liquid_feedback_frontend
changeset 1544:a0b791073159
Backout of changes on auth filter
author | bsw |
---|---|
date | Tue Oct 20 18:15:13 2020 +0200 (2020-10-20) |
parents | 3fac5fd201fe |
children | 26a1ed6bc9df |
files | app/main/_filter/21_auth.lua |
line diff
1.1 --- a/app/main/_filter/21_auth.lua Tue Oct 20 18:05:26 2020 +0200 1.2 +++ b/app/main/_filter/21_auth.lua Tue Oct 20 18:15:13 2020 +0200 1.3 @@ -56,70 +56,70 @@ 1.4 auth_needed = false 1.5 end 1.6 1.7 -if auth_needed then 1.8 - 1.9 - if app.session:has_access("anonymous") then 1.10 +if app.session:has_access("anonymous") then 1.11 1.12 - if 1.13 - module == "index" and view == "index" 1.14 - or module == "area" and view == "show" 1.15 - or module == "unit" and view == "show" 1.16 - or module == "policy" and view == "show" 1.17 - or module == "policy" and view == "list" 1.18 - or module == "issue" and view == "show" 1.19 - or module == "issue" and view == "history" 1.20 - or module == "initiative" and view == "show" 1.21 - or module == "initiative" and view == "history" 1.22 - or module == "suggestion" and view == "show" 1.23 - or module == "draft" and view == "diff" 1.24 - or module == "draft" and view == "show" 1.25 - or module == "file" and view == "show.jpg" 1.26 - or module == "index" and view == "search" 1.27 - or module == "index" and view == "usage_terms" 1.28 - or module == "help" and view == "introduction" 1.29 - or module == "style" 1.30 - then 1.31 - auth_needed = false 1.32 - end 1.33 - 1.34 + if 1.35 + module == "index" and view == "index" 1.36 + or module == "area" and view == "show" 1.37 + or module == "unit" and view == "show" 1.38 + or module == "policy" and view == "show" 1.39 + or module == "policy" and view == "list" 1.40 + or module == "issue" and view == "show" 1.41 + or module == "issue" and view == "history" 1.42 + or module == "initiative" and view == "show" 1.43 + or module == "initiative" and view == "history" 1.44 + or module == "suggestion" and view == "show" 1.45 + or module == "draft" and view == "diff" 1.46 + or module == "draft" and view == "show" 1.47 + or module == "file" and view == "show.jpg" 1.48 + or module == "index" and view == "search" 1.49 + or module == "index" and view == "usage_terms" 1.50 + or module == "help" and view == "introduction" 1.51 + or module == "style" 1.52 + then 1.53 + auth_needed = false 1.54 end 1.55 1.56 - if app.session:has_access("authors_pseudonymous") then 1.57 - if module == "member_image" and view == "show" and param.get("image_type") == "avatar" then 1.58 - auth_needed = false 1.59 - end 1.60 - end 1.61 +end 1.62 1.63 - if app.session:has_access("everything") then 1.64 - if module == "member_image" and view == "show" then 1.65 - auth_needed = false 1.66 - end 1.67 +if app.session:has_access("authors_pseudonymous") then 1.68 + if module == "member_image" and view == "show" and param.get("image_type") == "avatar" then 1.69 + auth_needed = false 1.70 end 1.71 +end 1.72 + 1.73 +if app.session:has_access("everything") then 1.74 + if module == "member_image" and view == "show" then 1.75 + auth_needed = false 1.76 + end 1.77 +end 1.78 1.79 - if app.session:has_access("all_pseudonymous") then 1.80 - if module == "vote" and view == "show_incoming" 1.81 - or module == "member" and view == "list" 1.82 - or module == "interest" and view == "show_incoming" 1.83 - or module == "vote" and view == "list" then 1.84 - auth_needed = false 1.85 - end 1.86 +if app.session:has_access("all_pseudonymous") then 1.87 + if module == "vote" and view == "show_incoming" 1.88 + or module == "member" and view == "list" 1.89 + or module == "interest" and view == "show_incoming" 1.90 + or module == "vote" and view == "list" then 1.91 + auth_needed = false 1.92 end 1.93 +end 1.94 1.95 - if app.session:has_access("everything") then 1.96 - if module == "member" and (view == "show" or view == "history") then 1.97 - auth_needed = false 1.98 - end 1.99 +if app.session:has_access("everything") then 1.100 + if module == "member" and (view == "show" or view == "history") then 1.101 + auth_needed = false 1.102 end 1.103 +end 1.104 1.105 - if app.session:has_access("anonymous") and not app.session.member_id and auth_needed and module == "index" and view == "index" then 1.106 - if config.single_unit_id then 1.107 - request.redirect{ module = "unit", view = "show", id = config.single_unit_id } 1.108 - else 1.109 - request.redirect{ module = "unit", view = "list" } 1.110 - end 1.111 - return 1.112 +if module == "sitemap" then 1.113 + auth_needed = false 1.114 +end 1.115 + 1.116 +if app.session:has_access("anonymous") and not app.session.member_id and auth_needed and module == "index" and view == "index" then 1.117 + if config.single_unit_id then 1.118 + request.redirect{ module = "unit", view = "show", id = config.single_unit_id } 1.119 + else 1.120 + request.redirect{ module = "unit", view = "list" } 1.121 end 1.122 - 1.123 + return 1.124 end 1.125 1.126 -- if not app.session.user_id then 1.127 @@ -127,7 +127,7 @@ 1.128 -- app.session.user_id = 1 1.129 -- end 1.130 1.131 -if auth_needed and not app.session.member then 1.132 +if auth_needed and app.session.member == nil then 1.133 trace.debug("Not authenticated yet.") 1.134 local params = json.object() 1.135 for key, val in pairs(request.get_param_strings()) do 1.136 @@ -150,7 +150,7 @@ 1.137 trace.debug("Member locked.") 1.138 request.redirect{ module = 'index', view = 'login' } 1.139 else 1.140 - if app.session and config.check_delegations_interval_hard and app.session.member_id and app.session.needs_delegation_check 1.141 + if config.check_delegations_interval_hard and app.session.member_id and app.session.needs_delegation_check 1.142 and not (module == "admin" or (module == "index" and ( 1.143 view == "check_delegations" 1.144 or action == "check_delegations"