Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-01 03:26:04 +01:00
Code Issues Packages Projects Releases Wiki Activity

#2477 403 page

Browse Source
This commit is contained in:
barisusakli
2014-12-01 21:07:23 -05:00
parent be11577aa4
commit ddd6ed9e8c
7 changed files with 19 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
public/language/en_GB/global.json
View File

@@ -3,7 +3,8 @@
"search": "Search", "search": "Search",
"buttons.close": "Close", "buttons.close": "Close",
"403.title": "Access Denied", "403.title": "Access Denied",
"403.message": "You seem to have stumbled upon a page that you do not have access to. Perhaps you should <a href='/login'>try logging in</a>?", "403.message": "You seem to have stumbled upon a page that you do not have access to.",
"403.login": "Perhaps you should <a href='/login'>try logging in</a>?",
"404.title": "Not Found", "404.title": "Not Found",
"404.message": "You seem to have stumbled upon a page that does not exist. Return to the <a href='/'>home page</a>.", "404.message": "You seem to have stumbled upon a page that does not exist. Return to the <a href='/'>home page</a>.",
"500.title": "Internal error.", "500.title": "Internal error.",

8
public/src/ajaxify.js
View File

@@ -28,15 +28,12 @@ $(document).ready(function() {
textStatus = err.textStatus; textStatus = err.textStatus;
if (data) { if (data) {
if (data.status === 404 || data.status === 500) { if (data.status === 403 || data.status === 404 || data.status === 500) {
$('#footer, #content').removeClass('hide').addClass('ajaxifying'); $('#footer, #content').removeClass('hide').addClass('ajaxifying');
return renderTemplate(url, data.status.toString(), data.responseJSON, (new Date()).getTime(), callback); return renderTemplate(url, data.status.toString(), data.responseJSON, (new Date()).getTime(), callback);
} else if (data.status === 401) { } else if (data.status === 401) {
app.alertError('[[global:please_log_in]]'); app.alertError('[[global:please_log_in]]');
return ajaxify.go('login'); return ajaxify.go('login');
} else if (data.status === 403) {
$('#content, #footer').removeClass('ajaxifying');
app.alertError('[[error:no-privileges]]');
} else if (data.status === 302) { } else if (data.status === 302) {
return ajaxify.go(data.responseJSON.slice(1), callback, quiet); return ajaxify.go(data.responseJSON.slice(1), callback, quiet);
} }
@@ -70,7 +67,7 @@ $(document).ready(function() {
if (ajaxify.isTemplateAvailable(tpl_url) && !!!templatesModule.config.force_refresh[tpl_url]) { if (ajaxify.isTemplateAvailable(tpl_url) && !!!templatesModule.config.force_refresh[tpl_url]) {
ajaxify.currentPage = url; ajaxify.currentPage = url;
if (window.history && window.history.pushState && url !== '404') { if (window.history && window.history.pushState) {
window.history[!quiet ? 'pushState' : 'replaceState']({ window.history[!quiet ? 'pushState' : 'replaceState']({
url: url + hash url: url + hash
}, url, RELATIVE_PATH + '/' + url + hash); }, url, RELATIVE_PATH + '/' + url + hash);
@@ -219,7 +216,6 @@ $(document).ready(function() {
cache: false, cache: false,
success: function(data) { success: function(data) {
if (!data) { if (!data) {
ajaxify.go('404');
return; return;
} }

6
src/controllers/helpers.js
View File

@@ -12,14 +12,14 @@ helpers.notFound = function(req, res, error) {
} }
}; };
helpers.notAllowed = function(req, res) { helpers.notAllowed = function(req, res, error) {
var uid = req.user ? req.user.uid : 0; var uid = req.user ? req.user.uid : 0;
if (uid) { if (uid) {
if (res.locals.isAPI) { if (res.locals.isAPI) {
res.status(403).json('not-allowed'); res.status(403).json({path: req.path.replace(/^\/api/, ''), loggedIn: !!uid, error: error});
} else { } else {
res.status(403).render('403'); res.status(403).render('403', {path: req.path, loggedIn: !!uid, error: error});
} }
} else { } else {
if (res.locals.isAPI) { if (res.locals.isAPI) {

15
src/middleware/admin.js
View File

@@ -10,27 +10,22 @@ var app,
plugins = require('../plugins'), plugins = require('../plugins'),
controllers = { controllers = {
api: require('../controllers/api') api: require('../controllers/api'),
helpers: require('../controllers/helpers')
}; };
middleware.isAdmin = function(req, res, next) { middleware.isAdmin = function(req, res, next) {
if (!req.user) { if (!req.user) {
return res.status(404).json({ return controllers.helpers.notAllowed(req, res);
error: 'not-found'
});
} }
user.isAdministrator((req.user && req.user.uid) ? req.user.uid : 0, function (err, isAdmin) { user.isAdministrator((req.user && req.user.uid) ? req.user.uid : 0, function (err, isAdmin) {
if (err) { if (err || isAdmin) {
return next(err); return next(err);
} }
if (!isAdmin) { controllers.helpers.notAllowed(req, res);
res.status(403).redirect(nconf.get('relative_path') + '/403');
} else {
next();
}
}); });
}; };

4
src/routes/admin.js
View File

@@ -22,9 +22,6 @@ function adminRouter(middleware, controllers) {
var router = express.Router(); var router = express.Router();
router.use(middleware.applyCSRF); router.use(middleware.applyCSRF);
router.use(middleware.admin.buildHeader);
router.get('/', controllers.admin.home);
addRoutes(router, middleware, controllers); addRoutes(router, middleware, controllers);
@@ -42,6 +39,7 @@ function apiRouter(middleware, controllers) {
} }
function addRoutes(router, middleware, controllers) { function addRoutes(router, middleware, controllers) {
router.get('/', controllers.admin.home);
router.get('/general/dashboard', controllers.admin.home); router.get('/general/dashboard', controllers.admin.home);
router.get('/general/languages', controllers.admin.languages.get); router.get('/general/languages', controllers.admin.languages.get);
router.get('/general/sounds', controllers.admin.sounds.get); router.get('/general/sounds', controllers.admin.sounds.get);

4
src/routes/index.js
View File

@@ -119,8 +119,8 @@ module.exports = function(app, middleware) {
app.use(middleware.maintenanceMode); app.use(middleware.maintenanceMode);
app.all(relativePath + '/api/?*', middleware.prepareAPI); app.all(relativePath + '/api/?*', middleware.prepareAPI);
app.all(relativePath + '/api/admin/*', middleware.admin.isAdmin, middleware.prepareAPI); app.all(relativePath + '/api/admin/?*', middleware.admin.isAdmin, middleware.prepareAPI);
app.all(relativePath + '/admin/?*', middleware.ensureLoggedIn, middleware.admin.isAdmin); app.all(relativePath + '/admin/?*', middleware.ensureLoggedIn, middleware.buildHeader, middleware.admin.isAdmin);
adminRoutes(router, middleware, controllers); adminRoutes(router, middleware, controllers);
metaRoutes(router, middleware, controllers); metaRoutes(router, middleware, controllers);

4
src/views/403.tpl
View File

@@ -5,4 +5,8 @@
<!-- ELSE --> <!-- ELSE -->
<p>[[global:403.message]]</p> <p>[[global:403.message]]</p>
<!-- ENDIF error --> <!-- ENDIF error -->
<!-- IF !loggedIn -->
<p>[[global:403.login]]</p>
<!-- ENDIF !loggedIn -->
</div> </div>