Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

validation works better for deletion.

  • Loading branch information...
commit ce43ff2ed714f1c9b0233b6a13524877fcecd7d4 1 parent 338a2da
@jchris authored
View
2  couchapp.json
@@ -1,3 +1,3 @@
{
- "index" : "_list/index/recent-posts?descending=true&limit=5"
+ "index" : "_list/index/recent-posts?descending=true&limit=10"
}
View
7 lib/validate.js
@@ -15,9 +15,12 @@ exports.init = function(newDoc, oldDoc, userCtx, secObj) {
if (!should) v.forbidden(message);
}
-
+ v.isAuthor = function() {
+ return userCtx.roles.indexOf('author') != -1
+ };
+
v.isAdmin = function() {
- userCtx.roles.indexOf('_admin') != -1
+ return userCtx.roles.indexOf('_admin') != -1
};
v.require = function() {
View
18 templates/edit.html
@@ -86,26 +86,16 @@
},
success : function(resp) {
$("#saved").text("Saved _rev: "+resp.rev).fadeIn(500).fadeOut(6000);
- $('h1').html('Editing <a href="'+path.show('post',doc._id)+'">'+doc._id+'</a>');
+ $('h1').html('Editing <a href="'+path.show('post',resp.id)+'">'+resp.id+'</a>');
}
});
}
- })
-
- var formatBody = function(body, format) {
- if (format == 'markdown') {
- var converter = new Showdown.converter();
- return converter.makeHtml(body);
- } else if (format == 'textile') {
- return "superTextile(body);" // TODO use commonjs one
- } else {
- return body;
- }
- }
+ });
$("#preview").click(function() {
+ var markdown = app.require("vendor/markdown/lib/markdown");
var doc = postForm.localDoc();
- var html = formatBody(doc.body, doc.format);
+ var html = markdown.encode(doc.body);
$('#show-preview').html(html);
$('body').scrollTo('#show-preview', {duration: 500});
});
View
8 validate_doc_update.js
@@ -1,6 +1,9 @@
function (newDoc, oldDoc, userCtx, secObj) {
var v = require("lib/validate").init(newDoc, oldDoc, userCtx, secObj);
+ // admins can always delete
+ if ((v.isAdmin() || v.isAuthor()) && newDoc._deleted) return true;
+
v.unchanged("type");
v.unchanged("author");
v.unchanged("created_at");
@@ -12,10 +15,7 @@ function (newDoc, oldDoc, userCtx, secObj) {
if (!v.isAdmin(userCtx) && newDoc.author && newDoc.author != userCtx.name) {
v.unauthorized("Only "+newDoc.author+" may edit this document.");
}
-
- // admins can always delete
- if (v.isAdmin(userCtx) && newDoc._deleted) return true;
-
+
if (newDoc.type == 'post') {
v.require("created_at", "author", "body", "format", "title");
View
2  views/recent-posts/map.js
@@ -16,7 +16,7 @@ function(doc) {
// }
if (doc.type == "post") {
// var summary = (html.replace(/<(.|\n)*?>/g, '').substring(0,350) + '...');
- emit(doc.created_at, {
+ emit(new Date(doc.created_at), {
body : doc.body,
title : doc.title,
author : doc.author,
Please sign in to comment.
Something went wrong with that request. Please try again.