diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2023-09-14 20:23:33 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2023-09-14 20:23:33 +0200 |
| commit | bc5666cd27ee1172f89603982a44c143ceae08fd (patch) | |
| tree | 79996cc8aa67b70b8159aaef86a5634b7e8afaab /app/Controllers | |
| parent | 52d87c3eaa352b765e1be3c2c0b9a3ce0bfabdc8 (diff) | |
Fix labels in anonymous mode (#5650)
* Fix labels in anonymous mode
fix https://github.com/FreshRSS/FreshRSS/issues/4305
* Show all tags
* Revert "Show all tags"
This reverts commit 24dfba501729cea32943548bc829d3581883de50.
* Add message when no labels
* fixed no label style
* i18n de translation
* Fix in non-anomymous mode
* No class in anonymous mode
---------
Co-authored-by: maTh <1645099+math-GH@users.noreply.github.com>
Co-authored-by: math-gh <>
Diffstat (limited to 'app/Controllers')
| -rw-r--r-- | app/Controllers/tagController.php | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/app/Controllers/tagController.php b/app/Controllers/tagController.php index 68ef36111..4536e3f13 100644 --- a/app/Controllers/tagController.php +++ b/app/Controllers/tagController.php @@ -17,9 +17,6 @@ class FreshRSS_tag_Controller extends FreshRSS_ActionController { * underlying framework. */ public function firstAction(): void { - if (!FreshRSS_Auth::hasAccess()) { - Minz_Error::error(403); - } // If ajax request, we do not print layout $this->ajax = Minz_Request::paramBoolean('ajax'); if ($this->ajax) { @@ -32,6 +29,9 @@ class FreshRSS_tag_Controller extends FreshRSS_ActionController { * This action adds (checked=true) or removes (checked=false) a tag to an entry. */ public function tagEntryAction(): void { + if (!FreshRSS_Auth::hasAccess()) { + Minz_Error::error(403); + } if (Minz_Request::isPost()) { $id_tag = Minz_Request::paramInt('id_tag'); $name_tag = Minz_Request::paramString('name_tag'); @@ -64,6 +64,9 @@ class FreshRSS_tag_Controller extends FreshRSS_ActionController { } public function deleteAction(): void { + if (!FreshRSS_Auth::hasAccess()) { + Minz_Error::error(403); + } if (Minz_Request::isPost()) { $id_tag = Minz_Request::paramInt('id_tag'); if ($id_tag !== 0) { @@ -82,6 +85,9 @@ class FreshRSS_tag_Controller extends FreshRSS_ActionController { } public function getTagsForEntryAction(): void { + if (!FreshRSS_Auth::hasAccess() && !FreshRSS_Context::$system_conf->allow_anonymous) { + Minz_Error::error(403); + } $this->view->_layout(null); header('Content-Type: application/json; charset=UTF-8'); header('Cache-Control: private, no-cache, no-store, must-revalidate'); @@ -91,6 +97,9 @@ class FreshRSS_tag_Controller extends FreshRSS_ActionController { } public function addAction(): void { + if (!FreshRSS_Auth::hasAccess()) { + Minz_Error::error(403); + } if (!Minz_Request::isPost()) { Minz_Error::error(405); } @@ -110,6 +119,9 @@ class FreshRSS_tag_Controller extends FreshRSS_ActionController { * @throws Minz_PDOConnectionException|JsonException */ public function renameAction(): void { + if (!FreshRSS_Auth::hasAccess()) { + Minz_Error::error(403); + } if (!Minz_Request::isPost()) { Minz_Error::error(405); } @@ -139,6 +151,9 @@ class FreshRSS_tag_Controller extends FreshRSS_ActionController { } public function indexAction(): void { + if (!FreshRSS_Auth::hasAccess()) { + Minz_Error::error(403); + } $tagDAO = FreshRSS_Factory::createTagDao(); $this->view->tags = $tagDAO->listTags() ?: []; } |