permission screen UI overflow fix

1. handle long username overflow on space permissions screen 2. only show document history to editors 3. removed redundant document editing permission check 4. Ensure subdomain is detected when accepting space invitation
2025-07-19 21:29:42 +02:00 · 2017-08-31 18:01:07 +01:00 · 2017-08-31 18:01:07 +01:00 · a982af6e79
commit a982af6e79
parent e505bb36e2
13 changed files with 683 additions and 654 deletions
--- a/README.md
+++ b/README.md
@ -8,7 +8,7 @@ The mission is to bring software dev inspired features (refactoring, testing, li
 ## Latest version
-v1.53.3
+v1.53.4
 ## OS Support
--- a/domain/attachment/endpoint.go
+++ b/domain/attachment/endpoint.go
@ -26,6 +26,7 @@ import (
 	"github.com/documize/community/core/uniqueid"
 	"github.com/documize/community/domain"
 	"github.com/documize/community/domain/document"
 	"github.com/documize/community/domain/organization"
 	indexer "github.com/documize/community/domain/search"
 	"github.com/documize/community/model/attachment"
 	"github.com/documize/community/model/audit"
@ -44,6 +45,7 @@ type Handler struct {
 func (h *Handler) Download(w http.ResponseWriter, r *http.Request) {
 	method := "attachment.Download"
 	ctx := domain.GetRequestContext(r)
 	ctx.Subdomain = organization.GetSubdomainFromHost(r)
 	a, err := h.Store.Attachment.GetAttachment(ctx, request.Param(r, "orgID"), request.Param(r, "attachmentID"))
--- a/domain/auth/endpoint.go
+++ b/domain/auth/endpoint.go
@ -80,7 +80,7 @@ func (h *Handler) Login(w http.ResponseWriter, r *http.Request) {
 		response.WriteUnauthorizedError(w)
 		return
 	}
-	if err != nil {
+	if err != nil && err != sql.ErrNoRows {
 		response.WriteServerError(w, method, err)
 		return
 	}
--- a/domain/document/endpoint.go
+++ b/domain/document/endpoint.go
@ -205,10 +205,10 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
 		return
 	}
-	if !ctx.Editor {
+	// if !ctx.Editor {
-		response.WriteForbiddenError(w)
+	// 	response.WriteForbiddenError(w)
-		return
+	// 	return
-	}
+	// }
 	if !CanChangeDocument(ctx, *h.Store, documentID) {
 		response.WriteForbiddenError(w)
--- a/domain/page/endpoint.go
+++ b/domain/page/endpoint.go
@ -454,10 +454,10 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
 		return
 	}
-	if !ctx.Editor {
+	// if !ctx.Editor {
-		response.WriteForbiddenError(w)
+	// 	response.WriteForbiddenError(w)
-		return
+	// 	return
-	}
+	// }
 	documentID := request.Param(r, "documentID")
 	if len(documentID) == 0 {
@ -471,6 +471,11 @@ func (h *Handler) Update(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	if !document.CanChangeDocument(ctx, *h.Store, documentID) {
 		response.WriteForbiddenError(w)
 		return
 	}
 	defer streamutil.Close(r.Body)
 	body, err := ioutil.ReadAll(r.Body)
 	if err != nil {
--- a/domain/space/endpoint.go
+++ b/domain/space/endpoint.go
@ -30,6 +30,7 @@ import (
 	"github.com/documize/community/core/uniqueid"
 	"github.com/documize/community/domain"
 	"github.com/documize/community/domain/mail"
 	"github.com/documize/community/domain/organization"
 	"github.com/documize/community/model/account"
 	"github.com/documize/community/model/audit"
 	"github.com/documize/community/model/doc"
@ -745,6 +746,7 @@ func (h *Handler) GetPermissions(w http.ResponseWriter, r *http.Request) {
 func (h *Handler) AcceptInvitation(w http.ResponseWriter, r *http.Request) {
 	method := "space.AcceptInvitation"
 	ctx := domain.GetRequestContext(r)
 	ctx.Subdomain = organization.GetSubdomainFromHost(r)
 	folderID := request.Param(r, "folderID")
 	if len(folderID) == 0 {
--- a/domain/user/endpoint.go
+++ b/domain/user/endpoint.go
@ -504,7 +504,7 @@ func (h *Handler) ChangePassword(w http.ResponseWriter, r *http.Request) {
 	newPassword := string(body)
 	// can only update your own account unless you are an admin
-	if userID != ctx.UserID || !ctx.Administrator {
+	if !ctx.Administrator || (!ctx.Administrator && userID != ctx.UserID) {
 		response.WriteForbiddenError(w)
 		return
 	}
@ -526,12 +526,13 @@ func (h *Handler) ChangePassword(w http.ResponseWriter, r *http.Request) {
 	err = h.Store.User.UpdateUserPassword(ctx, userID, u.Salt, secrets.GeneratePassword(newPassword, u.Salt))
 	if err != nil {
 		ctx.Transaction.Rollback()
 		response.WriteServerError(w, method, err)
 		h.Runtime.Log.Error(method, err)
 		return
 	}
-	ctx.Transaction.Rollback()
+	ctx.Transaction.Commit()
 	response.WriteEmpty(w)
 }
--- a/edition/community.go
+++ b/edition/community.go
@ -38,7 +38,7 @@ func main() {
 	rt.Product = env.ProdInfo{}
 	rt.Product.Major = "1"
 	rt.Product.Minor = "53"
-	rt.Product.Patch = "3"
+	rt.Product.Patch = "4"
 	rt.Product.Version = fmt.Sprintf("%s.%s.%s", rt.Product.Major, rt.Product.Minor, rt.Product.Patch)
 	rt.Product.Edition = "Community"
 	rt.Product.Title = fmt.Sprintf("%s Edition", rt.Product.Edition)
--- a/embed/bindata_assetfs.go
+++ b/embed/bindata_assetfs.go
--- a/gui/app/styles/view/folder/sidebar.scss
+++ b/gui/app/styles/view/folder/sidebar.scss
@ -13,7 +13,9 @@
        border: none;
        padding: 0;
        margin: 0 0 30px 0;
-        width: 100%;
+		table-layout: fixed;
 		width: 100%;
 		white-space: nowrap;
        > thead {
            > tr {
@ -21,13 +23,28 @@
                    font-weight: bold;
                    text-align: center;
                }
-            }
+
 				> th:nth-child(1) {
 					width: 70%;
                }
                > th:nth-child(2), td:nth-child(3) {
 					width: 20%;
                }
 			}
        }
        > tbody {
 			width: 300px;
            > tr {
                > td {
                    padding: 8px 0;
 					@extend .truncate;
                }
 				> td:nth-child(1) {
 					text-align: left;
                }
                > td:nth-child(2), td:nth-child(3) {
--- a/gui/app/templates/components/document/sidebar-zone.hbs
+++ b/gui/app/templates/components/document/sidebar-zone.hbs
@ -10,7 +10,7 @@
    <div class="round-button-mono {{if (is-equal tab 'attachments') 'selected'}}" {{action 'onChangeTab' 'attachments'}}>
        <i class="material-icons">attach_file</i>
    </div>
-    {{#if session.authenticated}}
+    {{#if isEditor}}
        <div class="margin-top-20"></div>
        <div class="round-button-mono {{if (is-equal tab 'activity') 'selected'}}" {{action 'onChangeTab' 'activity'}}>
            <i class="material-icons">timeline</i>
@ -55,10 +55,12 @@
            {{else}}
                <li class="item" id="pin-document-button">Pin</li>
            {{/if}}
-            <li class="item" id="pin-document-button">
+			{{#if isEditor}}
-                {{#link-to 'document.history'}}History{{/link-to}}
+				<li class="item">
-            </li>
+					{{#link-to 'document.history'}}History{{/link-to}}
-            <li class="divider"></li>
+				</li>
 				<li class="divider"></li>
 	        {{/if}}
        {{/if}}
        {{#if isEditor}}
--- a/gui/package.json
+++ b/gui/package.json
@ -1,6 +1,6 @@
 {
  "name": "documize",
-  "version": "1.53.3",
+  "version": "1.53.4",
  "description": "The Document IDE",
  "private": true,
  "repository": "",
--- a/meta.json
+++ b/meta.json
@ -1,16 +1,16 @@
 {
    "community":
    {
-        "version": "1.53.3",
+        "version": "1.53.4",
        "major": 1,
        "minor": 53,
-        "patch": 3
+        "patch": 4
    },
    "enterprise":
    {
-        "version": "1.55.3",
+        "version": "1.55.4",
        "major": 1,
        "minor": 55,
-        "patch": 3
+        "patch": 4
    }
 }