[paste-web/sticky-notes] Lock down things but keep public pastes working

From: Bartłomiej Piotrowski <bpiotrowski src gnome org>
To: commits-list gnome org
Cc:
Subject: [paste-web/sticky-notes] Lock down things but keep public pastes working
Date: Thu, 30 Apr 2020 09:31:58 +0000 (UTC)

commit e4a666412dba42a28ff9fc166647382eabba7b93
Author: Bartłomiej Piotrowski <bpiotrowski gnome org>
Date:   Thu Apr 30 11:31:53 2020 +0200

    Lock down things but keep public pastes working

 app/config/menus.php | 11 ++++++-----
 app/filters.php      |  2 +-
 2 files changed, 7 insertions(+), 6 deletions(-)
---
diff --git a/app/config/menus.php b/app/config/menus.php
index 0ae3e37e..30545b41 100755
--- a/app/config/menus.php
+++ b/app/config/menus.php
@@ -38,7 +38,7 @@ return array(
                'all'               => array(
                        'label'         => 'global.archives',
                        'icon'          => 'list',
-                       'visible'       => '!config.pasteVisibility=private|role.admin'
+                       'visible'       => 'role.admin'
                ),
 
                'trending'          => array(
@@ -70,26 +70,27 @@ return array(
                'trending'          => array(
                        'label'         => 'list.filter_now',
                        'visible'       => '!config.pasteVisibility=private|role.admin'
+                       'visible'       => 'role.admin'
                ),
 
                'trending/week'     => array(
                        'label'         => 'list.filter_week',
-                       'visible'       => '!config.pasteVisibility=private|role.admin'
+                       'visible'       => 'role.admin'
                ),
 
                'trending/month'    => array(
                        'label'         => 'list.filter_month',
-                       'visible'       => '!config.pasteVisibility=private|role.admin'
+                       'visible'       => 'role.admin'
                ),
 
                'trending/year'     => array(
                        'label'         => 'list.filter_year',
-                       'visible'       => '!config.pasteVisibility=private|role.admin'
+                       'visible'       => 'role.admin'
                ),
 
                'trending/all'      => array(
                        'label'         => 'list.filter_all',
-                       'visible'       => '!config.pasteVisibility=private|role.admin'
+                       'visible'       => 'role.admin'
                ),
 
        ),
diff --git a/app/filters.php b/app/filters.php
index dbd7095e..a9b9c5f0 100755
--- a/app/filters.php
+++ b/app/filters.php
@@ -158,7 +158,7 @@ Route::filter('admin', function()
 
 Route::filter('private', function()
 {
-       if (Site::config('general')->pasteVisibility == 'private' AND ! Auth::roles()->admin)
+       if (! Auth::roles()->admin)
        {
                App::abort(403); // Forbidden
        }

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]