Skip to content

Commit 6ae4b8b

Browse files
author
Dario Ernst
committed
Add option to enable freely permission in closed instance
Before, closed disallowed guest edits completely, by removing the `freely` permission. This makes it possible to explicitely bring back guest-editing, but not guest-note-creation, to closed instances. Signed-off-by: Dario Ernst <dario@kanojo.de>
1 parent 40d1d75 commit 6ae4b8b

7 files changed

Lines changed: 9 additions & 3 deletions

File tree

README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -143,6 +143,7 @@ There are some configs you need to change in the files below
143143
| HMD_URL_ADDPORT | `true` or `false` | set to add port on callback url (port 80 or 443 won't applied) (only applied when domain is set) |
144144
| HMD_USECDN | `true` or `false` | set to use CDN resources or not (default is `true`) |
145145
| HMD_ALLOW_ANONYMOUS | `true` or `false` | set to allow anonymous usage (default is `true`) |
146+
| HMD_ALLOW_ANONYMOUS_EDITS | `true` or `false` | if `allowanonymous` is `true`: allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) |
146147
| HMD_ALLOW_FREEURL | `true` or `false` | set to allow new note by accessing not exist note url |
147148
| HMD_DEFAULT_PERMISSION | `freely`, `editable`, `limited`, `locked` or `private` | set notes default permission (only applied on signed users) |
148149
| HMD_DB_URL | `mysql://localhost:3306/database` | set the db url |
@@ -212,6 +213,7 @@ There are some configs you need to change in the files below
212213
| urladdport | `true` or `false` | set to add port on callback url (port 80 or 443 won't applied) (only applied when domain is set) |
213214
| usecdn | `true` or `false` | set to use CDN resources or not (default is `true`) |
214215
| allowanonymous | `true` or `false` | set to allow anonymous usage (default is `true`) |
216+
| allowanonymousedits | `true` or `false` | if `allowanonymous` is `true`: allow users to select `freely` permission, allowing guests to edit existing notes (default is `false`) |
215217
| allowfreeurl | `true` or `false` | set to allow new note by accessing not exist note url |
216218
| defaultpermission | `freely`, `editable`, `limited`, `locked`, `protected` or `private` | set notes default permission (only applied on signed users) |
217219
| dburl | `mysql://localhost:3306/database` | set the db url, if set this variable then below db config won't be applied |

lib/config/default.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,7 @@ module.exports = {
1616
protocolusessl: false,
1717
usecdn: true,
1818
allowanonymous: true,
19+
allowanonymousedits: false,
1920
allowfreeurl: false,
2021
defaultpermission: 'editable',
2122
dburl: '',

lib/config/environment.js

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,7 @@ module.exports = {
1818
alloworigin: toArrayConfig(process.env.HMD_ALLOW_ORIGIN),
1919
usecdn: toBooleanConfig(process.env.HMD_USECDN),
2020
allowanonymous: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS),
21+
allowanonymousedits: toBooleanConfig(process.env.HMD_ALLOW_ANONYMOUS_EDITS),
2122
allowfreeurl: toBooleanConfig(process.env.HMD_ALLOW_FREEURL),
2223
defaultpermission: process.env.HMD_DEFAULT_PERMISSION,
2324
dburl: process.env.HMD_DB_URL,

lib/config/index.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -49,7 +49,7 @@ if (config.ldap.tlsca) {
4949

5050
// Permission
5151
config.permission = Permission
52-
if (!config.allowanonymous) {
52+
if (!config.allowanonymous && !config.allowanonymousedits) {
5353
delete config.permission.freely
5454
}
5555
if (!(config.defaultpermission in config.permission)) {

lib/realtime.js

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -781,7 +781,7 @@ function connection (socket) {
781781
var note = notes[noteId]
782782
// Only owner can change permission
783783
if (note.owner && note.owner === socket.request.user.id) {
784-
if (permission === 'freely' && !config.allowanonymous) return
784+
if (permission === 'freely' && !config.allowanonymous && !config.allowanonymousedits) return
785785
note.permission = permission
786786
models.Note.update({
787787
permission: permission

lib/response.js

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,7 @@ function showIndex (req, res, next) {
6060
url: config.serverurl,
6161
useCDN: config.usecdn,
6262
allowAnonymous: config.allowanonymous,
63+
allowAnonymousEdits: config.allowanonymousedits,
6364
facebook: config.isFacebookEnable,
6465
twitter: config.isTwitterEnable,
6566
github: config.isGitHubEnable,
@@ -93,6 +94,7 @@ function responseHackMD (res, note) {
9394
title: title,
9495
useCDN: config.usecdn,
9596
allowAnonymous: config.allowanonymous,
97+
allowAnonymousEdits: config.allowanonymousedits,
9698
facebook: config.isFacebookEnable,
9799
twitter: config.isTwitterEnable,
98100
github: config.isGitHubEnable,

public/views/hackmd/body.ejs

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@
1515
<a id="permissionLabel" class="ui-permission-label text-uppercase" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">
1616
</a>
1717
<ul class="dropdown-menu" aria-labelledby="permissionLabel">
18-
<li class="ui-permission-freely"<% if(!allowAnonymous) { %> style="display: none;"<% } %>><a><i class="fa fa-leaf fa-fw"></i> Freely - Anyone can edit</a></li>
18+
<li class="ui-permission-freely"<% if(!allowAnonymous && !allowAnonymousEdits) { %> style="display: none;"<% } %>><a><i class="fa fa-leaf fa-fw"></i> Freely - Anyone can edit</a></li>
1919
<li class="ui-permission-editable"><a><i class="fa fa-shield fa-fw"></i> Editable - Signed-in people can edit</a></li>
2020
<li class="ui-permission-limited"><a><i class="fa fa-id-card fa-fw"></i> Limited - Signed-in people can edit (forbid guests)</a></li>
2121
<li class="ui-permission-locked"><a><i class="fa fa-lock fa-fw"></i> Locked - Only owner can edit</a></li>

0 commit comments

Comments
 (0)