bugfix：1. 修复加密文章访问，非作者和管理员不能访问的问题。还有密码修改文案。 resolves mindoc-org/mindoc#849 (#867)

conf/lang/en-us.ini

@@ -315,7 +315,7 @@ prev = prev
 next = next
 no = no
 edit_title = Edit Blog
-private_blog_tips = Private blog is accessible only to author and administrator
+private_blog_tips = Private blog, please enter password to access
 
 [doc]
 modify_doc = Modify Document

conf/lang/zh-cn.ini

@@ -315,7 +315,7 @@ prev = 上一篇
 next = 下一篇
 no = 无
 edit_title = 编辑文章
-private_blog_tips = 加密文章，仅作者和管理员可访问
+private_blog_tips = 加密文章，请输入密码访问
 
 [doc]
 modify_doc = 修改文档

controllers/BlogController.go

@@ -56,23 +56,14 @@ func (c *BlogController) Index() {
 		if blog.BlogStatus == "password" && password != blog.Password {
 			c.JsonResult(6001, i18n.Tr(c.Lang, "message.blog_pwd_incorrect"))
 		} else if blog.BlogStatus == "password" && password == blog.Password {
-			// If the password is correct, then determine whether the user is correct
-			if c.Member != nil && (blog.MemberId == c.Member.MemberId || c.Member.IsAdministrator()) {
-				/* Private blog is accessible only to author and administrator.
-				   Anonymous users are not allowed access. */
-				// Store the session value
-				_ = c.CruSession.Set(context.TODO(), blogReadSession, blogId)
-				c.JsonResult(0, "OK")
-			} else {
-				c.JsonResult(6002, i18n.Tr(c.Lang, "blog.private_blog_tips"))
-			}
+			// Store the session value for the next GET request.
+			_ = c.CruSession.Set(context.TODO(), blogReadSession, blogId)
+			c.JsonResult(0, "OK")
 		} else {
 			c.JsonResult(0, "OK")
 		}
-	} else if blog.BlogStatus == "password" &&
-		(c.CruSession.Get(context.TODO(), blogReadSession) == nil || // Read session doesn't exist
-			c.Member == nil || // Anonymous, Not Allow
-			(blog.MemberId != c.Member.MemberId && !c.Member.IsAdministrator())) { // User isn't author or administrator
+	} else if blog.BlogStatus == "password" && c.CruSession.Get(context.TODO(), blogReadSession) == nil && // Read session doesn't exist
+		(c.Member == nil || (blog.MemberId != c.Member.MemberId && !c.Member.IsAdministrator())) { // User isn't author or administrator
 		//如果不存在已输入密码的标记
 		c.TplName = "blog/index_password.tpl"
 	}

views/setting/password.tpl

@@ -54,7 +54,7 @@
                             <span id="form-error-message" class="error-message"></span>
                         </div>
                         <div class="form-group">
-                            <button type="submit" class="btn btn-success" data-loading-text="{{i18n .Lang "message.processing"}}">{{i18n .Lang "message.save"}}</button>
+                            <button type="submit" class="btn btn-success" data-loading-text="{{i18n .Lang "message.processing"}}">{{i18n .Lang "common.save"}}</button>
                         </div>
                     </form>
                 </div>