src/api/categories.js

'use strict';

const categories = require('../categories');
const events = require('../events');
const user = require('../user');
const groups = require('../groups');
const privileges = require('../privileges');

const categoriesAPI = module.exports;

categoriesAPI.get = async function (caller, data) {
	const [userPrivileges, category] = await Promise.all([
		privileges.categories.get(data.cid, caller.uid),
		categories.getCategoryData(data.cid),
	]);
	if (!category || !userPrivileges.read) {
		return null;
	}

	return category;
};

categoriesAPI.create = async function (caller, data) {
	const response = await categories.create(data);
	const categoryObjs = await categories.getCategories([response.cid], caller.uid);
	return categoryObjs[0];
};

categoriesAPI.update = async function (caller, data) {
	await categories.update(data);
};

categoriesAPI.delete = async function (caller, data) {
	const name = await categories.getCategoryField(data.cid, 'name');
	await categories.purge(data.cid, caller.uid);
	await events.log({
		type: 'category-purge',
		uid: caller.uid,
		ip: caller.ip,
		cid: data.cid,
		name: name,
	});
};

categoriesAPI.getPrivileges = async (caller, cid) => {
	let responsePayload;

	if (cid === 'admin') {
		responsePayload = await privileges.admin.list(caller.uid);
	} else if (!parseInt(cid, 10)) {
		responsePayload = await privileges.global.list();
	} else {
		responsePayload = await privileges.categories.list(cid);
	}

	return responsePayload;
};

categoriesAPI.setPrivilege = async (caller, data) => {
	const [userExists, groupExists] = await Promise.all([
		user.exists(data.member),
		groups.exists(data.member),
	]);

	if (!userExists && !groupExists) {
		throw new Error('[[error:no-user-or-group]]');
	}
	const privs = Array.isArray(data.privilege) ? data.privilege : [data.privilege];
	const type = data.set ? 'give' : 'rescind';
	if (!privs.length) {
		throw new Error('[[error:invalid-data]]');
	}
	let privMethod = privileges.categories[type];
	if (parseInt(data.cid, 10) === 0) {
		if (privs[0].startsWith('admin:')) {
			privMethod = privileges.admin[type];
		} else {
			privMethod = privileges.global[type];
		}
	}
	await privMethod(privs, data.cid, data.member);

	await events.log({
		uid: caller.uid,
		type: 'privilege-change',
		ip: caller.ip,
		privilege: data.privilege.toString(),
		cid: data.cid,
		action: data.set ? 'grant' : 'rescind',
		target: data.member,
	});
};
refactor: api categories 2020-10-16 22:41:38 -04:00			`'use strict';`

			`const categories = require('../categories');`
			`const events = require('../events');`
feat: category privilege API routes closes #9342 2021-03-04 12:46:31 -05:00			`const user = require('../user');`
			`const groups = require('../groups');`
feat(api): #9123, migrate rest of the getObject controllers to Write API 2020-12-28 19:52:46 -05:00			`const privileges = require('../privileges');`
refactor: api categories 2020-10-16 22:41:38 -04:00
			`const categoriesAPI = module.exports;`

feat(api): #9123, migrate rest of the getObject controllers to Write API 2020-12-28 19:52:46 -05:00			`categoriesAPI.get = async function (caller, data) {`
			`const [userPrivileges, category] = await Promise.all([`
			`privileges.categories.get(data.cid, caller.uid),`
			`categories.getCategoryData(data.cid),`
			`]);`
			`if (!category \|\| !userPrivileges.read) {`
			`return null;`
			`}`

			`return category;`
			`};`

refactor: api categories 2020-10-16 22:41:38 -04:00			`categoriesAPI.create = async function (caller, data) {`
			`const response = await categories.create(data);`
			`const categoryObjs = await categories.getCategories([response.cid], caller.uid);`
			`return categoryObjs[0];`
			`};`

			`categoriesAPI.update = async function (caller, data) {`
			`await categories.update(data);`
			`};`

			`categoriesAPI.delete = async function (caller, data) {`
			`const name = await categories.getCategoryField(data.cid, 'name');`
			`await categories.purge(data.cid, caller.uid);`
			`await events.log({`
			`type: 'category-purge',`
			`uid: caller.uid,`
			`ip: caller.ip,`
			`cid: data.cid,`
			`name: name,`
			`});`
			`};`
feat: category privilege API routes closes #9342 2021-03-04 12:46:31 -05:00
			`categoriesAPI.getPrivileges = async (caller, cid) => {`
			`let responsePayload;`

			`if (cid === 'admin') {`
			`responsePayload = await privileges.admin.list(caller.uid);`
			`} else if (!parseInt(cid, 10)) {`
			`responsePayload = await privileges.global.list();`
			`} else {`
			`responsePayload = await privileges.categories.list(cid);`
			`}`

			`return responsePayload;`
			`};`

			`categoriesAPI.setPrivilege = async (caller, data) => {`
			`const [userExists, groupExists] = await Promise.all([`
			`user.exists(data.member),`
			`groups.exists(data.member),`
			`]);`

			`if (!userExists && !groupExists) {`
			`throw new Error('[[error:no-user-or-group]]');`
			`}`
fix: #9773, fire hooks properly for priv changes (#9774) 2021-09-03 11:22:42 -04:00			`const privs = Array.isArray(data.privilege) ? data.privilege : [data.privilege];`
			`const type = data.set ? 'give' : 'rescind';`
			`if (!privs.length) {`
			`throw new Error('[[error:invalid-data]]');`
			`}`
			`let privMethod = privileges.categories[type];`
			`if (parseInt(data.cid, 10) === 0) {`
			`if (privs[0].startsWith('admin:')) {`
			`privMethod = privileges.admin[type];`
			`} else {`
			`privMethod = privileges.global[type];`
			`}`
			`}`
			`await privMethod(privs, data.cid, data.member);`
feat: category privilege API routes closes #9342 2021-03-04 12:46:31 -05:00
			`await events.log({`
			`uid: caller.uid,`
			`type: 'privilege-change',`
			`ip: caller.ip,`
			`privilege: data.privilege.toString(),`
			`cid: data.cid,`
			`action: data.set ? 'grant' : 'rescind',`
			`target: data.member,`
			`});`
			`};`