URLs like {srv_baseurl}/{user}/admin/p/{md5} are valid.

But only if {md5} is in the user's timeline.
This commit is contained in:
default 2024-04-22 05:46:56 +02:00
parent 62cc167c5f
commit ebf6a4bd8e
2 changed files with 28 additions and 5 deletions

6
data.c
View file

@ -1065,7 +1065,10 @@ int timeline_touch(snac *snac)
xs_str *timeline_fn_by_md5(snac *snac, const char *md5)
/* get the filename of an entry by md5 from any timeline */
{
xs_str *fn = xs_fmt("%s/private/%s.json", snac->basedir, md5);
xs_str *fn = NULL;
if (xs_is_hex(md5) && strlen(md5) == 32) {
fn = xs_fmt("%s/private/%s.json", snac->basedir, md5);
if (mtime(fn) == 0.0) {
fn = xs_free(fn);
@ -1074,6 +1077,7 @@ xs_str *timeline_fn_by_md5(snac *snac, const char *md5)
if (mtime(fn) == 0.0)
fn = xs_free(fn);
}
}
return fn;
}

19
html.c
View file

@ -2586,6 +2586,25 @@ int html_get_handler(const xs_dict *req, const char *q_path,
}
}
else
if (xs_startswith(p_path, "admin/p/")) { /** unique post by md5 **/
if (!login(&snac, req)) {
*body = xs_dup(uid);
status = 401;
}
else {
xs *l = xs_split(p_path, "/");
char *md5 = xs_list_get(l, -1);
if (md5 && *md5 && timeline_here(&snac, md5)) {
xs *list = xs_list_append(xs_list_new(), md5);
*body = html_timeline(&snac, list, 0, 0, 0, 0, NULL, "/admin", 1);
*b_size = strlen(*body);
status = 200;
}
}
}
else
if (strcmp(p_path, "people") == 0) { /** the list of people **/
if (!login(&snac, req)) {
*body = xs_dup(uid);