hamlab/mobilizon-frontend
2
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Fix search exposing events to unlogged users

Browse Source 
Closes #892

Signed-off-by: Thomas Citharel <tcit@tcit.fr>
This commit is contained in:
Thomas Citharel
2021-11-08 18:46:04 +01:00
parent 729a6a7113
commit 3961a2067b
6 changed files with 78 additions and 36 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
js/src/components/Event/FullAddressAutoComplete.vue
View File

@@ -9,19 +9,19 @@
>
<template slot="label">
{{ actualLabel }}
<span
class="is-size-6 has-text-weight-normal"
v-if="gettingLocation"
>{{ $t("Getting location") }}</span
>
</template>
<p class="control" v-if="canShowLocateMeButton && !gettingLocation">
<b-button
v-if="canShowLocateMeButton && !gettingLocation"
size="is-small"
icon-right="map-marker"
@click="locateMe"
:title="$t('Use my location')"
/>
<span
class="is-size-6 has-text-weight-normal"
v-else-if="gettingLocation"
>{{ $t("Getting location") }}</span
>
</template>
</p>
<b-autocomplete
:data="addressData"
v-model="queryText"
@@ -29,7 +29,7 @@
field="fullName"
:loading="isFetching"
@typing="fetchAsyncData"
icon="map-marker"
:icon="canShowLocateMeButton ? null : 'map-marker'"
expanded
@select="updateSelected"
v-bind="$attrs"
@@ -71,7 +71,10 @@
:title="$t('Clear address field')"
/>
</b-field>
<div class="card" v-if="selected.originId || selected.url">
<div
class="card"
v-if="!hideSelected && (selected.originId || selected.url)"
>
<div class="card-content">
<address-info
:address="selected"
@@ -119,6 +122,8 @@ export default class FullAddressAutoComplete extends Mixins(
@Prop({ required: false }) userTimezone!: string;
@Prop({ required: false, default: false, type: Boolean }) disabled!: boolean;
@Prop({ required: false, default: false, type: Boolean }) hideMap!: boolean;
@Prop({ required: false, default: false, type: Boolean })
hideSelected!: boolean;
addressModalActive = false;

32
js/src/views/Search.vue
View File

@@ -34,6 +34,8 @@
ref="aac"
:placeholder="$t('For instance: London')"
@input="locchange"
:hideMap="true"
:hideSelected="true"
/>
<b-field
:label="$t('Radius')"
@@ -144,9 +146,16 @@
</b-pagination>
</div>
</div>
<b-message v-else-if="$apollo.loading === false" type="is-danger">{{
$t("No events found")
}}</b-message>
<b-message v-else-if="$apollo.loading === false" type="is-danger">
<p>{{ $t("No events found") }}</p>
<p v-if="searchIsUrl && !currentUser.id">
{{
$t(
"Only registered users may fetch remote events from their URL."
)
}}
</p>
</b-message>
</b-tab-item>
<b-tab-item v-if="!tag">
<template slot="header">
@@ -211,6 +220,8 @@ import MultiGroupCard from "../components/Group/MultiGroupCard.vue";
import { CONFIG } from "../graphql/config";
import { REVERSE_GEOCODE } from "../graphql/address";
import debounce from "lodash/debounce";
import { CURRENT_USER_CLIENT } from "@/graphql/user";
import { ICurrentUser } from "@/types/current-user.model";
interface ISearchTimeOption {
label: string;
@@ -267,6 +278,7 @@ const GEOHASH_DEPTH = 9; // put enough accuracy, radius will be used anyway
this.searchGroups = data.searchGroups;
},
},
currentUser: CURRENT_USER_CLIENT,
},
metaInfo() {
return {
@@ -292,6 +304,8 @@ export default class Search extends Vue {
location: IAddress = new Address();
currentUser!: ICurrentUser;
dateOptions: Record<string, ISearchTimeOption> = {
past: {
label: this.$t("In the past") as string,
@@ -570,6 +584,18 @@ export default class Search extends Vue {
private stringExists(value: string | null | undefined): boolean {
return this.valueExists(value) && (value as string).length > 0;
}
get searchIsUrl(): boolean {
let url;
if (!this.search) return false;
try {
url = new URL(this.search);
} catch (_) {
return false;
}
return url.protocol === "http:" || url.protocol === "https:";
}
}
</script>