From b406b01465fea8a68df6490a412c3bfd4d740f6f Mon Sep 17 00:00:00 2001 From: Giraffaman Date: Fri, 5 Jan 2024 15:34:02 +0100 Subject: [PATCH] hide alias and autotagger menues for anonymous users - see #1 --- ext/alias_editor/main.php | 93 +++++++++++++++++++++------------------ ext/auto_tagger/main.php | 93 +++++++++++++++++++++------------------ 2 files changed, 98 insertions(+), 88 deletions(-) diff --git a/ext/alias_editor/main.php b/ext/alias_editor/main.php index c4c978425..08b3d6554 100644 --- a/ext/alias_editor/main.php +++ b/ext/alias_editor/main.php @@ -66,55 +66,60 @@ public function onPageRequest(PageRequestEvent $event) global $config, $database, $page, $user; if ($event->page_matches("alias")) { - if ($event->get_arg(0) == "add") { - if ($user->can(Permissions::MANAGE_ALIAS_LIST)) { - $user->ensure_authed(); - $input = validate_input(["c_oldtag" => "string", "c_newtag" => "string"]); - try { - send_event(new AddAliasEvent($input['c_oldtag'], $input['c_newtag'])); - $page->set_mode(PageMode::REDIRECT); - $page->set_redirect(make_link("alias/list")); - } catch (AddAliasException $ex) { - $this->theme->display_error(500, "Error adding alias", $ex->getMessage()); + if(!$user->is_logged_in()) { + $errMessage = "You must be registered and logged in to use aliases."; + $this->theme->display_error(403, "Error", $errMessage); + } else { + if ($event->get_arg(0) == "add") { + if ($user->can(Permissions::MANAGE_ALIAS_LIST)) { + $user->ensure_authed(); + $input = validate_input(["c_oldtag" => "string", "c_newtag" => "string"]); + try { + send_event(new AddAliasEvent($input['c_oldtag'], $input['c_newtag'])); + $page->set_mode(PageMode::REDIRECT); + $page->set_redirect(make_link("alias/list")); + } catch (AddAliasException $ex) { + $this->theme->display_error(500, "Error adding alias", $ex->getMessage()); + } } - } - } elseif ($event->get_arg(0) == "remove") { - if ($user->can(Permissions::MANAGE_ALIAS_LIST)) { - $user->ensure_authed(); - $input = validate_input(["d_oldtag" => "string"]); - send_event(new DeleteAliasEvent($input['d_oldtag'])); - $page->set_mode(PageMode::REDIRECT); - $page->set_redirect(make_link("alias/list")); - } - } elseif ($event->get_arg(0) == "list") { - $t = new AliasTable($database->raw_db()); - $t->token = $user->get_auth_token(); - $t->inputs = $_GET; - $t->size = $config->get_int('alias_items_per_page', 30); - if ($user->can(Permissions::MANAGE_ALIAS_LIST)) { - $t->create_url = make_link("alias/add"); - $t->delete_url = make_link("alias/remove"); - } - $this->theme->display_aliases($t->table($t->query()), $t->paginator()); - } elseif ($event->get_arg(0) == "export") { - $page->set_mode(PageMode::DATA); - $page->set_mime(MimeType::CSV); - $page->set_filename("aliases.csv"); - $page->set_data($this->get_alias_csv($database)); - } elseif ($event->get_arg(0) == "import") { - if ($user->can(Permissions::MANAGE_ALIAS_LIST)) { - if (count($_FILES) > 0) { - $tmp = $_FILES['alias_file']['tmp_name']; - $contents = file_get_contents($tmp); - $this->add_alias_csv($contents); - log_info("alias_editor", "Imported aliases from file", "Imported aliases"); # FIXME: how many? + } elseif ($event->get_arg(0) == "remove") { + if ($user->can(Permissions::MANAGE_ALIAS_LIST)) { + $user->ensure_authed(); + $input = validate_input(["d_oldtag" => "string"]); + send_event(new DeleteAliasEvent($input['d_oldtag'])); $page->set_mode(PageMode::REDIRECT); $page->set_redirect(make_link("alias/list")); + } + } elseif ($event->get_arg(0) == "list") { + $t = new AliasTable($database->raw_db()); + $t->token = $user->get_auth_token(); + $t->inputs = $_GET; + $t->size = $config->get_int('alias_items_per_page', 30); + if ($user->can(Permissions::MANAGE_ALIAS_LIST)) { + $t->create_url = make_link("alias/add"); + $t->delete_url = make_link("alias/remove"); + } + $this->theme->display_aliases($t->table($t->query()), $t->paginator()); + } elseif ($event->get_arg(0) == "export") { + $page->set_mode(PageMode::DATA); + $page->set_mime(MimeType::CSV); + $page->set_filename("aliases.csv"); + $page->set_data($this->get_alias_csv($database)); + } elseif ($event->get_arg(0) == "import") { + if ($user->can(Permissions::MANAGE_ALIAS_LIST)) { + if (count($_FILES) > 0) { + $tmp = $_FILES['alias_file']['tmp_name']; + $contents = file_get_contents($tmp); + $this->add_alias_csv($contents); + log_info("alias_editor", "Imported aliases from file", "Imported aliases"); # FIXME: how many? + $page->set_mode(PageMode::REDIRECT); + $page->set_redirect(make_link("alias/list")); + } else { + $this->theme->display_error(400, "No File Specified", "You have to upload a file"); + } } else { - $this->theme->display_error(400, "No File Specified", "You have to upload a file"); + $this->theme->display_error(401, "Admins Only", "Only admins can edit the alias list"); } - } else { - $this->theme->display_error(401, "Admins Only", "Only admins can edit the alias list"); } } } diff --git a/ext/auto_tagger/main.php b/ext/auto_tagger/main.php index fc2d860ac..03b3d2634 100644 --- a/ext/auto_tagger/main.php +++ b/ext/auto_tagger/main.php @@ -72,55 +72,60 @@ public function onPageRequest(PageRequestEvent $event) global $config, $database, $page, $user; if ($event->page_matches("auto_tag")) { - if ($event->get_arg(0) == "add") { - if ($user->can(Permissions::MANAGE_AUTO_TAG)) { - $user->ensure_authed(); - $input = validate_input(["c_tag" => "string", "c_additional_tags" => "string"]); - try { - send_event(new AddAutoTagEvent($input['c_tag'], $input['c_additional_tags'])); - $page->set_mode(PageMode::REDIRECT); - $page->set_redirect(make_link("auto_tag/list")); - } catch (AddAutoTagException $ex) { - $this->theme->display_error(500, "Error adding auto-tag", $ex->getMessage()); + if(!$user->is_logged_in()) { + $errMessage = "You must be registered and logged in to use auto-tagger."; + $this->theme->display_error(403, "Error", $errMessage); + } else { + if ($event->get_arg(0) == "add") { + if ($user->can(Permissions::MANAGE_AUTO_TAG)) { + $user->ensure_authed(); + $input = validate_input(["c_tag" => "string", "c_additional_tags" => "string"]); + try { + send_event(new AddAutoTagEvent($input['c_tag'], $input['c_additional_tags'])); + $page->set_mode(PageMode::REDIRECT); + $page->set_redirect(make_link("auto_tag/list")); + } catch (AddAutoTagException $ex) { + $this->theme->display_error(500, "Error adding auto-tag", $ex->getMessage()); + } } - } - } elseif ($event->get_arg(0) == "remove") { - if ($user->can(Permissions::MANAGE_AUTO_TAG)) { - $user->ensure_authed(); - $input = validate_input(["d_tag" => "string"]); - send_event(new DeleteAutoTagEvent($input['d_tag'])); - $page->set_mode(PageMode::REDIRECT); - $page->set_redirect(make_link("auto_tag/list")); - } - } elseif ($event->get_arg(0) == "list") { - $t = new AutoTaggerTable($database->raw_db()); - $t->token = $user->get_auth_token(); - $t->inputs = $_GET; - $t->size = $config->get_int(AutoTaggerConfig::ITEMS_PER_PAGE, 30); - if ($user->can(Permissions::MANAGE_AUTO_TAG)) { - $t->create_url = make_link("auto_tag/add"); - $t->delete_url = make_link("auto_tag/remove"); - } - $this->theme->display_auto_tagtable($t->table($t->query()), $t->paginator()); - } elseif ($event->get_arg(0) == "export") { - $page->set_mode(PageMode::DATA); - $page->set_mime(MimeType::CSV); - $page->set_filename("auto_tag.csv"); - $page->set_data($this->get_auto_tag_csv($database)); - } elseif ($event->get_arg(0) == "import") { - if ($user->can(Permissions::MANAGE_AUTO_TAG)) { - if (count($_FILES) > 0) { - $tmp = $_FILES['auto_tag_file']['tmp_name']; - $contents = file_get_contents($tmp); - $count = $this->add_auto_tag_csv($contents); - log_info(AutoTaggerInfo::KEY, "Imported $count auto-tag definitions from file from file", "Imported $count auto-tag definitions"); + } elseif ($event->get_arg(0) == "remove") { + if ($user->can(Permissions::MANAGE_AUTO_TAG)) { + $user->ensure_authed(); + $input = validate_input(["d_tag" => "string"]); + send_event(new DeleteAutoTagEvent($input['d_tag'])); $page->set_mode(PageMode::REDIRECT); $page->set_redirect(make_link("auto_tag/list")); + } + } elseif ($event->get_arg(0) == "list") { + $t = new AutoTaggerTable($database->raw_db()); + $t->token = $user->get_auth_token(); + $t->inputs = $_GET; + $t->size = $config->get_int(AutoTaggerConfig::ITEMS_PER_PAGE, 30); + if ($user->can(Permissions::MANAGE_AUTO_TAG)) { + $t->create_url = make_link("auto_tag/add"); + $t->delete_url = make_link("auto_tag/remove"); + } + $this->theme->display_auto_tagtable($t->table($t->query()), $t->paginator()); + } elseif ($event->get_arg(0) == "export") { + $page->set_mode(PageMode::DATA); + $page->set_mime(MimeType::CSV); + $page->set_filename("auto_tag.csv"); + $page->set_data($this->get_auto_tag_csv($database)); + } elseif ($event->get_arg(0) == "import") { + if ($user->can(Permissions::MANAGE_AUTO_TAG)) { + if (count($_FILES) > 0) { + $tmp = $_FILES['auto_tag_file']['tmp_name']; + $contents = file_get_contents($tmp); + $count = $this->add_auto_tag_csv($contents); + log_info(AutoTaggerInfo::KEY, "Imported $count auto-tag definitions from file from file", "Imported $count auto-tag definitions"); + $page->set_mode(PageMode::REDIRECT); + $page->set_redirect(make_link("auto_tag/list")); + } else { + $this->theme->display_error(400, "No File Specified", "You have to upload a file"); + } } else { - $this->theme->display_error(400, "No File Specified", "You have to upload a file"); + $this->theme->display_error(401, "Admins Only", "Only admins can edit the auto-tag list"); } - } else { - $this->theme->display_error(401, "Admins Only", "Only admins can edit the auto-tag list"); } } }