Implement read-only mode (#1001)

* Implement read-only mode * Use localized string under default language for announce text * Redirect to user page rather than returning blank 400 * Protect call to `ParseBase64Image` * Add protections to SlotSettingsPage and nitpick format * Display the latest announcement (if any) on the landing page * Fix a kokoism Accidentally tried to use markdown within the landing page... I'm rather smart aren't I * Prevent possible XSS * Separate truncated announcement text and link with "..." * Apply suggestion from code review * Add read-only check to /postComment in slot page controller * Fix inconsistent tabbing
2025-07-29 08:28:39 +00:00 · 2024-03-29 22:51:12 -04:00 · 2024-03-29 22:51:12 -04:00 · 0ee8970c64
commit 0ee8970c64
parent 975fcab100
20 changed files with 176 additions and 18 deletions
--- a/ProjectLighthouse.Servers.Website/Pages/UserSettingsPage.cshtml.cs
+++ b/ProjectLighthouse.Servers.Website/Pages/UserSettingsPage.cshtml.cs
@ -39,6 +39,10 @@ public class UserSettingsPage : BaseLayout

        if (!this.User.IsModerator && this.User != this.ProfileUser) return this.Redirect("~/user/" + userId);

+        // Deny request if in read-only mode
+        if (avatar != null && ServerConfiguration.Instance.UserGeneratedContentLimits.ReadOnlyMode)
+            return this.Redirect($"~/user/{userId}");
+
        string? avatarHash = await FileHelper.ParseBase64Image(avatar);

        if (avatarHash != null) this.ProfileUser.IconHash = avatarHash;
@ -47,6 +51,10 @@ public class UserSettingsPage : BaseLayout

        if (biography != null)
        {
+            // Deny request if in read-only mode
+            if (ServerConfiguration.Instance.UserGeneratedContentLimits.ReadOnlyMode)
+                return this.Redirect($"~/user/{userId}");
+
            biography = CensorHelper.FilterMessage(biography);
            if (this.ProfileUser.Biography != biography && biography.Length <= 512)
                this.ProfileUser.Biography = biography;