New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Private instances #123
Private instances #123
Conversation
This is the start of all changes needed to support entirely private instances, where all blogs are only visible to other authenticated users on an instance (ref T576). It begins by changing how Handler methods check an endpoint's permissions. - Renames UserLevelLEVEL consts to UserLevelLEVELType - Adds UserLevelLEVEL funcs with same names as previous consts. Each returns a UserLevel - Adds a new UserLevelReader that restricts access based on app configuration. This is now used on collections and posts. - Changes routing a bit so static files are always accessible
This verifies that a user is authenticated before getting to the actual handler on API endpoints where a user is reading content. Ref T576
(on private instances) Ref T576
(for private instances) Ref T576
Previously, that func was duplicated here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
it's not from this PR but line 747 is unreachable
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
comments I don't know how to use GitHub's review feature :)
Previously, we just included the value of `ul`, which is a func. This now calls `ul()` and logs that value.
testing looks good running locally. I haven't tested federation though, did you want me to do that too? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
good to go unless you want me to test federation <> private
Thanks @robjloranger -- no need to test federation. Merging now! |
This changes the
private
config setting to make an instance entirely private. That is, when enabled, blogs will only be readable by other authenticated users on the same instance.It still needs a bit of testing, so it's a draft for now.
When finished, this closes T576.