diff --git a/bookwyrm/static/css/fonts/icomoon.eot b/bookwyrm/static/css/fonts/icomoon.eot index 5568c0ad..99a90268 100644 Binary files a/bookwyrm/static/css/fonts/icomoon.eot and b/bookwyrm/static/css/fonts/icomoon.eot differ diff --git a/bookwyrm/static/css/fonts/icomoon.svg b/bookwyrm/static/css/fonts/icomoon.svg index 4324502b..28612eee 100644 --- a/bookwyrm/static/css/fonts/icomoon.svg +++ b/bookwyrm/static/css/fonts/icomoon.svg @@ -7,27 +7,28 @@ - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + diff --git a/bookwyrm/static/css/fonts/icomoon.ttf b/bookwyrm/static/css/fonts/icomoon.ttf index a61117da..0f78404f 100644 Binary files a/bookwyrm/static/css/fonts/icomoon.ttf and b/bookwyrm/static/css/fonts/icomoon.ttf differ diff --git a/bookwyrm/static/css/fonts/icomoon.woff b/bookwyrm/static/css/fonts/icomoon.woff index 1dccbcf9..dcb8dc75 100644 Binary files a/bookwyrm/static/css/fonts/icomoon.woff and b/bookwyrm/static/css/fonts/icomoon.woff differ diff --git a/bookwyrm/static/css/icons.css b/bookwyrm/static/css/icons.css index eabfb06e..bf68b7d6 100644 --- a/bookwyrm/static/css/icons.css +++ b/bookwyrm/static/css/icons.css @@ -1,10 +1,10 @@ @font-face { font-family: 'icomoon'; - src: url('fonts/icomoon.eot?v0wquk'); - src: url('fonts/icomoon.eot?v0wquk#iefix') format('embedded-opentype'), - url('fonts/icomoon.ttf?v0wquk') format('truetype'), - url('fonts/icomoon.woff?v0wquk') format('woff'), - url('fonts/icomoon.svg?v0wquk#icomoon') format('svg'); + src: url('fonts/icomoon.eot?7ifunb'); + src: url('fonts/icomoon.eot?7ifunb#iefix') format('embedded-opentype'), + url('fonts/icomoon.ttf?7ifunb') format('truetype'), + url('fonts/icomoon.woff?7ifunb') format('woff'), + url('fonts/icomoon.svg?7ifunb#icomoon') format('svg'); font-weight: normal; font-style: normal; font-display: block; @@ -13,7 +13,7 @@ [class^="icon-"], [class*=" icon-"] { /* use !important to prevent issues with browser extensions that change fonts */ font-family: 'icomoon' !important; - speak: none; + speak: never; font-style: normal; font-weight: normal; font-variant: normal; @@ -25,26 +25,71 @@ -moz-osx-font-smoothing: grayscale; } -.icon-arrow-right:before { +.icon-envelope:before { content: "\e900"; } -.icon-arrow-left:before { - content: "\e910"; +.icon-arrow-right:before { + content: "\e901"; } -.icon-arrow-up:before { - content: "\e911"; -} -.icon-arrow-down:before { - content: "\e912"; +.icon-bell:before { + content: "\e902"; } .icon-x:before { - content: "\e902"; + content: "\e903"; } -.icon-cancel:before { - content: "\e902"; +.icon-quote-close:before { + content: "\e904"; } -.icon-close:before { - content: "\e902"; +.icon-quote-open:before { + content: "\e905"; +} +.icon-image:before { + content: "\e906"; +} +.icon-pencil:before { + content: "\e907"; +} +.icon-list:before { + content: "\e908"; +} +.icon-unlock:before { + content: "\e909"; +} +.icon-globe:before { + content: "\e90a"; +} +.icon-lock:before { + content: "\e90b"; +} +.icon-chain-broken:before { + content: "\e90c"; +} +.icon-chain:before { + content: "\e90d"; +} +.icon-comments:before { + content: "\e90e"; +} +.icon-comment:before { + content: "\e90f"; +} +.icon-boost:before { + content: "\e910"; +} +.icon-arrow-left:before { + content: "\e911"; +} +.icon-arrow-up:before { + content: "\e912"; +} +.icon-arrow-down:before { + content: "\e913"; +} +.icon-home:before { + content: "\e914"; +} +.icon-local:before { + content: "\e915"; } .icon-search:before { content: "\e986"; @@ -61,78 +106,3 @@ .icon-heart:before { content: "\e9da"; } -.icon-local:before { - content: "\e914"; -} -.icon-home:before { - content: "\e913"; -} -.icon-quote-close:before { - content: "\e903"; -} -.icon-quote-open:before { - content: "\e904"; -} -.icon-image:before { - content: "\e905"; -} -.icon-photo:before { - content: "\e905"; -} -.icon-picture-o:before { - content: "\e905"; -} -.icon-pencil:before { - content: "\e906"; -} -.icon-list:before { - content: "\e907"; -} -.icon-unlock:before { - content: "\e908"; -} -.icon-unlisted:before { - content: "\e908"; -} -.icon-globe:before { - content: "\e909"; -} -.icon-global:before { - content: "\e909"; -} -.icon-federated:before { - content: "\e909"; -} -.icon-public:before { - content: "\e909"; -} -.icon-lock:before { - content: "\e90a"; -} -.icon-private:before { - content: "\e90a"; -} -.icon-chain-broken:before { - content: "\e90b"; -} -.icon-unlink:before { - content: "\e90b"; -} -.icon-chain:before { - content: "\e90c"; -} -.icon-link:before { - content: "\e90c"; -} -.icon-comments:before { - content: "\e90d"; -} -.icon-comment:before { - content: "\e90e"; -} -.icon-boost:before { - content: "\e90f"; -} -.icon-bell:before { - content: "\e901"; -} diff --git a/bookwyrm/templates/snippets/create_status.html b/bookwyrm/templates/snippets/create_status.html index 28eded97..28379f0e 100644 --- a/bookwyrm/templates/snippets/create_status.html +++ b/bookwyrm/templates/snippets/create_status.html @@ -23,7 +23,6 @@ {% csrf_token %} -
@@ -44,7 +43,17 @@
- +
+
+ +
+ +
@@ -60,7 +69,17 @@ - +
+
+ +
+ +
@@ -80,7 +99,17 @@ - +
+
+ +
+ +
diff --git a/bookwyrm/templates/snippets/interaction.html b/bookwyrm/templates/snippets/interaction.html index 27bbbf8b..a48d8a7c 100644 --- a/bookwyrm/templates/snippets/interaction.html +++ b/bookwyrm/templates/snippets/interaction.html @@ -6,7 +6,7 @@ {% csrf_token %} - + diff --git a/bookwyrm/views.py b/bookwyrm/views.py index 55957ff2..2422cd27 100644 --- a/bookwyrm/views.py +++ b/bookwyrm/views.py @@ -130,17 +130,22 @@ def get_activity_feed(user, filter_level, model=models.Status): if filter_level in ['friends', 'home']: # people you follow and direct mentions activities = activities.filter( - Q(user__in=following, privacy='public') | \ - Q(mention_users=user) + Q(user__in=following, privacy__in=['public', 'unlisted', 'followers']) | \ + Q(mention_users=user) | Q(user=user) ) elif filter_level == 'self': activities = activities.filter(user=user, privacy='public') elif filter_level == 'local': - # everyone on this instance - activities = activities.filter(user__local=True, privacy='public') + # everyone on this instance except unlisted + activities = activities.filter( + Q(user__in=following, privacy='followers') | Q(privacy='public'), + user__local=True + ) else: # all activities from everyone you federate with - activities = activities.filter(privacy='public') + activities = activities.filter( + Q(user__in=following, privacy='followers') | Q(privacy='public') + ) return activities @@ -386,9 +391,14 @@ def status_page(request, username, status_id): except ValueError: return HttpResponseNotFound() + # the url should have the poster's username in it if user != status.user: return HttpResponseNotFound() + # make sure the user is authorized to see the status + if not status_visible_to_user(request.user, status): + return HttpResponseNotFound() + if is_api_request(request): return JsonResponse(status.to_activity(), encoder=ActivityEncoder) @@ -397,6 +407,19 @@ def status_page(request, username, status_id): } return TemplateResponse(request, 'status.html', data) +def status_visible_to_user(viewer, status): + ''' is a user authorized to view a status? ''' + if viewer == status.user or status.privacy in ['public', 'unlisted']: + return True + if status.privacy == 'followers' and \ + status.user.followers.filter(id=viewer.id).first(): + return True + if status.privacy == 'direct' and \ + status.mention_users.filter(id=viewer.id).first(): + return True + return False + + @csrf_exempt def replies_page(request, username, status_id):