0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-20 22:42:53 -05:00
ghost/core/frontend/services/routing/controllers/preview.js
Casper Bøgeskov Hansen 638b4fc2f2 Fixed post preview access flag in 3.0 (#11275)
no-issue

The access flag was not being set in the preview controller which was causing 3.0 Member themes to incorrectly hide the content
2019-10-31 13:58:47 +07:00

67 lines
2.4 KiB
JavaScript

const debug = require('ghost-ignition').debug('services:routing:controllers:preview');
const config = require('../../../../server/config');
const urlService = require('../../url');
const urlUtils = require('../../../../server/lib/url-utils');
const helpers = require('../helpers');
/**
* @description Preview Controller.
* @param {Object} req
* @param {Object} res
* @param {Function} next
* @returns {Promise}
*/
module.exports = function previewController(req, res, next) {
debug('previewController');
const api = require('../../../../server/api')[res.locals.apiVersion];
const params = {
uuid: req.params.uuid,
status: 'all',
include: 'authors,tags'
};
return api[res.routerOptions.query.controller]
.read(params)
.then(function then(result) {
const post = result[res.routerOptions.query.resource][0];
if (!post) {
return next();
}
if (req.params.options && req.params.options.toLowerCase() === 'edit') {
// CASE: last param of the url is /edit but admin redirects are disabled
if (!config.get('admin:redirects')) {
return next();
}
// @TODO: we don't know which resource type it is, because it's a generic preview handler and the
// preview API returns {previews: []}
// @TODO: figure out how to solve better
const resourceType = post.page ? 'page' : 'post';
// CASE: last param of the url is /edit, redirect to admin
return urlUtils.redirectToAdmin(302, res, `/editor/${resourceType}/${post.id}`);
} else if (req.params.options) {
// CASE: unknown options param detected, ignore
return next();
}
if (post.status === 'published') {
return urlUtils.redirect301(res, urlService.getUrlByResourceId(post.id, {withSubdirectory: true}));
}
if (res.locals.apiVersion !== 'v0.1' && res.locals.apiVersion !== 'v2') {
post.access = !!post.html;
}
// @TODO: See helpers/secure
helpers.secure(req, post);
const renderer = helpers.renderEntry(req, res);
return renderer(post);
})
.catch(helpers.handleError(next));
};