mirror of
https://github.com/usememos/memos.git
synced 2024-09-20 14:35:54 +08:00
fix: avoid making memos public when disabled (#2816)
* fix: avoid making memos public when disabled in v2 * fix: avoid making memos public when disabled in v1
This commit is contained in:
parent
024a818e91
commit
3a129d5cfb
|
@ -712,6 +712,36 @@ func (s *APIV1Service) UpdateMemo(c echo.Context) error {
|
|||
if patchMemoRequest.Visibility != nil {
|
||||
visibility := store.Visibility(patchMemoRequest.Visibility.String())
|
||||
updateMemoMessage.Visibility = &visibility
|
||||
// Find disable public memos system setting.
|
||||
disablePublicMemosSystemSetting, err := s.Store.GetSystemSetting(ctx, &store.FindSystemSetting{
|
||||
Name: SystemSettingDisablePublicMemosName.String(),
|
||||
})
|
||||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find system setting").SetInternal(err)
|
||||
}
|
||||
if disablePublicMemosSystemSetting != nil {
|
||||
disablePublicMemos := false
|
||||
err = json.Unmarshal([]byte(disablePublicMemosSystemSetting.Value), &disablePublicMemos)
|
||||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to unmarshal system setting").SetInternal(err)
|
||||
}
|
||||
if disablePublicMemos {
|
||||
user, err := s.Store.GetUser(ctx, &store.FindUser{
|
||||
ID: &userID,
|
||||
})
|
||||
if err != nil {
|
||||
return echo.NewHTTPError(http.StatusInternalServerError, "Failed to find user").SetInternal(err)
|
||||
}
|
||||
if user == nil {
|
||||
return echo.NewHTTPError(http.StatusNotFound, "User not found")
|
||||
}
|
||||
// Enforce normal user to save as private memo if public memos are disabled.
|
||||
if user.Role == store.RoleUser {
|
||||
visibility = store.Visibility("PRIVATE")
|
||||
updateMemoMessage.Visibility = &visibility
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
err = s.Store.UpdateMemo(ctx, updateMemoMessage)
|
||||
|
|
|
@ -325,6 +325,14 @@ func (s *APIV2Service) UpdateMemo(ctx context.Context, request *apiv2pb.UpdateMe
|
|||
}
|
||||
} else if path == "visibility" {
|
||||
visibility := convertVisibilityToStore(request.Memo.Visibility)
|
||||
// Find disable public memos system setting.
|
||||
disablePublicMemosSystem, err := s.getDisablePublicMemosSystemSettingValue(ctx)
|
||||
if err != nil {
|
||||
return nil, status.Errorf(codes.Internal, "failed to get system setting")
|
||||
}
|
||||
if disablePublicMemosSystem && visibility == store.Public {
|
||||
return nil, status.Errorf(codes.PermissionDenied, "disable public memos system setting is enabled")
|
||||
}
|
||||
update.Visibility = &visibility
|
||||
} else if path == "row_status" {
|
||||
rowStatus := convertRowStatusToStore(request.Memo.RowStatus)
|
||||
|
|
Loading…
Reference in a new issue