fix: avoid making memos public when disabled (#2816)

* fix: avoid making memos public when disabled in v2 * fix: avoid making memos public when disabled in v1
2024-09-20 14:35:54 +08:00 · 2024-01-22 20:51:33 +08:00 · 2024-01-22 20:51:33 +08:00 · 3a129d5cfb
parent 024a818e91
commit 3a129d5cfb
2 changed files with 38 additions and 0 deletions
--- a/api/v1/memo.go
+++ b/api/v1/memo.go
@ -712,6 +712,36 @@ func (s *APIV1Service) UpdateMemo(c echo.Context) error {
 	if patchMemoRequest.Visibility != nil {
 		visibility := store.Visibility(patchMemoRequest.Visibility.String())
 		updateMemoMessage.Visibility = &visibility
+		// Find disable public memos system setting.
+		disablePublicMemosSystemSetting, err := s.Store.GetSystemSetting(ctx, &store.FindSystemSetting{
+			Name: SystemSettingDisablePublicMemosName.String(),
+		})
+		if err != nil {
+			return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find system setting").SetInternal(err)
+		}
+		if disablePublicMemosSystemSetting != nil {
+			disablePublicMemos := false
+			err = json.Unmarshal([]byte(disablePublicMemosSystemSetting.Value), &disablePublicMemos)
+			if err != nil {
+				return echo.NewHTTPError(http.StatusInternalServerError, "Failed to unmarshal system setting").SetInternal(err)
+			}
+			if disablePublicMemos {
+				user, err := s.Store.GetUser(ctx, &store.FindUser{
+					ID: &userID,
+				})
+				if err != nil {
+					return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find user").SetInternal(err)
+				}
+				if user == nil {
+					return echo.NewHTTPError(http.StatusNotFound, "User not found")
+				}
+				// Enforce normal user to save as private memo if public memos are disabled.
+				if user.Role == store.RoleUser {
+					visibility = store.Visibility("PRIVATE")
+					updateMemoMessage.Visibility = &visibility
+				}
+			}
+		}
 	}

 	err = s.Store.UpdateMemo(ctx, updateMemoMessage)
--- a/api/v2/memo_service.go
+++ b/api/v2/memo_service.go
@ -325,6 +325,14 @@ func (s *APIV2Service) UpdateMemo(ctx context.Context, request *apiv2pb.UpdateMe
 			}
 		} else if path == "visibility" {
 			visibility := convertVisibilityToStore(request.Memo.Visibility)
+			// Find disable public memos system setting.
+			disablePublicMemosSystem, err := s.getDisablePublicMemosSystemSettingValue(ctx)
+			if err != nil {
+				return nil, status.Errorf(codes.Internal, "failed to get system setting")
+			}
+			if disablePublicMemosSystem && visibility == store.Public {
+				return nil, status.Errorf(codes.PermissionDenied, "disable public memos system setting is enabled")
+			}
 			update.Visibility = &visibility
 		} else if path == "row_status" {
 			rowStatus := convertRowStatusToStore(request.Memo.RowStatus)