webapp/bookstack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2025-08-07 23:03:00 +03:00
Code Activity

Prevented guest users creating draft pages.

Browse Source
This commit is contained in:
Dan Brown
2016-09-29 15:56:57 +01:00
parent 771626b6ec
commit b662670efc
6 changed files with 93 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
resources/assets/js/controllers.js
View File

@@ -300,6 +300,7 @@ module.exports = function (ngApp, events) {
var isEdit = pageId !== 0;
var autosaveFrequency = 30; // AutoSave interval in seconds.
var isMarkdown = $attrs.editorType === 'markdown';
$scope.draftsEnabled = $attrs.draftsEnabled === 'true';
$scope.isUpdateDraft = Number($attrs.pageUpdateDraft) === 1;
$scope.isNewPageDraft = Number($attrs.pageNewDraft) === 1;
@@ -317,7 +318,7 @@ module.exports = function (ngApp, events) {
html: false
};
if (isEdit) {
if (isEdit && $scope.draftsEnabled) {
setTimeout(() => {
startAutoSave();
}, 1000);
@@ -366,6 +367,7 @@ module.exports = function (ngApp, events) {
* Save a draft update into the system via an AJAX request.
*/
function saveDraft() {
if (!$scope.draftsEnabled) return;
var data = {
name: $('#name').val(),
html: isMarkdown ? $sce.getTrustedHtml($scope.displayContent) : $scope.editContent

6
resources/views/pages/edit.blade.php
View File

@@ -23,10 +23,4 @@
@include('partials/image-manager', ['imageType' => 'gallery', 'uploaded_to' => $page->id])
@include('partials/entity-selector-popup')
<script>
(function() {
})();
</script>
@stop

13
resources/views/pages/form.blade.php
View File

@@ -1,7 +1,9 @@
<div class="page-editor flex-fill flex" ng-controller="PageEditController" editor-type="{{ setting('app-editor') }}" page-id="{{ $model->id or 0 }}" page-new-draft="{{ $model->draft or 0 }}" page-update-draft="{{ $model->isDraft or 0 }}">
<div class="page-editor flex-fill flex" ng-controller="PageEditController" drafts-enabled="{{ $draftsEnabled ? 'true' : 'false' }}" editor-type="{{ setting('app-editor') }}" page-id="{{ $model->id or 0 }}" page-new-draft="{{ $model->draft or 0 }}" page-update-draft="{{ $model->isDraft or 0 }}">
{{ csrf_field() }}
{{--Header Bar--}}
<div class="faded-small toolbar">
<div class="container">
<div class="row">
@@ -13,7 +15,7 @@
</div>
<div class="col-sm-4 faded text-center">
<div dropdown class="dropdown-container draft-display">
<div ng-show="draftsEnabled" dropdown class="dropdown-container draft-display">
<a dropdown-toggle class="text-primary text-button"><span class="faded-text" ng-bind="draftText"></span>&nbsp; <i class="zmdi zmdi-more-vert"></i></a>
<i class="zmdi zmdi-check-circle text-pos draft-notification" ng-class="{visible: draftUpdated}"></i>
<ul>
@@ -48,13 +50,17 @@
</div>
</div>
{{--Title input--}}
<div class="title-input page-title clearfix" ng-non-bindable>
<div class="input">
@include('form/text', ['name' => 'name', 'placeholder' => 'Page Title'])
</div>
</div>
{{--Editors--}}
<div class="edit-area flex-fill flex">
{{--WYSIWYG Editor--}}
@if(setting('app-editor') === 'wysiwyg')
<div tinymce="editorOptions" mce-change="editorChange" mce-model="editContent" class="flex-fill flex">
<textarea id="html-editor" name="html" rows="5" ng-non-bindable
@@ -66,6 +72,7 @@
@endif
@endif
{{--Markdown Editor--}}
@if(setting('app-editor') === 'markdown')
<div id="markdown-editor" markdown-editor class="flex-fill flex">
@@ -102,7 +109,7 @@
@if($errors->has('markdown'))
<div class="text-neg text-small">{{ $errors->first('markdown') }}</div>
@endif
@endif
</div>
</div>

25
resources/views/pages/guest-create.blade.php Normal file
View File

@@ -0,0 +1,25 @@
@extends('base')
@section('content')
<div class="container small" ng-non-bindable>
<h1>Create Page</h1>
<form action="{{ $parent->getUrl('/page/create/guest') }}" method="POST">
{!! csrf_field() !!}
<div class="form-group title-input">
<label for="name">Page Name</label>
@include('form/text', ['name' => 'name'])
</div>
<div class="form-group">
<a href="{{ $parent->getUrl() }}" class="button muted">Cancel</a>
<button type="submit" class="button pos">Continue</button>
</div>
</form>
</div>
@stop