New setting to hide private archives from unauthorized users in the index
This adds a new setting, HYPERKITTY_HIDE_PRIVATE_LISTS, to hide lists from to archives index that the current user does not have access to view. The setting is False by default, preserving the existing behavior.
The current behavior is to include all available list archives (barring vhost filtering) in the index when sorting by name or creation time. If a user is not authorized to view an archive certain information is not displayed and clicking the link will produce a 403 error. However, it may be desirable to exclude inaccessible archives from the index entirely for certain installations. This setting will allow site administrators to block unauthorized users from even seeing the existence of a private archive.
I believe this fixes #166 (closed)
Merge request reports
Activity
I've refactored this somewhat to offer an improved user experience. When the new setting is enabled, it is no longer necessary to hide all private lists in the activity-sorted views since lists that the user is not allowed to see are filtered anyway. This allows those sorts to remain useful even when all or most of the lists are private.
added 1 commit
- de006097 - Refactor based on feedback. Removed new setting. Behavior is now to only
Thanks for the feedback @maxking and @msapiro. I'm inclined to agree that it makes the most sense to make this the default behavior. It simplifies the code and improves the user experience by making the "active" and "popular" sorts more useful. I've updated my branch to remove the setting, as well as pull out some vestigial stuff that's no longer necessary with these changes.
mentioned in commit 6c70c413
mentioned in issue #129 (closed)
mentioned in issue #197 (closed)
