mirror of
https://github.com/Jermolene/TiddlyWiki5
synced 2025-01-24 16:06:58 +00:00
316bd65296
* mws authentication * add more tests and permission checkers * add logic to ensure that only authenticated users' requests are handled * add custom login page * Implement user authentication as well as session handling * work on user operations authorization * add middleware to route handlers for bags & tiddlers routes * add feature that only returns the tiddlers and bags which the user has permission to access on index page * refactor auth routes & added user management page * fix Ci Test failure issue * fix users list page, add manage roles page * add commands and scripts to create new user & assign roles and permissions * resolved ci-test failure * add ACL permissions to bags & tiddlers on creation * fix comments and access control list bug * fix indentation issues * working on user profile edit * remove list users command & added support for database in server options * implement user profile update and password change feature * update plugin readme * implement command which triggers protected mode on the server * revert server-wide auth flag. Implement selective authorization * ACL management feature * Complete Access control list implementation * Added support to manage users' assigned role by admin * fix comments * fix comment * Add user profile management and account deletion functionality * add success and error message feedback for user profile operations * fix indentation issues * Add command to create admin user if none exists when the start command is executed * refactor annonymous user flow with create admin implementation * remove mws-add-user from start command
54 lines
2.0 KiB
JavaScript
54 lines
2.0 KiB
JavaScript
/*\
|
|
title: $:/plugins/tiddlywiki/multiwikiserver/routes/handlers/get-index.js
|
|
type: application/javascript
|
|
module-type: mws-route
|
|
|
|
GET /?show_system=true
|
|
|
|
\*/
|
|
(function() {
|
|
|
|
/*jslint node: true, browser: true */
|
|
/*global $tw: false */
|
|
"use strict";
|
|
|
|
exports.method = "GET";
|
|
|
|
exports.path = /^\/$/;
|
|
|
|
exports.handler = function(request,response,state) {
|
|
// Get the bag and recipe information
|
|
var bagList = $tw.mws.store.listBags(),
|
|
recipeList = $tw.mws.store.listRecipes(),
|
|
sqlTiddlerDatabase = state.server.sqlTiddlerDatabase;
|
|
|
|
// If application/json is requested then this is an API request, and gets the response in JSON
|
|
if(request.headers.accept && request.headers.accept.indexOf("application/json") !== -1) {
|
|
state.sendResponse(200,{"Content-Type": "application/json"},JSON.stringify(recipes),"utf8");
|
|
} else {
|
|
// This is not a JSON API request, we should return the raw tiddler content
|
|
response.writeHead(200, "OK",{
|
|
"Content-Type": "text/html"
|
|
});
|
|
// filter bags and recipies by user's read access from ACL
|
|
var allowedRecipes = recipeList.filter(recipe => sqlTiddlerDatabase.hasRecipePermission(state.authenticatedUser?.user_id, recipe.recipe_name, 'READ'));
|
|
var allowedBags = bagList.filter(bag => sqlTiddlerDatabase.hasBagPermission(state.authenticatedUser?.user_id, bag.bag_name, 'READ'));
|
|
|
|
// Render the html
|
|
var html = $tw.mws.store.adminWiki.renderTiddler("text/plain","$:/plugins/tiddlywiki/multiwikiserver/templates/page",{
|
|
variables: {
|
|
"show-system": state.queryParameters.show_system || "off",
|
|
"page-content": "$:/plugins/tiddlywiki/multiwikiserver/templates/get-index",
|
|
"bag-list": JSON.stringify(allowedBags),
|
|
"recipe-list": JSON.stringify(allowedRecipes),
|
|
"username": state.authenticatedUser ? state.authenticatedUser.username : state.firstGuestUser ? "Annonymous User" : "Guest",
|
|
"user-is-admin": state.authenticatedUser && state.authenticatedUser.isAdmin ? "yes" : "no",
|
|
"first-guest-user": state.firstGuestUser ? "yes" : "no"
|
|
}});
|
|
response.write(html);
|
|
response.end();
|
|
}
|
|
};
|
|
|
|
}());
|