From 792ab9fe23a89682115ff02808e813dc92c597f8 Mon Sep 17 00:00:00 2001
From: Daniel Friesel <daniel.friesel@uos.de>
Date: Thu, 2 Mar 2023 18:31:17 +0100
Subject: journey details: require valid token if too old

---
 lib/Travelynx/Controller/Traveling.pm | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

(limited to 'lib')

diff --git a/lib/Travelynx/Controller/Traveling.pm b/lib/Travelynx/Controller/Traveling.pm
index f094279..316ee08 100755
--- a/lib/Travelynx/Controller/Traveling.pm
+++ b/lib/Travelynx/Controller/Traveling.pm
@@ -745,18 +745,26 @@ sub public_journey_details {
 		return;
 	}
 
+	my $is_past;
+	if ( not $user->{past_all} ) {
+		my $now = DateTime->now( time_zone => 'Europe/Berlin' );
+		if ( $journey->{sched_dep_ts} < $now->subtract( weeks => 4 )->epoch ) {
+			$is_past = 1;
+		}
+	}
+
 	my $visibility
 	  = $self->compute_effective_visibility( $user->{default_visibility_str},
 		$journey->{visibility_str} );
 
 	if (
 		not(
-			$visibility eq 'public'
+			( $visibility eq 'public' and not $is_past )
 			or (    $visibility eq 'unlisted'
 				and $self->journey_token_ok($journey) )
 			or (
 				$visibility eq 'travelynx'
-				and (  $self->is_user_authenticated
+				and ( ( $self->is_user_authenticated and not $is_past )
 					or $self->journey_token_ok($journey) )
 			)
 		)
@@ -771,8 +779,6 @@ sub public_journey_details {
 		return;
 	}
 
-	# TODO re-add age check unless status_token_ok (helper function?)
-
 	my $title = sprintf( 'Fahrt von %s nach %s am %s',
 		$journey->{from_name}, $journey->{to_name},
 		$journey->{rt_arrival}->strftime('%d.%m.%Y') );
-- 
cgit v1.2.3