npm - nodebb-plugin-pdf-secure2 - Versions diffs - 1.3.3 → 1.3.5 - Mend

nodebb-plugin-pdf-secure2 1.3.3 → 1.3.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/lib/controllers.js CHANGED Viewed

@@ -42,13 +42,17 @@ Controllers.renderAdminPage = function (req, res) {
 };
 Controllers.servePdfBinary = async function (req, res) {
+	console.log('[PDF-Secure] servePdfBinary called - uid:', req.uid, 'nonce:', req.query.nonce ? 'present' : 'missing');
 	// Authentication gate - require logged-in user
 	if (!req.uid) {
+		console.log('[PDF-Secure] servePdfBinary - REJECTED: no uid');
 		return res.status(401).json({ error: 'Authentication required' });
 	}
 	const { nonce } = req.query;
 	if (!nonce) {
+		console.log('[PDF-Secure] servePdfBinary - REJECTED: no nonce');
 		return res.status(400).json({ error: 'Missing nonce' });
 	}
@@ -56,9 +60,12 @@ Controllers.servePdfBinary = async function (req, res) {
 	const data = nonceStore.validate(nonce, uid);
 	if (!data) {
+		console.log('[PDF-Secure] servePdfBinary - REJECTED: invalid/expired nonce for uid:', uid);
 		return res.status(403).json({ error: 'Invalid or expired nonce' });
 	}
+	console.log('[PDF-Secure] servePdfBinary - OK: file:', data.file, 'isPremium:', data.isPremium);
 	try {
 		// Server-side premium gate: non-premium users only get first page
 		const pdfBuffer = data.isPremium

package/library.js CHANGED Viewed

@@ -10,7 +10,6 @@ const controllers = require('./lib/controllers');
 const nonceStore = require('./lib/nonce-store');
 const pdfHandler = require('./lib/pdf-handler');
 const geminiChat = require('./lib/gemini-chat');
-const topics = require.main.require('./src/topics');
 const plugin = {};
@@ -102,6 +101,7 @@ plugin.init = async (params) => {
 		// Check if user is Premium or Lite (admins/global mods always premium)
 		let isPremium = false;
 		let isLite = false;
+		let isVip = false;
 		if (req.uid) {
 			const [isAdmin, isGlobalMod, isPremiumMember, isVipMember, isLiteMember] = await Promise.all([
 				groups.isMember(req.uid, 'administrators'),
@@ -111,10 +111,11 @@ plugin.init = async (params) => {
 				groups.isMember(req.uid, 'Lite'),
 			]);
 			isPremium = isAdmin || isGlobalMod || isPremiumMember || isVipMember;
-			const isVip = isVipMember || isAdmin;
+			isVip = isVipMember || isAdmin;
 			// Lite: full PDF access but restricted UI (no annotations, sidebar, etc.)
 			isLite = !isPremium && isLiteMember;
 		}
+		console.log('[PDF-Secure] Viewer request - uid:', req.uid, 'file:', safeName, 'isPremium:', isPremium, 'isVip:', isVip, 'isLite:', isLite);
 		// Lite users get full PDF like premium (for nonce/server-side PDF data)
 		const hasFullAccess = isPremium || isLite;
@@ -230,11 +231,9 @@ plugin.filterMetaTags = async (hookData) => {
 	return hookData;
 };
-// Inject allowed categories into client-side config
+// Inject plugin config into client-side
 plugin.filterConfig = async function (data) {
-	if (data && data.config) {
-		data.config.pdfSecureCategories = pluginSettings.allowedCategories || '';
-	}
+	console.log('[PDF-Secure] filterConfig called - data exists:', !!data, 'config exists:', !!(data && data.config));
 	return data;
 };
@@ -242,26 +241,19 @@ plugin.filterConfig = async function (data) {
 // This hides PDF URLs from: page source, API, RSS, ActivityPub
 plugin.transformPdfLinks = async (data) => {
 	if (!data || !data.postData || !data.postData.content) {
+		console.log('[PDF-Secure] transformPdfLinks - no data/postData/content, skipping');
 		return data;
 	}
-	// Category check — only transform in allowed categories
-	const allowedStr = pluginSettings.allowedCategories || '';
-	const allowed = allowedStr.split(',').map(s => s.trim()).filter(Boolean);
-	if (allowed.length > 0 && data.postData.tid) {
-		let cid = data.postData.cid;
-		if (!cid) {
-			cid = await topics.getTopicField(data.postData.tid, 'cid');
-		}
-		if (cid && !allowed.includes(String(cid))) {
-			return data;
-		}
-	}
+	console.log('[PDF-Secure] transformPdfLinks - processing post tid:', data.postData.tid, 'pid:', data.postData.pid);
 	// Regex to match PDF links: <a href="...xxx.pdf">text</a>
 	// Captures: full URL path, filename, link text
 	const pdfLinkRegex = /<a\s+[^>]*href=["']([^"']*\/([^"'\/]+\.pdf))["'][^>]*>([^<]*)<\/a>/gi;
+	const matchCount = (data.postData.content.match(pdfLinkRegex) || []).length;
+	console.log('[PDF-Secure] transformPdfLinks - found', matchCount, 'PDF links in post');
 	data.postData.content = data.postData.content.replace(pdfLinkRegex, (match, fullPath, filename, linkText) => {
 		// Decode filename to prevent double encoding (URL may already be encoded)
 		let decodedFilename;

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "nodebb-plugin-pdf-secure2",
-  "version": "1.3.3",
+  "version": "1.3.5",
   "description": "Secure PDF viewer plugin for NodeBB - prevents downloading, enables canvas-only rendering with Premium group support",
   "main": "library.js",
   "repository": {

package/static/lib/main.js CHANGED Viewed

@@ -283,15 +283,6 @@
 	}
 	function interceptPdfLinks() {
-		// Category check — only intercept in allowed categories
-		var allowedCats = (config.pdfSecureCategories || '').split(',').filter(Boolean);
-		if (allowedCats.length > 0) {
-			var currentCid = ajaxify && ajaxify.data && String(ajaxify.data.cid || '');
-			if (currentCid && !allowedCats.includes(currentCid)) {
-				return;
-			}
-		}
 		var postContents = document.querySelectorAll('[component="post/content"]');
 		postContents.forEach(function (content) {