From e191e0afadb29c671f39b235a47caecc052a5b20 Mon Sep 17 00:00:00 2001 From: Griffin Smith Date: Thu, 23 Jul 2020 20:59:48 -0400 Subject: feat(web/panettone): Make issues visible publicly Make auth optional on the index, closed-issues, and view-issue pages, and only render the various buttons (close issue, new issue, make comment, etc.) if the user is authenticated. Fixes: #5 Change-Id: I0a2aaf4a7cc4c5ef0494cc183410f00d2a3b7e06 Reviewed-on: https://cl.tvl.fyi/c/depot/+/1414 Tested-by: BuildkiteCI Reviewed-by: tazjin --- web/panettone/src/panettone.lisp | 52 ++++++++++++++++++++++++---------------- 1 file changed, 31 insertions(+), 21 deletions(-) (limited to 'web/panettone/src') diff --git a/web/panettone/src/panettone.lisp b/web/panettone/src/panettone.lisp index 14010b8aa8d0..3ff3285052ef 100644 --- a/web/panettone/src/panettone.lisp +++ b/web/panettone/src/panettone.lisp @@ -288,9 +288,11 @@ updated issue" (render () (:header (:h1 "Issues") - (:a - :class "new-issue" - :href "/issues/new" "New Issue")) + (when *user* + (who:htm + (:a + :class "new-issue" + :href "/issues/new" "New Issue")))) (:main (:div :class "issue-links" @@ -357,20 +359,22 @@ updated issue" :class "issue-info" (created-by-at issue) - (:form :class "set-issue-status" - :method "post" - :action (format nil "/issues/~A/~A" - issue-id - (case issue-status - (:open "close") - (:closed "open"))) - (:input :type "submit" - :class (case issue-status - (:open "close-issue") - (:closed "open-issue")) - :value (case issue-status - (:open "Close") - (:closed "Reopen"))))) + (when *user* + (who:htm + (:form :class "set-issue-status" + :method "post" + :action (format nil "/issues/~A/~A" + issue-id + (case issue-status + (:open "close") + (:closed "open"))) + (:input :type "submit" + :class (case issue-status + (:open "close-issue") + (:closed "open-issue")) + :value (case issue-status + (:open "Close") + (:closed "Reopen"))))))) (:p (who:esc (body issue))) (let ((comments (issue-comments issue))) (who:htm @@ -388,7 +392,8 @@ updated issue" (who:esc (displayname author)) " at " (who:esc (format-dottime (created-at comment))))))))) - (render/new-comment (get-id issue))))))))) + (when *user* + (render/new-comment (get-id issue)))))))))) (defun render/not-found (entity-type) (render () @@ -398,6 +403,10 @@ updated issue" ;;; HTTP handlers ;;; +(defun @auth-optional (next) + (let ((*user* (hunchentoot:session-value 'user))) + (funcall next))) + (defun @auth (next) (if-let ((*user* (hunchentoot:session-value 'user))) (funcall next) @@ -425,11 +434,12 @@ updated issue" (hunchentoot:delete-session-value 'user) (hunchentoot:redirect "/")) -(defroute index ("/" :decorators (@auth)) () +(defroute index ("/" :decorators (@auth-optional)) () (let ((issues (open-issues *p-system*))) (render/index :issues issues))) -(defroute handle-closed-issues ("/issues/closed" :decorators (@auth)) () +(defroute handle-closed-issues + ("/issues/closed" :decorators (@auth-optional)) () (let ((issues (closed-issues *p-system*))) (render/closed-issues :issues issues))) @@ -450,7 +460,7 @@ updated issue" (cl-prevalence:snapshot *p-system*) (hunchentoot:redirect "/")))) -(defroute show-issue ("/issues/:id" :decorators (@auth)) +(defroute show-issue ("/issues/:id" :decorators (@auth-optional)) (&path (id 'integer)) (handler-case (let* ((issue (get-issue *p-system* id)) -- cgit 1.4.1