This is the start of all changes needed to support entirely private
instances, where all blogs are only visible to other authenticated users
on an instance (ref T576). It begins by changing how Handler methods check an
endpoint's permissions.
- Renames UserLevelLEVEL consts to UserLevelLEVELType
- Adds UserLevelLEVEL funcs with same names as previous consts. Each
returns a UserLevel
- Adds a new UserLevelReader that restricts access based on app
configuration. This is now used on collections and posts.
- Changes routing a bit so static files are always accessible
store version output in new variable
slice output indexed from beginning instead of end. allowing for custom
build version numbers.
also fix weird spacing from tabs being two spaces wide, sorry :)
This moves `hostName` to the `Collection` struct, where it's needed. The
field is populated after successful `GetCollection...()` calls.
This isn't the cleanest way to do things, but it accomplishes the goal.
Eventually, we should accept the AppCfg to `GetCollection...()` calls,
or make them `App` methods, instead of `datastore` methods.
Ref T613
this bash script will download a new version, if any, and exrtact it to
a temporary location. Then copy the new files to the current directory
and restart the systemd service.
- Adds a new interface, Apper, that enables loading and persisting
instance-level data in new ways
- Converts some initialization funcs to methods
- Exports funcs and methods needed for intialization
- In general, moves a ton of stuff around
Overall, this should maintain all existing functionality, but with the
ability to now better manage a WF instance.
Ref T613
This ensures the writefreely pkg can be used in other applications that
need to load mysql themselves -- this can be done by building with the
tag: wflib
Ref T613
This adds a new `landing` value in the [app] section of config.ini.
If non-empty, unauthenticated users on multi-user instances will be
redirected to the path given there.
This closes T574
This solves the error 500 on the /api/me endpoint.
Replace token search query `=` with `LIKE` to fix sqlite complaining about
no valid tokens. Also checked with MySQL and it still works after the change.
this reorders the logic for checking authentication on post deletes to
first check for a provided edit token and after check for an access
token or auth'd user.
Previously, <h2>s in a post were the exact same size as post titles on
index pages (blog index, tag listing). This fixes that by reducing the
font-size of body h2's. Closes#82.
this moves the unmarshaling of a remote actor out into a new helper which
accounts for the possibility of a context being a list or a single entity.
i.e. a string or an object.
basics tests are provided for both situations
also go fmt'd the file activitypub.go
this moves the unmarshaling of a remote actor out into a new helper which
accounts for the possibility of a context being a list or a single entity.
i.e. a string or an object.
basics tests are provided for both situations
also go fmt'd the file activitypub.go