diff options
| author | Daniel Friesel <derf@finalrewind.org> | 2023-02-28 19:45:27 +0100 |
|---|---|---|
| committer | Daniel Friesel <derf@finalrewind.org> | 2023-02-28 19:45:27 +0100 |
| commit | ba483a9daf2a9192acfcbe04f6c3c84eb87ec1a5 (patch) | |
| tree | c8202c90452d774b62cfa0dc210dba1ed4b6e369 | |
| parent | d58c5a8826d2abf64c923ba4635510423a196eaa (diff) | |
journey: add token to share link if non-public
| -rwxr-xr-x | lib/Travelynx/Controller/Traveling.pm | 26 | ||||
| -rw-r--r-- | templates/journey.html.ep | 7 |
2 files changed, 30 insertions, 3 deletions
diff --git a/lib/Travelynx/Controller/Traveling.pm b/lib/Travelynx/Controller/Traveling.pm index 15b131a..f1f689b 100755 --- a/lib/Travelynx/Controller/Traveling.pm +++ b/lib/Travelynx/Controller/Traveling.pm @@ -479,6 +479,26 @@ sub status_token_ok { return; } +sub journey_token_ok { + my ( $self, $journey, $ts2_ext ) = @_; + my $token = $self->param('token') // q{}; + + my ( $eva, $ts, $ts2 ) = split( qr{-}, $token ); + if ( not $ts ) { + return; + } + + $ts2 //= $ts2_ext; + + if ( $eva == $journey->{from_eva} + and $ts == $journey->{checkin_ts} + and $ts2 == $journey->{sched_dep_ts} ) + { + return 1; + } + return; +} + sub user_status { my ($self) = @_; @@ -507,6 +527,8 @@ sub user_status { ) { if ( $candidate->{sched_dep_ts} eq $ts ) { + + # TODO pass token $self->redirect_to("/p/${name}/j/$candidate->{id}"); return; } @@ -707,11 +729,11 @@ sub public_journey_details { not( $visibility eq 'public' or ( $visibility eq 'unlisted' - and $self->status_token_ok($journey) ) + and $self->journey_token_ok($journey) ) or ( $visibility eq 'travelynx' and ( $self->is_user_authenticated - or $self->status_token_ok($journey) ) + or $self->journey_token_ok($journey) ) ) ) ) diff --git a/templates/journey.html.ep b/templates/journey.html.ep index 74c032b..87ce0db 100644 --- a/templates/journey.html.ep +++ b/templates/journey.html.ep @@ -246,7 +246,12 @@ </div> <div class="col s12 m6 l6 center-align"> <a class="btn waves-effect waves-light action-share" - data-url="<%= url_for('public_journey', name => current_user()->{name}, id => $journey->{id} )->to_abs->scheme('https'); %>" + % if ($journey_visibility eq 'public') { + data-url="<%= url_for('public_journey', name => current_user()->{name}, id => $journey->{id} )->to_abs->scheme('https'); %>" + % } + % else { + data-url="<%= url_for('public_journey', name => current_user()->{name}, id => $journey->{id} )->to_abs->scheme('https'); %>?token=<%= $journey->{from_eva} %>-<%= $journey->{checkin_ts} %>-<%= $journey->{sched_dep_ts} %>" + % } data-text="<%= stash('share_text') %>" > <i class="material-icons left" aria-hidden="true">share</i> Teilen |