nodebb-plugin-pdf-secure 1.0.1

package/static/lib/viewer.css

@@ -0,0 +1,158 @@
+/* PDF Secure Viewer Styles */
+* {
+	margin: 0;
+	padding: 0;
+	box-sizing: border-box;
+}
+
+html, body {
+	width: 100%;
+	height: 100%;
+	overflow: hidden;
+	background: #2b2b2b;
+	font-family: -apple-system, BlinkMacSystemFont, 'Segoe UI', Roboto, sans-serif;
+	user-select: none;
+	-webkit-user-select: none;
+	-moz-user-select: none;
+	-ms-user-select: none;
+}
+
+#viewer-container {
+	display: flex;
+	flex-direction: column;
+	height: 100%;
+	width: 100%;
+}
+
+#toolbar {
+	display: flex;
+	align-items: center;
+	justify-content: center;
+	gap: 12px;
+	padding: 8px 16px;
+	background: #333;
+	color: #fff;
+	flex-shrink: 0;
+	z-index: 10;
+}
+
+#toolbar button {
+	background: #555;
+	color: #fff;
+	border: none;
+	padding: 6px 14px;
+	border-radius: 4px;
+	cursor: pointer;
+	font-size: 14px;
+}
+
+#toolbar button:hover {
+	background: #666;
+}
+
+#toolbar button:disabled {
+	opacity: 0.4;
+	cursor: not-allowed;
+}
+
+#page-info {
+	font-size: 14px;
+	min-width: 100px;
+	text-align: center;
+}
+
+#close-btn {
+	position: absolute;
+	right: 16px;
+	top: 8px;
+	background: #c0392b !important;
+	font-size: 16px !important;
+	padding: 6px 12px !important;
+	z-index: 20;
+}
+
+#close-btn:hover {
+	background: #e74c3c !important;
+}
+
+#canvas-wrapper {
+	flex: 1;
+	overflow: auto;
+	display: flex;
+	justify-content: center;
+	align-items: flex-start;
+	padding: 20px;
+	background: #2b2b2b;
+}
+
+#pdf-canvas {
+	pointer-events: none;
+	display: block;
+	max-width: 100%;
+	box-shadow: 0 4px 20px rgba(0,0,0,0.5);
+}
+
+#loading {
+	display: flex;
+	align-items: center;
+	justify-content: center;
+	height: 100%;
+	color: #aaa;
+	font-size: 18px;
+}
+
+#error-msg {
+	display: none;
+	align-items: center;
+	justify-content: center;
+	height: 100%;
+	color: #e74c3c;
+	font-size: 18px;
+	text-align: center;
+	padding: 20px;
+}
+
+#premium-banner {
+	display: none;
+	background: linear-gradient(135deg, #f39c12, #e67e22);
+	color: #fff;
+	text-align: center;
+	padding: 10px 16px;
+	font-size: 14px;
+	font-weight: 600;
+	flex-shrink: 0;
+}
+
+/* Anti-print */
+@media print {
+	html, body {
+		visibility: hidden !important;
+	}
+	body::after {
+		content: 'Printing is not allowed.';
+		visibility: visible;
+		display: block;
+		text-align: center;
+		padding: 50px;
+		font-size: 24px;
+	}
+}
+
+/* Responsive */
+@media (max-width: 600px) {
+	#toolbar {
+		gap: 6px;
+		padding: 6px 8px;
+	}
+	#toolbar button {
+		padding: 4px 8px;
+		font-size: 12px;
+	}
+	#page-info {
+		font-size: 12px;
+		min-width: 70px;
+	}
+	#canvas-wrapper {
+		padding: 10px;
+	}
+}

package/static/lib/viewer.html

@@ -0,0 +1,29 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+	<meta charset="UTF-8">
+	<meta name="viewport" content="width=device-width, initial-scale=1.0">
+	<title>PDF Viewer</title>
+	<link rel="stylesheet" href="viewer.css">
+</head>
+<body>
+	<div id="viewer-container">
+		<div id="toolbar">
+			<button id="prev-btn" disabled>&laquo; Prev</button>
+			<span id="page-info">Loading...</span>
+			<button id="next-btn" disabled>Next &raquo;</button>
+			<button id="close-btn">&times; Close</button>
+		</div>
+		<div id="premium-banner">
+			This is a preview (page 1 only). Upgrade to Premium to view the full document.
+		</div>
+		<div id="canvas-wrapper">
+			<div id="loading">Loading PDF...</div>
+			<div id="error-msg"></div>
+			<canvas id="pdf-canvas"></canvas>
+		</div>
+	</div>
+
+	<script type="module" src="viewer.js"></script>
+</body>
+</html>

package/static/lib/viewer.js

@@ -0,0 +1,181 @@
+import { getDocument, GlobalWorkerOptions } from './pdf.min.mjs';
+
+// Set worker path
+GlobalWorkerOptions.workerSrc = './pdf.worker.min.mjs';
+
+// --- Security event listeners ---
+
+// Block right-click context menu
+document.addEventListener('contextmenu', (e) => {
+	e.preventDefault();
+});
+
+// Block keyboard shortcuts (Ctrl+S, Ctrl+P, Ctrl+U, F12)
+document.addEventListener('keydown', (e) => {
+	if (e.key === 'F12') {
+		e.preventDefault();
+		return;
+	}
+	if ((e.ctrlKey || e.metaKey) && ['s', 'p', 'u', 'a'].includes(e.key.toLowerCase())) {
+		e.preventDefault();
+		return;
+	}
+});
+
+// Block drag
+document.addEventListener('dragstart', (e) => {
+	e.preventDefault();
+});
+
+// Block text selection via JS as well
+document.addEventListener('selectstart', (e) => {
+	e.preventDefault();
+});
+
+// --- PDF Viewer Logic ---
+
+const canvas = document.getElementById('pdf-canvas');
+const ctx = canvas.getContext('2d');
+const prevBtn = document.getElementById('prev-btn');
+const nextBtn = document.getElementById('next-btn');
+const pageInfo = document.getElementById('page-info');
+const loadingEl = document.getElementById('loading');
+const errorEl = document.getElementById('error-msg');
+const premiumBanner = document.getElementById('premium-banner');
+const closeBtn = document.getElementById('close-btn');
+
+let pdfDoc = null;
+let currentPage = 1;
+let totalPages = 0;
+let rendering = false;
+
+// Parse URL parameters
+const params = new URLSearchParams(window.location.search);
+const nonce = params.get('nonce');
+const isPremium = params.get('premium') === 'true';
+const apiBase = params.get('apiBase') || '';
+
+// Show premium banner for non-premium users
+if (!isPremium) {
+	premiumBanner.style.display = 'block';
+}
+
+// Close button handler
+closeBtn.addEventListener('click', () => {
+	if (window.parent && window.parent !== window) {
+		window.parent.postMessage({ type: 'pdf-viewer-close' }, '*');
+	} else {
+		window.close();
+	}
+});
+
+async function renderPage(pageNum) {
+	if (rendering) return;
+	rendering = true;
+
+	try {
+		const page = await pdfDoc.getPage(pageNum);
+
+		// Calculate scale to fit container width
+		const wrapper = document.getElementById('canvas-wrapper');
+		const maxWidth = wrapper.clientWidth - 40; // padding
+		const viewport = page.getViewport({ scale: 1 });
+		const scale = Math.min(maxWidth / viewport.width, 2.0); // max 2x
+		const scaledViewport = page.getViewport({ scale });
+
+		canvas.width = scaledViewport.width;
+		canvas.height = scaledViewport.height;
+
+		await page.render({
+			canvasContext: ctx,
+			viewport: scaledViewport,
+		}).promise;
+
+		currentPage = pageNum;
+		pageInfo.textContent = `Page ${currentPage} / ${totalPages}`;
+		prevBtn.disabled = currentPage <= 1;
+		nextBtn.disabled = currentPage >= totalPages;
+	} catch (err) {
+		showError('Error rendering page.');
+	}
+
+	rendering = false;
+}
+
+function showError(msg) {
+	loadingEl.style.display = 'none';
+	canvas.style.display = 'none';
+	errorEl.style.display = 'flex';
+	errorEl.textContent = msg;
+}
+
+// Navigation
+prevBtn.addEventListener('click', () => {
+	if (currentPage > 1) renderPage(currentPage - 1);
+});
+
+nextBtn.addEventListener('click', () => {
+	if (currentPage < totalPages) renderPage(currentPage + 1);
+});
+
+// Keyboard navigation
+document.addEventListener('keydown', (e) => {
+	if (e.key === 'ArrowLeft' && currentPage > 1) {
+		renderPage(currentPage - 1);
+	} else if (e.key === 'ArrowRight' && currentPage < totalPages) {
+		renderPage(currentPage + 1);
+	} else if (e.key === 'Escape') {
+		closeBtn.click();
+	}
+});
+
+// Load PDF
+async function init() {
+	if (!nonce) {
+		showError('Missing access token.');
+		return;
+	}
+
+	try {
+		const response = await fetch(`${apiBase}/api/v3/plugins/pdf-secure/pdf-data?nonce=${encodeURIComponent(nonce)}`, {
+			credentials: 'same-origin',
+		});
+
+		if (!response.ok) {
+			if (response.status === 401) {
+				showError('You must be logged in to view this PDF.');
+			} else if (response.status === 403) {
+				showError('Access denied. The link may have expired.');
+			} else if (response.status === 404) {
+				showError('PDF file not found.');
+			} else {
+				showError('Failed to load PDF.');
+			}
+			return;
+		}
+
+		const arrayBuffer = await response.arrayBuffer();
+		const data = new Uint8Array(arrayBuffer);
+
+		pdfDoc = await getDocument({ data }).promise;
+		totalPages = pdfDoc.numPages;
+
+		loadingEl.style.display = 'none';
+		canvas.style.display = 'block';
+
+		await renderPage(1);
+	} catch (err) {
+		showError('Failed to load PDF. Please try again.');
+	}
+}
+
+// Handle window resize
+let resizeTimeout;
+window.addEventListener('resize', () => {
+	clearTimeout(resizeTimeout);
+	resizeTimeout = setTimeout(() => {
+		if (pdfDoc) renderPage(currentPage);
+	}, 250);
+});
+
+init();

package/static/style.less

@@ -0,0 +1,42 @@
+/* PDF Secure Viewer Plugin Styles */
+
+.pdf-secure-btn {
+	display: inline-flex;
+	align-items: center;
+	gap: 6px;
+	cursor: pointer;
+	margin: 2px 0;
+
+	i {
+		color: #c0392b;
+	}
+}
+
+.pdf-secure-overlay {
+	position: fixed;
+	top: 0;
+	left: 0;
+	width: 100%;
+	height: 100%;
+	z-index: 100000;
+	background: rgba(0, 0, 0, 0.85);
+	display: flex;
+	align-items: center;
+	justify-content: center;
+}
+
+.pdf-secure-iframe {
+	width: 95%;
+	height: 95%;
+	border: none;
+	border-radius: 8px;
+	background: #2b2b2b;
+}
+
+@media (max-width: 768px) {
+	.pdf-secure-iframe {
+		width: 100%;
+		height: 100%;
+		border-radius: 0;
+	}
+}

package/static/templates/admin/plugins/pdf-secure.tpl

@@ -0,0 +1,31 @@
+<div class="acp-page-container">
+	<!-- IMPORT admin/partials/settings/header.tpl -->
+
+	<div class="row m-0">
+		<div id="spy-container" class="col-12 col-md-8 px-0 mb-4" tabindex="0">
+			<form role="form" class="pdf-secure-settings">
+				<div class="mb-4">
+					<h5 class="fw-bold tracking-tight settings-header">PDF Secure Viewer Settings</h5>
+
+					<p class="lead">
+						Configure the secure PDF viewer plugin settings below.
+					</p>
+
+					<div class="mb-3">
+						<label class="form-label" for="premiumGroup">Premium Group Name</label>
+						<input type="text" id="premiumGroup" name="premiumGroup" title="Premium Group Name" class="form-control" placeholder="Premium" value="Premium">
+						<div class="form-text">Users in this group can view full PDFs. Others can only see the first page.</div>
+					</div>
+
+					<div class="form-check form-switch mb-3">
+						<input type="checkbox" class="form-check-input" id="watermarkEnabled" name="watermarkEnabled">
+						<label for="watermarkEnabled" class="form-check-label">Enable Watermark</label>
+						<div class="form-text">Show a watermark overlay on PDF pages.</div>
+					</div>
+				</div>
+			</form>
+		</div>
+
+		<!-- IMPORT admin/partials/settings/toc.tpl -->
+	</div>
+</div>

package/test/.eslintrc

@@ -0,0 +1,9 @@
+{
+	"env": {
+		"mocha": true
+	},
+	"rules": {
+		"no-unused-vars": "off"
+	}
+}
+

package/test/index.js

@@ -0,0 +1,41 @@
+/**
+ * You can run these tests by executing `npx mocha test/plugins-installed.js`
+ * from the NodeBB root folder. The regular test runner will also run these
+ * tests.
+ *
+ * Keep in mind tests do not activate all plugins, so if you are testing
+ * hook listeners, socket.io, or mounted routes, you will need to add your
+ * plugin to `config.json`, e.g.
+ *
+ * {
+ *     "test_plugins": [
+ *         "nodebb-plugin-pdf-secure"
+ *     ]
+ * }
+ */
+
+'use strict';
+
+/* globals describe, it, before */
+
+const assert = require('assert');
+
+const db = require.main.require('./test/mocks/databasemock');
+
+describe('nodebb-plugin-pdf-secure', () => {
+	before(() => {
+		// Prepare for tests here
+	});
+
+	it('should pass', (done) => {
+		const actual = 'value';
+		const expected = 'value';
+		assert.strictEqual(actual, expected);
+		done();
+	});
+
+	it('should load config object', async () => {
+		const config = await db.getObject('config');
+		assert(config);
+	});
+});