mirror of
https://github.com/gotson/komga.git
synced 2026-05-08 21:00:16 +02:00
show only Book filename instead of full path to non-admin users
hide Series url to non-admin users properly escape characters for Series url
This commit is contained in:
Gauthier Roebroeck
parent
37fa1d0719
commit
42d63919c5
4 changed files with 16 additions and 13 deletions
|
|
@ -57,6 +57,8 @@ class KomgaUser(
|
|||
field = if (roles.contains(UserRoles.ADMIN)) true else value
|
||||
}
|
||||
|
||||
fun isAdmin() = roles.contains(UserRoles.ADMIN)
|
||||
|
||||
fun canAccessBook(book: Book): Boolean {
|
||||
return sharedAllLibraries || sharedLibraries.any { it.id == book.series.library.id }
|
||||
}
|
||||
|
|
|
|||
|
|
@ -85,7 +85,7 @@ class BookController(
|
|||
} else {
|
||||
bookRepository.findAll(pageRequest)
|
||||
}
|
||||
}.map { it.toDto() }
|
||||
}.map { it.toDto(includeFullUrl = principal.user.isAdmin()) }
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -104,7 +104,7 @@ class BookController(
|
|||
bookRepository.findAll(pageRequest)
|
||||
} else {
|
||||
bookRepository.findBySeriesLibraryIn(principal.user.sharedLibraries, pageRequest)
|
||||
}.map { it.toDto() }
|
||||
}.map { it.toDto(includeFullUrl = principal.user.isAdmin()) }
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -123,7 +123,7 @@ class BookController(
|
|||
): BookDto =
|
||||
bookRepository.findByIdOrNull(bookId)?.let {
|
||||
if (!principal.user.canAccessBook(it)) throw ResponseStatusException(HttpStatus.UNAUTHORIZED)
|
||||
it.toDto()
|
||||
it.toDto(includeFullUrl = principal.user.isAdmin())
|
||||
} ?: throw ResponseStatusException(HttpStatus.NOT_FOUND)
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package org.gotson.komga.interfaces.web.rest
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonFormat
|
||||
import org.apache.commons.io.FilenameUtils
|
||||
import org.gotson.komga.domain.model.Book
|
||||
import org.gotson.komga.domain.model.Series
|
||||
import java.time.LocalDateTime
|
||||
|
|
@ -17,11 +18,11 @@ data class SeriesDto(
|
|||
val booksCount: Int
|
||||
)
|
||||
|
||||
fun Series.toDto() = SeriesDto(
|
||||
fun Series.toDto(includeUrl: Boolean) = SeriesDto(
|
||||
id = id,
|
||||
libraryId = library.id,
|
||||
name = name,
|
||||
url = url.toString(),
|
||||
url = if (includeUrl) url.toURI().path else "",
|
||||
lastModified = lastModifiedDate?.toUTC(),
|
||||
booksCount = books.size
|
||||
)
|
||||
|
|
@ -45,12 +46,12 @@ data class BookMetadataDto(
|
|||
val pagesCount: Int
|
||||
)
|
||||
|
||||
fun Book.toDto() =
|
||||
fun Book.toDto(includeFullUrl: Boolean) =
|
||||
BookDto(
|
||||
id = id,
|
||||
seriesId = series.id,
|
||||
name = name,
|
||||
url = url.toURI().path,
|
||||
url = if (includeFullUrl) url.toURI().path else FilenameUtils.getName(url.toURI().path),
|
||||
number = number,
|
||||
lastModified = lastModifiedDate?.toUTC(),
|
||||
sizeBytes = fileSize,
|
||||
|
|
|
|||
|
|
@ -76,7 +76,7 @@ class SeriesController(
|
|||
} else {
|
||||
seriesRepository.findAll(pageRequest)
|
||||
}
|
||||
}.map { it.toDto() }
|
||||
}.map { it.toDto(includeUrl = principal.user.isAdmin()) }
|
||||
}
|
||||
|
||||
// all updated series, whether newly added or updated
|
||||
|
|
@ -95,7 +95,7 @@ class SeriesController(
|
|||
seriesRepository.findAll(pageRequest)
|
||||
} else {
|
||||
seriesRepository.findByLibraryIn(principal.user.sharedLibraries, pageRequest)
|
||||
}.map { it.toDto() }
|
||||
}.map { it.toDto(includeUrl = principal.user.isAdmin()) }
|
||||
}
|
||||
|
||||
// new series only, doesn't contain existing updated series
|
||||
|
|
@ -114,7 +114,7 @@ class SeriesController(
|
|||
seriesRepository.findAll(pageRequest)
|
||||
} else {
|
||||
seriesRepository.findByLibraryIn(principal.user.sharedLibraries, pageRequest)
|
||||
}.map { it.toDto() }
|
||||
}.map { it.toDto(includeUrl = principal.user.isAdmin()) }
|
||||
}
|
||||
|
||||
// updated series only, doesn't contain new series
|
||||
|
|
@ -133,7 +133,7 @@ class SeriesController(
|
|||
seriesRepository.findRecentlyUpdated(pageRequest)
|
||||
} else {
|
||||
seriesRepository.findRecentlyUpdatedByLibraryIn(principal.user.sharedLibraries, pageRequest)
|
||||
}.map { it.toDto() }
|
||||
}.map { it.toDto(includeUrl = principal.user.isAdmin()) }
|
||||
}
|
||||
|
||||
@GetMapping("{seriesId}")
|
||||
|
|
@ -143,7 +143,7 @@ class SeriesController(
|
|||
): SeriesDto =
|
||||
seriesRepository.findByIdOrNull(id)?.let {
|
||||
if (!principal.user.canAccessSeries(it)) throw ResponseStatusException(HttpStatus.UNAUTHORIZED)
|
||||
it.toDto()
|
||||
it.toDto(includeUrl = principal.user.isAdmin())
|
||||
} ?: throw ResponseStatusException(HttpStatus.NOT_FOUND)
|
||||
|
||||
@GetMapping(value = ["{seriesId}/thumbnail"], produces = [MediaType.IMAGE_JPEG_VALUE])
|
||||
|
|
@ -186,6 +186,6 @@ class SeriesController(
|
|||
bookRepository.findAllByMetadataStatusAndSeriesId(BookMetadata.Status.READY, id, pageRequest)
|
||||
} else {
|
||||
bookRepository.findAllBySeriesId(id, pageRequest)
|
||||
}.map { it.toDto() }
|
||||
}.map { it.toDto(includeFullUrl = principal.user.isAdmin()) }
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue