From 16ae415d23e93ae8ab594ea5290fe405458d321c Mon Sep 17 00:00:00 2001 From: Simon Baird Date: Tue, 27 Feb 2024 16:51:22 -0500 Subject: [PATCH 1/2] classic: Don't always force visible edit buttons If you're viewing a TiddlyWiki Classic site isn't your own, or is your own but you're not logged in, previously the edit buttons would be shown regardless of the value of the chkHttpReadOnly "advanced options" cookie. Now, the chkHttpReadOnly value will be respected, unless the site owner is currently logged in. The way it works is to inject a shadow tiddler with content set to either 'yes' or 'no', then read the value of that tiddler in the upload plugin. This is similar to the TiddlyWiki5 method, except in TiddlyWiki5 the tiddler used is '$:/status/IsLoggedIn'. Closes issue #326. --- rails/lib/th_file.rb | 47 ++++++++++--------- .../plugins/thost_upload_plugin.js.erb | 13 +++-- 2 files changed, 35 insertions(+), 25 deletions(-) diff --git a/rails/lib/th_file.rb b/rails/lib/th_file.rb index 5c2b5c17f..0beebdfd2 100644 --- a/rails/lib/th_file.rb +++ b/rails/lib/th_file.rb @@ -55,7 +55,18 @@ def strip_external_core_url_prefix self end - def apply_tw5_mods(site_name, for_download: false, local_core: false, use_put_saver: false, is_logged_in: false) + # Determine if we think the user could make changes and save. + # (Used in the `TiddlyHostIsLoggedIn` tiddler for Classic and + # the `$:/status/IsLoggedIn` tiddler for TW5.) + def status_is_logged_in(is_logged_in: false, for_download: false) + if is_logged_in && !for_download + 'yes' + else + 'no' + end + end + + def apply_tw5_mods(site_name, for_download:, local_core:, use_put_saver:, is_logged_in:) upload_url = if for_download || use_put_saver # Clear $:/UploadURL for downloads so the save button in the downloaded # file will not try to use upload.js. It should use another save @@ -72,17 +83,6 @@ def apply_tw5_mods(site_name, for_download: false, local_core: false, use_put_sa Settings.subdomain_site_url(site_name) end - if !for_download && is_logged_in - # Provide a way for TiddlyWiki files to detect when - # they're being viewed by their owner - status_is_logged_in = 'yes' - - else - # The readonly plugin might user this to hide tiddler edit buttons, etc. - status_is_logged_in = 'no' - - end - write_tiddlers({ # TiddlyWiki will POST to this url using code in core/modules/savers/upload.js '$:/UploadURL' => upload_url, @@ -93,7 +93,7 @@ def apply_tw5_mods(site_name, for_download: false, local_core: false, use_put_sa '$:/UploadWithUrlOnly' => 'yes', # Provide a way for TiddlyWikis to detect when they're able to be saved - '$:/status/IsLoggedIn' => status_is_logged_in, + '$:/status/IsLoggedIn' => status_is_logged_in(is_logged_in:, for_download:), }) # Since every save uploads the entire TiddlyWiki I want to discourage @@ -115,7 +115,7 @@ def apply_tw5_mods(site_name, for_download: false, local_core: false, use_put_sa end end - def apply_classic_mods(site_name) + def apply_classic_mods(site_name, for_download:, is_logged_in:) # We don't want to hard code the site url in the plugin, but we also don't # want to hard code the domain name and port etc since they're different # in different environments. This is clever way to deal with that. @@ -129,24 +129,29 @@ def apply_classic_mods(site_name) } }) - # This could be a regular tiddler, but let's make it a shadow tiddler just to be cool. - # Will be clickable when viewing the plugin since we used 'TiddlyHost' as the modifier above. - # (I'm using camel case intentionally here despite the usual spelling of Tiddlyhost.) write_shadow_tiddlers({ + # This could be a regular tiddler, but let's make it a shadow tiddler just to be cool. + # Will be clickable when viewing the plugin since we used 'TiddlyHost' as the modifier above. + # (I'm using camel case intentionally here despite the usual spelling of Tiddlyhost.) 'TiddlyHost' => { text: "[[Tiddlyhost|#{Settings.main_site_url}]] is a hosting service for ~TiddlyWiki.", modifier: 'TiddlyHost', - } + }, + + # Used in the ThostUploadPlugin to ensure we don't render in readonly mode + 'TiddlyHostIsLoggedIn' => { + text: status_is_logged_in(is_logged_in:, for_download:), + modifier: 'TiddlyHost', + }, }) end def apply_tiddlyhost_mods(site_name, for_download: false, local_core: false, use_put_saver: false, is_logged_in: false) if is_tw5? - apply_tw5_mods(site_name, - for_download: for_download, local_core: local_core, use_put_saver: use_put_saver, is_logged_in: is_logged_in) + apply_tw5_mods(site_name, for_download:, local_core:, use_put_saver:, is_logged_in:) elsif is_classic? - apply_classic_mods(site_name) + apply_classic_mods(site_name, for_download:, is_logged_in:) else # FeatherWiki # No hackery for FeatherWiki currently diff --git a/rails/tw_content/plugins/thost_upload_plugin.js.erb b/rails/tw_content/plugins/thost_upload_plugin.js.erb index b1b2c7f99..65a418385 100644 --- a/rails/tw_content/plugins/thost_upload_plugin.js.erb +++ b/rails/tw_content/plugins/thost_upload_plugin.js.erb @@ -192,10 +192,15 @@ bidix.initOption('txtThostSiteName','<%= site_name %>'); // Tiddlyhost stuff // -// So you can see edit controls via http -config.options.chkHttpReadOnly = false; -window.readOnly = false; -window.showBackstage = true; +if (config.shadowTiddlers.TiddlyHostIsLoggedIn == "yes") { + // If user is logged in to Tiddlyhost and viewing their own site then + // we disregard the original value of the chkHttpReadOnly cookie + config.options.chkHttpReadOnly = false + // window.readOnly gets set before plugins are loaded, so we need to + // set it here to make sure TW is editable, unlike window.showBackstage + // which is set after + window.readOnly = false +} // Add 'upload to tiddlyhost' button config.shadowTiddlers.SideBarOptions = config.shadowTiddlers.SideBarOptions From 58aa4149de8b085ab1a946e3b434cd0203120222 Mon Sep 17 00:00:00 2001 From: Simon Baird Date: Tue, 27 Feb 2024 16:51:22 -0500 Subject: [PATCH 2/2] classic: Show th save button only if it's usable There are some pros and cons to this, e.g. with this change, a user with an expired login session might be confused about why they can no longer save. On the other hand showing the "save to tiddlyhost" button when a save is not possible is also potentially confusing. Anyway, let's try it this way and see how we like it. Closely related to the changes in the previous commit for issue #326. --- rails/lib/th_file.rb | 1 + rails/tw_content/plugins/thost_upload_plugin.js.erb | 8 ++++---- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/rails/lib/th_file.rb b/rails/lib/th_file.rb index 0beebdfd2..8ebbcff41 100644 --- a/rails/lib/th_file.rb +++ b/rails/lib/th_file.rb @@ -139,6 +139,7 @@ def apply_classic_mods(site_name, for_download:, is_logged_in:) }, # Used in the ThostUploadPlugin to ensure we don't render in readonly mode + # and to show the 'save to tiddlyhost' button 'TiddlyHostIsLoggedIn' => { text: status_is_logged_in(is_logged_in:, for_download:), modifier: 'TiddlyHost', diff --git a/rails/tw_content/plugins/thost_upload_plugin.js.erb b/rails/tw_content/plugins/thost_upload_plugin.js.erb index 65a418385..d9d3b5199 100644 --- a/rails/tw_content/plugins/thost_upload_plugin.js.erb +++ b/rails/tw_content/plugins/thost_upload_plugin.js.erb @@ -200,10 +200,10 @@ if (config.shadowTiddlers.TiddlyHostIsLoggedIn == "yes") { // set it here to make sure TW is editable, unlike window.showBackstage // which is set after window.readOnly = false -} -// Add 'upload to tiddlyhost' button -config.shadowTiddlers.SideBarOptions = config.shadowTiddlers.SideBarOptions - .replace(/(<>)/,"$1<>"); + // Add the 'save to tiddlyhost' button after the regular save button + config.shadowTiddlers.SideBarOptions = config.shadowTiddlers.SideBarOptions + .replace(/(<>)/,"$1<>"); +} //}}}