
|
||||
get!(users);
|
||||
find_by!(users, find_by_email, email as String);
|
||||
find_by!(users, find_by_name, username as String, instance_id as i32);
|
||||
|
||||
|
||||
pub fn grant_admin_rights(&self, conn: &PgConnection) {
|
||||
diesel::update(self)
|
||||
@ -105,8 +109,6 @@ impl User {
|
||||
.into_iter().nth(0).unwrap()
|
||||
}
|
||||
|
||||
get!(users);
|
||||
|
||||
pub fn count_local(conn: &PgConnection) -> usize {
|
||||
users::table.filter(users::instance_id.eq(Instance::local_id(conn)))
|
||||
.load::<User>(conn)
|
||||
@ -114,9 +116,6 @@ impl User {
|
||||
.len()
|
||||
}
|
||||
|
||||
find_by!(users, find_by_email, email as String);
|
||||
find_by!(users, find_by_name, username as String, instance_id as i32);
|
||||
|
||||
pub fn find_local(conn: &PgConnection, username: String) -> Option<User> {
|
||||
User::find_by_name(conn, username, Instance::local_id(conn))
|
||||
}
|
||||
|
@ -55,11 +55,18 @@ fn new_auth(blog: String) -> Flash<Redirect> {
|
||||
}
|
||||
|
||||
#[get("/~/<blog>/new", rank = 1)]
|
||||
#[allow(unused_variables)]
|
||||
fn new(blog: String, user: User) -> Template {
|
||||
Template::render("posts/new", json!({
|
||||
"account": user
|
||||
}))
|
||||
fn new(blog: String, user: User, conn: DbConn) -> Template {
|
||||
let b = Blog::find_by_fqn(&*conn, blog.to_string()).unwrap();
|
||||
|
||||
if !user.is_author_in(&*conn, b.clone()) {
|
||||
Template::render("errors/403", json!({
|
||||
"error_message": "You are not author in this blog."
|
||||
}))
|
||||
} else {
|
||||
Template::render("posts/new", json!({
|
||||
"account": user
|
||||
}))
|
||||
}
|
||||
}
|
||||
|
||||
#[derive(FromForm)]
|
||||
@ -75,41 +82,45 @@ fn create(blog_name: String, data: Form<NewPostForm>, user: User, conn: DbConn)
|
||||
let form = data.get();
|
||||
let slug = form.title.to_string().to_kebab_case();
|
||||
|
||||
if slug == "new" || Post::find_by_slug(&*conn, slug.clone(), blog.id).is_some() {
|
||||
Redirect::to(uri!(new: blog = blog_name))
|
||||
if !user.is_author_in(&*conn, blog.clone()) {
|
||||
Redirect::to(uri!(super::blogs::details: name = blog_name))
|
||||
} else {
|
||||
let content = markdown_to_html(form.content.to_string().as_ref(), &ComrakOptions{
|
||||
smart: true,
|
||||
safe: true,
|
||||
ext_strikethrough: true,
|
||||
ext_tagfilter: true,
|
||||
ext_table: true,
|
||||
ext_autolink: true,
|
||||
ext_tasklist: true,
|
||||
ext_superscript: true,
|
||||
ext_header_ids: Some("title".to_string()),
|
||||
ext_footnotes: true,
|
||||
..ComrakOptions::default()
|
||||
});
|
||||
if slug == "new" || Post::find_by_slug(&*conn, slug.clone(), blog.id).is_some() {
|
||||
Redirect::to(uri!(new: blog = blog_name))
|
||||
} else {
|
||||
let content = markdown_to_html(form.content.to_string().as_ref(), &ComrakOptions{
|
||||
smart: true,
|
||||
safe: true,
|
||||
ext_strikethrough: true,
|
||||
ext_tagfilter: true,
|
||||
ext_table: true,
|
||||
ext_autolink: true,
|
||||
ext_tasklist: true,
|
||||
ext_superscript: true,
|
||||
ext_header_ids: Some("title".to_string()),
|
||||
ext_footnotes: true,
|
||||
..ComrakOptions::default()
|
||||
});
|
||||
|
||||
let post = Post::insert(&*conn, NewPost {
|
||||
blog_id: blog.id,
|
||||
slug: slug.to_string(),
|
||||
title: form.title.to_string(),
|
||||
content: SafeString::new(&content),
|
||||
published: true,
|
||||
license: form.license.to_string(),
|
||||
ap_url: "".to_string()
|
||||
});
|
||||
post.update_ap_url(&*conn);
|
||||
PostAuthor::insert(&*conn, NewPostAuthor {
|
||||
post_id: post.id,
|
||||
author_id: user.id
|
||||
});
|
||||
let post = Post::insert(&*conn, NewPost {
|
||||
blog_id: blog.id,
|
||||
slug: slug.to_string(),
|
||||
title: form.title.to_string(),
|
||||
content: SafeString::new(&content),
|
||||
published: true,
|
||||
license: form.license.to_string(),
|
||||
ap_url: "".to_string()
|
||||
});
|
||||
post.update_ap_url(&*conn);
|
||||
PostAuthor::insert(&*conn, NewPostAuthor {
|
||||
post_id: post.id,
|
||||
author_id: user.id
|
||||
});
|
||||
|
||||
let act = post.create_activity(&*conn);
|
||||
broadcast(&*conn, &user, act, user.get_followers(&*conn));
|
||||
let act = post.create_activity(&*conn);
|
||||
broadcast(&*conn, &user, act, user.get_followers(&*conn));
|
||||
|
||||
Redirect::to(uri!(details: blog = blog_name, slug = slug))
|
||||
Redirect::to(uri!(details: blog = blog_name, slug = slug))
|
||||
}
|
||||
}
|
||||
}
|
||||
|
5
templates/errors/403.html.tera
Normal file
5
templates/errors/403.html.tera
Normal file
@ -0,0 +1,5 @@
|
||||
{% extends "errors/base" %}
|
||||
|
||||
{% block error %}
|
||||
<h1>{{ "You are not authorized." | _ }}</h1>
|
||||
{% endblock error %}
|
Loading…
Reference in New Issue
Block a user