lsm/mindoc
1
0
Fork 0
mirror of https://github.com/mindoc-org/mindoc.git synced 2025-05-07 07:13:41 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix:修复Token无法访问文档的BUG

Browse Source
This commit is contained in:
lifei6671 2018-12-03 11:43:12 +08:00
parent a515cab3ca
commit 329b87c685
1 changed files with 35 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
controllers/DocumentController.go
View File

@ -1237,6 +1237,7 @@ func (c *DocumentController) isReadable(identify, token string) *models.BookResu
}
// 如果文档是私有的
if book.PrivatelyOwned == 1 && (!c.isUserLoggedIn() || !c.Member.IsAdministrator()) {
if s,ok := c.GetSession(identify).(string); !ok || (!strings.EqualFold(s,book.PrivateToken) && !strings.EqualFold(s,book.BookPassword)) {
if book.PrivateToken != "" && !isOk && token != "" {
// 如果有访问的 Token并且该项目设置了访问 Token并且和用户提供的相匹配则记录到 Session 中。
@ -1245,6 +1246,7 @@ func (c *DocumentController) isReadable(identify, token string) *models.BookResu
if token != "" && strings.EqualFold(token, book.PrivateToken) {
c.SetSession(identify, token)
} else if token, ok := c.GetSession(identify).(string); !ok || !strings.EqualFold(token, book.PrivateToken) {
beego.Info("尝试访问文档但权限不足 ->", identify, token)
c.ShowErrorPage(403, "权限不足")
}
} else if password := c.GetString("bPassword", ""); !isOk && book.BookPassword != "" && password != "" {
@ -1269,10 +1271,12 @@ func (c *DocumentController) isReadable(identify, token string) *models.BookResu
c.CustomAbort(200, body)
}
} else {
beego.Info("尝试访问文档但权限不足 ->", identify, token)
c.ShowErrorPage(403, "权限不足")
}
}
}
}
return bookResult
}