From 6385e53425c4707db48deb1b65271663fa02e6fe Mon Sep 17 00:00:00 2001
From: Emmy D'Anello <emmy.danello@animath.fr>
Date: Sun, 28 Apr 2024 16:36:54 +0200
Subject: [PATCH] Users can only edit & delete their own messages (except for
admin users)
Signed-off-by: Emmy D'Anello <emmy.danello@animath.fr>
---
chat/static/chat.js | 30 ++++++++++++++++++------------
chat/templates/chat/content.html | 7 ++++++-
2 files changed, 24 insertions(+), 13 deletions(-)
diff --git a/chat/static/chat.js b/chat/static/chat.js
index dcef533..30ce636 100644
--- a/chat/static/chat.js
+++ b/chat/static/chat.js
@@ -235,9 +235,18 @@ function redrawMessages() {
fetchMoreButton.classList.remove('d-none')
}
+function removeAllPopovers() {
+ for (let popover of document.querySelectorAll('*[aria-describedby*="popover"]')) {
+ let instance = bootstrap.Popover.getInstance(popover)
+ if (instance)
+ instance.dispose()
+ }
+}
+
function registerSendPrivateMessageContextMenu(message, element) {
element.addEventListener('contextmenu', (menu_event) => {
menu_event.preventDefault()
+ removeAllPopovers()
const popover = bootstrap.Popover.getOrCreateInstance(element, {
'title': message['author'],
'content': `<a id="send-private-message-link-${message['id']}" class="nav-link" href="#" tabindex="0">Envoyer un message privé</a>`,
@@ -247,7 +256,7 @@ function registerSendPrivateMessageContextMenu(message, element) {
document.getElementById('send-private-message-link-' + message['id']).addEventListener('click', event => {
event.preventDefault()
- popover.hide()
+ popover.dispose()
socket.send(JSON.stringify({
'type': 'start_private_chat',
'user_id': message['author_id'],
@@ -259,10 +268,13 @@ function registerSendPrivateMessageContextMenu(message, element) {
function registerMessageContextMenu(message, element) {
element.addEventListener('contextmenu', (menu_event) => {
menu_event.preventDefault()
+ removeAllPopovers()
let content = `<a id="send-private-message-link-msg-${message['id']}" class="nav-link" href="#" tabindex="0">Envoyer un message privé</a>`
- content += `<hr class="my-1">`
- content += `<a class="nav-link" href="#" tabindex="0">Modifier</a>`
- content += `<a class="nav-link" href="#" tabindex="0">Supprimer</a>`
+ if (message['author_id'] === USER_ID || IS_ADMIN) {
+ content += `<hr class="my-1">`
+ content += `<a class="nav-link" href="#" tabindex="0">Modifier</a>`
+ content += `<a class="nav-link" href="#" tabindex="0">Supprimer</a>`
+ }
const popover = bootstrap.Popover.getOrCreateInstance(element, {
'content': content,
'html': true,
@@ -272,7 +284,7 @@ function registerMessageContextMenu(message, element) {
document.getElementById('send-private-message-link-msg-' + message['id']).addEventListener('click', event => {
event.preventDefault()
- popover.hide()
+ popover.dispose()
socket.send(JSON.stringify({
'type': 'start_private_chat',
'user_id': message['author_id'],
@@ -296,13 +308,7 @@ function toggleFullscreen() {
}
document.addEventListener('DOMContentLoaded', () => {
- document.addEventListener('click', () => {
- for (let popover of document.querySelectorAll('span[aria-describedby*="popover"]')) {
- let instance = bootstrap.Popover.getInstance(popover)
- if (instance)
- instance.hide()
- }
- })
+ document.addEventListener('click', removeAllPopovers)
/**
* Process the received data from the server.
diff --git a/chat/templates/chat/content.html b/chat/templates/chat/content.html
index b58e35a..2e1d8e1 100644
--- a/chat/templates/chat/content.html
+++ b/chat/templates/chat/content.html
@@ -87,4 +87,9 @@
</div>
</form>
</div>
-</div>
\ No newline at end of file
+</div>
+
+<script>
+ const USER_ID = {{ request.user.id }}
+ const IS_ADMIN = {{ request.user.registration.is_admin|yesno:"true,false" }}
+</script>
\ No newline at end of file