From 452577ca3d015454b9bb3aefe4e5736a14eff1f2 Mon Sep 17 00:00:00 2001
From: Go-Go-Farther <101922007+Go-Go-Farther@users.noreply.github.com>
Date: Mon, 19 Jun 2023 09:30:17 +0800
Subject: [PATCH] =?UTF-8?q?bugfix=EF=BC=9A1.=20=E4=BF=AE=E5=A4=8D=E5=8A=A0?=
=?UTF-8?q?=E5=AF=86=E6=96=87=E7=AB=A0=E8=AE=BF=E9=97=AE=EF=BC=8C=E9=9D=9E?=
=?UTF-8?q?=E4=BD=9C=E8=80=85=E5=92=8C=E7=AE=A1=E7=90=86=E5=91=98=E4=B8=8D?=
=?UTF-8?q?=E8=83=BD=E8=AE=BF=E9=97=AE=E7=9A=84=E9=97=AE=E9=A2=98=E3=80=82?=
=?UTF-8?q?=E8=BF=98=E6=9C=89=E5=AF=86=E7=A0=81=E4=BF=AE=E6=94=B9=E6=96=87?=
=?UTF-8?q?=E6=A1=88=E3=80=82=20resolves=20mindoc-org/mindoc#849=20(#867)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
---
conf/lang/en-us.ini | 2 +-
conf/lang/zh-cn.ini | 2 +-
controllers/BlogController.go | 19 +++++--------------
views/setting/password.tpl | 2 +-
4 files changed, 8 insertions(+), 17 deletions(-)
diff --git a/conf/lang/en-us.ini b/conf/lang/en-us.ini
index e0e84910..1484ef03 100644
--- a/conf/lang/en-us.ini
+++ b/conf/lang/en-us.ini
@@ -315,7 +315,7 @@ prev = prev
next = next
no = no
edit_title = Edit Blog
-private_blog_tips = Private blog is accessible only to author and administrator
+private_blog_tips = Private blog, please enter password to access
[doc]
modify_doc = Modify Document
diff --git a/conf/lang/zh-cn.ini b/conf/lang/zh-cn.ini
index 897892c3..d1a0b728 100644
--- a/conf/lang/zh-cn.ini
+++ b/conf/lang/zh-cn.ini
@@ -315,7 +315,7 @@ prev = 上一篇
next = 下一篇
no = 无
edit_title = 编辑文章
-private_blog_tips = 加密文章,仅作者和管理员可访问
+private_blog_tips = 加密文章,请输入密码访问
[doc]
modify_doc = 修改文档
diff --git a/controllers/BlogController.go b/controllers/BlogController.go
index 6e04c159..c40ff0e1 100644
--- a/controllers/BlogController.go
+++ b/controllers/BlogController.go
@@ -56,23 +56,14 @@ func (c *BlogController) Index() {
if blog.BlogStatus == "password" && password != blog.Password {
c.JsonResult(6001, i18n.Tr(c.Lang, "message.blog_pwd_incorrect"))
} else if blog.BlogStatus == "password" && password == blog.Password {
- // If the password is correct, then determine whether the user is correct
- if c.Member != nil && (blog.MemberId == c.Member.MemberId || c.Member.IsAdministrator()) {
- /* Private blog is accessible only to author and administrator.
- Anonymous users are not allowed access. */
- // Store the session value
- _ = c.CruSession.Set(context.TODO(), blogReadSession, blogId)
- c.JsonResult(0, "OK")
- } else {
- c.JsonResult(6002, i18n.Tr(c.Lang, "blog.private_blog_tips"))
- }
+ // Store the session value for the next GET request.
+ _ = c.CruSession.Set(context.TODO(), blogReadSession, blogId)
+ c.JsonResult(0, "OK")
} else {
c.JsonResult(0, "OK")
}
- } else if blog.BlogStatus == "password" &&
- (c.CruSession.Get(context.TODO(), blogReadSession) == nil || // Read session doesn't exist
- c.Member == nil || // Anonymous, Not Allow
- (blog.MemberId != c.Member.MemberId && !c.Member.IsAdministrator())) { // User isn't author or administrator
+ } else if blog.BlogStatus == "password" && c.CruSession.Get(context.TODO(), blogReadSession) == nil && // Read session doesn't exist
+ (c.Member == nil || (blog.MemberId != c.Member.MemberId && !c.Member.IsAdministrator())) { // User isn't author or administrator
//如果不存在已输入密码的标记
c.TplName = "blog/index_password.tpl"
}
diff --git a/views/setting/password.tpl b/views/setting/password.tpl
index f64baa42..8c302ef5 100644
--- a/views/setting/password.tpl
+++ b/views/setting/password.tpl
@@ -54,7 +54,7 @@
-
+