This solves the error 500 on the /api/me endpoint.
Replace token search query `=` with `LIKE` to fix sqlite complaining about
no valid tokens. Also checked with MySQL and it still works after the change.
Use the split argument list (slice) just for validation purposes
as it's substantially easier to do `.contains` in a string instead
of a slice. As such, pass the `configSections` arguments to
`Configure()` and check the existence of each one before showing
the options to the user.
An empty argument list is replaced by "server db app" so everything
is there negating the need to check anything else in `Configure()`.
In the same vein the default is "server db app".
The parsing is done in `app.go` alongside the other flags instead
of `main.go` as described in T657.
Add --sections flag to app.go according to T657, parse them
into a string array (check for invalid arguments and abort)
and pass them to Configure(). For now Configure() doesn't do
anything with them yet.
Previously, this would only run when configuring an instance for
single-user usage. Now it'll also run when configuring for multi-user
usage.
It also adds a log when the database has already been initialized.
This is the start of all changes needed to support entirely private
instances, where all blogs are only visible to other authenticated users
on an instance (ref T576). It begins by changing how Handler methods check an
endpoint's permissions.
- Renames UserLevelLEVEL consts to UserLevelLEVELType
- Adds UserLevelLEVEL funcs with same names as previous consts. Each
returns a UserLevel
- Adds a new UserLevelReader that restricts access based on app
configuration. This is now used on collections and posts.
- Changes routing a bit so static files are always accessible
store version output in new variable
slice output indexed from beginning instead of end. allowing for custom
build version numbers.
also fix weird spacing from tabs being two spaces wide, sorry :)
This moves `hostName` to the `Collection` struct, where it's needed. The
field is populated after successful `GetCollection...()` calls.
This isn't the cleanest way to do things, but it accomplishes the goal.
Eventually, we should accept the AppCfg to `GetCollection...()` calls,
or make them `App` methods, instead of `datastore` methods.
Ref T613
this bash script will download a new version, if any, and exrtact it to
a temporary location. Then copy the new files to the current directory
and restart the systemd service.
- Adds a new interface, Apper, that enables loading and persisting
instance-level data in new ways
- Converts some initialization funcs to methods
- Exports funcs and methods needed for intialization
- In general, moves a ton of stuff around
Overall, this should maintain all existing functionality, but with the
ability to now better manage a WF instance.
Ref T613
This ensures the writefreely pkg can be used in other applications that
need to load mysql themselves -- this can be done by building with the
tag: wflib
Ref T613
This adds a new `landing` value in the [app] section of config.ini.
If non-empty, unauthenticated users on multi-user instances will be
redirected to the path given there.
This closes T574
This solves the error 500 on the /api/me endpoint.
Replace token search query `=` with `LIKE` to fix sqlite complaining about
no valid tokens. Also checked with MySQL and it still works after the change.
this reorders the logic for checking authentication on post deletes to
first check for a provided edit token and after check for an access
token or auth'd user.
Previously, <h2>s in a post were the exact same size as post titles on
index pages (blog index, tag listing). This fixes that by reducing the
font-size of body h2's. Closes#82.