Hugo improvements and such

Former-commit-id: 2a2487cd12126f56dec90eea5f4e23dd3f3deec8 [formerly 80b28386cb493fc5b18cbceaf057479c140884dc] [formerly 07a1fe726815cb3368e5e13adbedc070f0fbe061 [formerly 87fc8db54f]] Former-commit-id: e193354dc581c3f2594e004b735e3e3715249321 [formerly c9792d4bda13655a354ebaedd7dc14c2de354d0f] Former-commit-id: d3b82daf64a9a8a79b40ebb139eaa82ac9a5135e
2024-06-07 23:00:43 +00:00 · 2017-07-14 08:30:56 +01:00 · 2017-07-14 08:30:56 +01:00 · 329f3587ea
commit 329f3587ea
parent 48964b28ff
3 changed files with 20 additions and 11 deletions
--- a/caddy/hugo/hugo.go
+++ b/caddy/hugo/hugo.go
@ -26,7 +26,6 @@ type hugo struct {
 	// Indicates if we should clean public before a new publish.
 	CleanPublic bool `description:"Indicates if the public folder should be cleaned before publishing the website."`

-	// TODO: AllowPublish
 	// TODO: admin interface to cgange options
 }

@ -67,6 +66,10 @@ func (h hugo) BeforeAPI(c *filemanager.RequestContext, w http.ResponseWriter, r

 	// If we are creating a file built from an archetype.
 	if r.Header.Get("Archetype") != "" {
+		if !c.User.AllowNew {
+			return http.StatusForbidden, nil
+		}
+
 		filename := filepath.Join(string(c.User.FileSystem), r.URL.Path)
 		filename = strings.TrimPrefix(filename, "/")
 		archetype := r.Header.Get("archetype")
@ -92,6 +95,10 @@ func (h hugo) BeforeAPI(c *filemanager.RequestContext, w http.ResponseWriter, r

 	// If we are trying to regenerate the website.
 	if r.Header.Get("Regenerate") == "true" {
+		if !c.User.Permissions["allowPublish"] {
+			return http.StatusForbidden, nil
+		}
+
 		filename := filepath.Join(string(c.User.FileSystem), r.URL.Path)
 		filename = strings.TrimPrefix(filename, "/")

@ -120,6 +127,10 @@ func (h hugo) BeforeAPI(c *filemanager.RequestContext, w http.ResponseWriter, r
 	}

 	if r.Header.Get("Schedule") != "" {
+		if !c.User.Permissions["allowPublish"] {
+			return http.StatusForbidden, nil
+		}
+
 		return h.schedule(c, w, r)
 	}

--- a/caddy/hugo/hugo.js
+++ b/caddy/hugo/hugo.js
@ -82,8 +82,8 @@
              !data.store.state.loading &&
              data.store.state.req.metadata !== undefined &&
              data.store.state.req.metadata !== null &&
-              data.store.state.user.allowEdit)
-            // TODO: add allowPublish
+              data.store.state.user.allowEdit &
+              data.store.state.user.permissions.allowPublish)
          },
          click: function (event, data, route) {
            event.preventDefault()
@ -113,7 +113,8 @@
            return (data.store.state.req.kind === 'editor' &&
              !data.store.state.loading &&
              data.store.state.req.metadata !== undefined &&
-              data.store.state.req.metadata !== null)
+              data.store.state.req.metadata !== null &&
+              data.store.state.user.permissions.allowPublish)
          },
          click: function (event, data, route) {
            document.getElementById('save-button').click()
--- a/filemanager.go
+++ b/filemanager.go
@ -296,20 +296,17 @@ func (m *FileManager) RegisterPermission(name string, value bool) error {
 	m.DefaultUser.Permissions[name] = value

 	for _, u := range m.Users {
-		if u.Permissions == nil {
-			u.Permissions = map[string]bool{}
-		}
-
 		// Bypass the user if it is already defined.
 		if _, ok := u.Permissions[name]; ok {
 			continue
 		}

+		if u.Permissions == nil {
+			u.Permissions = m.DefaultUser.Permissions
+		}
+
 		if u.Admin {
 			u.Permissions[name] = true
-		} else {
-			u.Permissions[name] = value
-
 		}

 		err := m.db.Save(u)