![[site community profile]](https://www.dreamwidth.org/img/comm_staff.png){kind=small}
[dw-free] Index for /security/
[commit: http://hg.dwscoalition.org/dw-free/rev/aad8d272cb59]
http://bugs.dwscoalition.org/show_bug.cgi?id=1581
Landing page for exampleusername.dreamwidth.org/security/...
Patch by![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
fu.
Files modified:
http://bugs.dwscoalition.org/show_bug.cgi?id=1581
Landing page for exampleusername.dreamwidth.org/security/...
Patch by
fu.Files modified:
- bin/upgrading/en.dat
- cgi-bin/Apache/LiveJournal.pm
- cgi-bin/LJ/User.pm
- views/journal/security.tt
- views/journal/security.tt.text
--------------------------------------------------------------------------------
diff -r a250438f2f6e -r aad8d272cb59 bin/upgrading/en.dat
--- a/bin/upgrading/en.dat Tue May 24 15:17:51 2011 +0800
+++ b/bin/upgrading/en.dat Tue May 24 16:25:27 2011 +0800
@@ -942,7 +942,7 @@
error.security.invalid=You have specified an invalid security setting, the access group you specified does not exist, or you are not a member of that group.
-error.security.name=Security Error
+error.security.name2=Security Filter Error
error.security.noarg=You must provide a security level to filter by.
diff -r a250438f2f6e -r aad8d272cb59 cgi-bin/Apache/LiveJournal.pm
--- a/cgi-bin/Apache/LiveJournal.pm Tue May 24 15:17:51 2011 +0800
+++ b/cgi-bin/Apache/LiveJournal.pm Tue May 24 16:25:27 2011 +0800
@@ -735,16 +735,12 @@
} elsif ($mode eq 'security') {
# tailing slash on here to prevent a second redirect after this one
return redir($r, LJ::journal_base($user) . "$uri/") unless $pe;
- if ($pe eq '/') {
- # do a 404 for now
- return 404;
- } else {
- # filtered lastn page
- $mode = 'lastn';
+ # filtered lastn page
+ $mode = 'lastn';
- # prepend /security so that lastn knows to do security filtering
- $pe = "/security$pe";
- }
+ # prepend /security so that lastn knows to do security filtering
+ $pe = "/security$pe";
+
}
} elsif (($vhost eq "users" || $vhost =~ /^other:/) &&
$uuri eq "/robots.txt") {
diff -r a250438f2f6e -r aad8d272cb59 cgi-bin/LJ/User.pm
--- a/cgi-bin/LJ/User.pm Tue May 24 15:17:51 2011 +0800
+++ b/cgi-bin/LJ/User.pm Tue May 24 16:25:27 2011 +0800
@@ -44,6 +44,7 @@
use DW::User::Edges;
use DW::InviteCodes::Promo;
use DW::SiteScheme;
+use DW::Template;
use LJ::Community;
use LJ::Subscription;
@@ -8693,7 +8694,7 @@
}
# do the same for security filtering
- elsif ( ( $view eq 'lastn' || $view eq 'read' ) && $opts->{pathextra} && $opts->{pathextra} =~ /^\/security\/(.+)$/ ) {
+ elsif ( ( $view eq 'lastn' || $view eq 'read' ) && $opts->{pathextra} && $opts->{pathextra} =~ /^\/security\/(.*)$/ ) {
$opts->{getargs}->{security} = LJ::durl($1);
$opts->{pathextra} = undef;
}
@@ -8858,18 +8859,71 @@
# validate the security filter
if (exists $opts->{getargs}->{security}) {
my $securityfilter = $opts->{getargs}->{security};
- return $error->( BML::ml( 'error.security.noarg' ), "404 Not Found", BML::ml( 'error.security.name' ) )
+
+ my $r = DW::Request->get;
+ my $security_err = sub {
+ my ( $args, %opts ) = @_;
+ $args->{header} ||= "error.security.name2";
+
+ my $status = $opts{status} || $r->NOT_FOUND;
+
+ my @levels;
+ my @groups;
+ # error message is an appropriate type to show the list
+ if ( $opts{show_list}
+ # viewing recent entries
+ && ( $view eq "lastn"
+ # or your own read page (can't see locked entries on others' read page anyway)
+ || ( $view eq "read" && $u->equals( $remote ) ) ) ) {
+
+ my $path = $view eq "read" ? "/read/security" : "/security";
+ @levels = ( { link => LJ::create_url( "$path/public", viewing_style => 1 ),
+ name => LJ::Lang::ml( "label.security.public" ) } );
+
+ if ( $u->is_comm ) {
+ push @levels, { link => LJ::create_url( "$path/access", viewing_style => 1 ),
+ name => LJ::Lang::ml( "label.security.members" ) }
+ if $remote && $remote->member_of( $u );
+
+ push @levels, { link => LJ::create_url( "$path/private", viewing_style => 1 ),
+ name => LJ::Lang::ml( "label.security.maintainers" ) }
+ if $remote && $remote->can_manage_other( $u );
+ } else {
+ push @levels, { link => LJ::create_url( "$path/access", viewing_style => 1 ),
+ name => LJ::Lang::ml( "label.security.accesslist" ) }
+ if $u->trusts( $remote );
+
+ push @levels, { link => LJ::create_url( "$path/private", viewing_style => 1 ),
+ name => LJ::Lang::ml( "label.security.accesslist" ) }
+ if $u->equals( $remote );
+ }
+
+ $args->{levels} = \@levels;
+
+ @groups = map { { link => LJ::create_url( "$path/group:" . $_->{groupname} ), name => $_->{groupname} } } $remote->trust_groups if $u->equals( $remote );
+ $args->{groups} = \@groups;
+ }
+
+ ${$opts->{handle_with_siteviews_ref}} = 1;
+ return DW::Template->template_string( "journal/security.tt",
+ $args,
+ {
+ status => $status,
+ }
+ );
+ };
+
+ return $security_err->( { message => undef, header => "/journal/security.tt.header" }, show_list => 1 )
unless $securityfilter;
- return $error->( BML::ml( 'error.security.nocap' ), "403 Forbidden", BML::ml( 'error.security.name' ) )
- unless LJ::get_cap($remote, "security_filter") || LJ::get_cap($u, "security_filter");
-
- # error if disabled
- return $error->( BML::ml( 'error.security.disabled' ), "404 Not Found", BML::ml( 'error.security.name' ) )
- unless LJ::is_enabled("security_filter");
+ return $security_err->( { message => "error.security.nocap" }, status => $r->FORBIDDEN )
+ unless LJ::get_cap( $remote, "security_filter" ) || LJ::get_cap( $u, "security_filter" );
+
+ return $security_err->( { message => "error.security.disabled" } )
+ unless LJ::is_enabled( "security_filter" );
# throw an error if we're rendering in S1, but not for renamed accounts
- return $error->( BML::ml( 'error.security.s1' ), "404 Not Found", BML::ml( 'error.security.name' ) )
+ return $security_err->( { message => "error.security.s1" } )
if $stylesys == 1 && $view ne 'data' && ! $u->is_redirect;
# check the filter itself
@@ -8888,9 +8942,8 @@
}
}
- return $error->( BML::ml( 'error.security.invalid' ), "404 Not Found", BML::ml( 'error.security.name' ) )
+ return $security_err->( { message => "error.security.invalid" }, show_list => 1 )
unless defined $opts->{securityfilter};
-
}
unless ( $geta->{'viewall'} && $remote && $remote->has_priv( "canview", "suspended" ) ||
diff -r a250438f2f6e -r aad8d272cb59 views/journal/security.tt
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/views/journal/security.tt Tue May 24 16:25:27 2011 +0800
@@ -0,0 +1,20 @@
+[% IF header %]<h1>[% header | ml %]</h1>[% END %]
+[% IF message %]<p>[% message | ml %]</p> [% END %]
+
+[% IF levels.size > 0 %]
+<p>[% ".filter.levels" | ml %]</p>
+<ul>
+ [% FOREACH level IN levels %]
+ <li><a href="[%level.link%]">[%level.name%]</a></li>
+ [% END %]
+</ul>
+[% END %]
+
+[% IF groups.size > 0 %]
+<p>[% ".filter.custom" | ml %]</p>
+<ul>
+ [% FOREACH group IN groups %]
+ <li><a href="[%group.link%]">[%group.name%]</a></li>
+ [% END %]
+</ul>
+[% END %]
diff -r a250438f2f6e -r aad8d272cb59 views/journal/security.tt.text
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/views/journal/security.tt.text Tue May 24 16:25:27 2011 +0800
@@ -0,0 +1,5 @@
+.filter.custom=You can also filter by your custom access groups:
+
+.filter.levels=You can filter entries by the following security level:
+
+.header=Filter by security
--------------------------------------------------------------------------------