mindoc-org
/
mindoc
mirror of https://github.com/mindoc-org/mindoc.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #800 from Go-Go-Farther/private_blog_opt 

opt&bugfix: 私密文章访问优化 Fixes mindoc-org/mindoc#774
pull/803/head
玖亖伍 2022-06-27 13:19:40 +08:00 committed by GitHub
parent c15da23bf2 3ef9801a75
commit b4b7528e3f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 18 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
conf/lang/en-us.ini
View File

@ -313,6 +313,7 @@ prev = prev
next = next next = next
no = no no = no
edit_title = Edit Blog edit_title = Edit Blog
private_blog_tips = Private blog is accessible only to author and administrator
[doc] [doc]
modify_doc = Modify Document modify_doc = Modify Document

1
conf/lang/zh-cn.ini
View File

@ -313,6 +313,7 @@ prev = 上一篇
next = 下一篇 next = 下一篇
no = no =
edit_title = 编辑文章 edit_title = 编辑文章
private_blog_tips = 加密文章,仅作者和管理员可访问
[doc] [doc]
modify_doc = 修改文档 modify_doc = 修改文档

19
controllers/BlogController.go
View File

@ -56,12 +56,23 @@ func (c *BlogController) Index() {
if blog.BlogStatus == "password" && password != blog.Password { if blog.BlogStatus == "password" && password != blog.Password {
c.JsonResult(6001, i18n.Tr(c.Lang, "message.blog_pwd_incorrect")) c.JsonResult(6001, i18n.Tr(c.Lang, "message.blog_pwd_incorrect"))
} else if blog.BlogStatus == "password" && password == blog.Password { } else if blog.BlogStatus == "password" && password == blog.Password {
//如果密码输入正确则存入session中 // If the password is correct, then determine whether the user is correct
_ = c.CruSession.Set(context.TODO(), blogReadSession, blogId) if c.Member != nil && (blog.MemberId == c.Member.MemberId || c.Member.IsAdministrator()) {
/* Private blog is accessible only to author and administrator.
Anonymous users are not allowed access. */
// Store the session value
_ = c.CruSession.Set(context.TODO(), blogReadSession, blogId)
c.JsonResult(0, "OK")
} else {
c.JsonResult(6002, i18n.Tr(c.Lang, "blog.private_blog_tips"))
}
} else {
c.JsonResult(0, "OK") c.JsonResult(0, "OK")
} }
c.JsonResult(0, "OK") } else if blog.BlogStatus == "password" &&
} else if blog.BlogStatus == "password" && (c.CruSession.Get(context.TODO(), blogReadSession) == nil || (c.Member != nil && blog.MemberId != c.Member.MemberId && !c.Member.IsAdministrator())) { (c.CruSession.Get(context.TODO(), blogReadSession) == nil || // Read session doesn't exist
c.Member == nil || // Anonymous, Not Allow
(blog.MemberId != c.Member.MemberId && !c.Member.IsAdministrator())) { // User isn't author or administrator
//如果不存在已输入密码的标记 //如果不存在已输入密码的标记
c.TplName = "blog/index_password.tpl" c.TplName = "blog/index_password.tpl"
} }

2
views/blog/index_password.tpl
View File

@ -105,7 +105,7 @@
<input type="password" name="password" placeholder="{{i18n .Lang "blog.access_pass"}}" class="inp"/> <input type="password" name="password" placeholder="{{i18n .Lang "blog.access_pass"}}" class="inp"/>
</div> </div>
<div class="btn"> <div class="btn">
<span id="error" style="color: #919191; font-size: 13px;"></span> <span id="error" style="color: #919191; font-size: 13px;">{{i18n .Lang "blog.private_blog_tips"}}</span>
<input type="submit" value="{{i18n .Lang "doc.commit"}}" class="button"/> <input type="submit" value="{{i18n .Lang "doc.commit"}}" class="button"/>
</div> </div>
<div class="clear"></div> <div class="clear"></div>