Mercurial > hgrepos > hgweb.cgi > s4

changeset 64:54bbd7ce3766

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Inhibit non-group-member from *handout
author HIROSE Yuuji <yuuji@gentei.org>
date Mon, 27 Jul 2015 22:12:16 +0900
parents da23cad20e4a
children 3229b05617a3
files s4-blog.sh
diffstat 1 files changed, 12 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/s4-blog.sh	Mon Jul 27 17:37:30 2015 +0900
+++ b/s4-blog.sh	Mon Jul 27 22:12:16 2015 +0900
@@ -58,6 +58,7 @@
   ts=${tbl}_s tm=${tbl}_m
   at=article as=article_s am=article_m
   serial=$(($(date +%s)-1420038000))s$$
+  blog_writable $rowid $user && iswritable=true || iswritable=false
   # This function grasps blog entry definiton directly.
   # blog:   id
   # blog_s: title,ctime,heading
@@ -76,8 +77,10 @@
 EOF
 
   href="<a href=\"?editheading+$rowid\"> 編集 </a>"
-  href2="<a href=\"?lshandout+$rowid\"> 提出状況 </a>"
-  href3="(<a href=\"?gethandout+$rowid\">ファイル取得</a>)"
+  if $iswritable; then
+    href2="<a href=\"?lshandout+$rowid\"> 提出状況 </a>"
+    href3="(<a href=\"?gethandout+$rowid\">ファイル取得</a>)"
+  fi
   cat<<EOF | sq -html $db \
       | sed -e "s|\(<TR><TD>\),e,|\1 $href |" \
 	    -e "s|,s,\(</TD>\)|$href2$href3\1|"
@@ -191,7 +194,7 @@
   echo "</table>"
 
   
-  blog_writable $rowid $user && cat<<EOF
+  $iswritable && cat<<EOF
 <div class="blogcomment">
 <p>コメント記入</p>
 <input type="hidden" name="blogid" value="$id">
@@ -208,6 +211,9 @@
 
 lshandout() {
   # $1=rowid of blog
+  if ! blog_writable $1 $user; then
+    echo "メンバー以外は利用できません。" | html p; return
+  fi
   time=`getvalbyid blog ctime $1|colrm 11`
   owner=`getvalbyid blog owner $1`
   title=`getvalbyid blog title $1`
@@ -251,6 +257,9 @@
 }
 gethandout() {
   # $1=rowid of blog
+  if ! blog_writable $1 $user; then
+    echo "メンバー以外は利用できません。" | html p; return
+  fi
   i=0
   bd=$tmpd/archive.$$
   mkdir $bd

yatex.org