nodebb-plugin-composer-default 10.2.39 → 10.2.41
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/library.js +15 -0
- package/package.json +1 -1
- package/static/lib/composer/preview.js +1 -1
package/library.js
CHANGED
|
@@ -130,6 +130,9 @@ plugin.filterComposerBuild = async function (hookData) {
|
|
|
130
130
|
} else if (!req.query.pid && !req.query.tid && !req.query.cid) {
|
|
131
131
|
return helpers.redirect(res, '/');
|
|
132
132
|
}
|
|
133
|
+
|
|
134
|
+
await checkPrivileges(req, res);
|
|
135
|
+
|
|
133
136
|
const [
|
|
134
137
|
isMainPost,
|
|
135
138
|
postData,
|
|
@@ -224,6 +227,18 @@ plugin.filterComposerBuild = async function (hookData) {
|
|
|
224
227
|
};
|
|
225
228
|
};
|
|
226
229
|
|
|
230
|
+
async function checkPrivileges(req, res) {
|
|
231
|
+
const notAllowed = (
|
|
232
|
+
(req.query.cid && !await privileges.categories.can('topics:create', req.query.cid, req.uid)) ||
|
|
233
|
+
(req.query.tid && !await privileges.topics.can('topics:reply', req.query.tid, req.uid)) ||
|
|
234
|
+
(req.query.pid && !await privileges.posts.can('posts:edit', req.query.pid, req.uid))
|
|
235
|
+
);
|
|
236
|
+
|
|
237
|
+
if (notAllowed) {
|
|
238
|
+
await helpers.notAllowed(req, res);
|
|
239
|
+
}
|
|
240
|
+
}
|
|
241
|
+
|
|
227
242
|
function generateDiscardRoute(req, topicData) {
|
|
228
243
|
if (req.query.cid) {
|
|
229
244
|
return `${nconf.get('relative_path')}/category/${validator.escape(String(req.query.cid))}`;
|
package/package.json
CHANGED
|
@@ -51,7 +51,7 @@ define('composer/preview', ['hooks'], function (hooks) {
|
|
|
51
51
|
const showText = toggler.querySelector('.show-text');
|
|
52
52
|
const hideText = toggler.querySelector('.hide-text');
|
|
53
53
|
const previewToggled = localStorage.getItem('composer:previewToggled');
|
|
54
|
-
const hidePreviewOnOpen = config['composer-default'].hidePreviewOnOpen === 'on';
|
|
54
|
+
const hidePreviewOnOpen = config['composer-default'] && config['composer-default'].hidePreviewOnOpen === 'on';
|
|
55
55
|
let show = !isMobile && (
|
|
56
56
|
((previewToggled === null && !hidePreviewOnOpen) || previewToggled === 'true')
|
|
57
57
|
);
|