NodeBB/src/socket.io/groups.js

"use strict";

var	async = require('async'),

	groups = require('../groups'),
	meta = require('../meta'),
	user = require('../user'),
	groupsController = require('../controllers/groups'),

	SocketGroups = {};


SocketGroups.before = function(socket, method, data, next) {
	if (!data) {
		return next(new Error('[[error:invalid-data]]'));
	}
	next();
};

SocketGroups.join = function(socket, data, callback) {
	if (!parseInt(socket.uid, 10)) {
		return callback(new Error('[[error:invalid-uid]]'));
	}

	groups.exists(data.groupName, function(err, exists) {
		if (err || !exists) {
			return callback(err || new Error('[[error:no-group]]'));
		}

		if (parseInt(meta.config.allowPrivateGroups, 10) !== 1) {
			return groups.join(data.groupName, socket.uid, callback);
		}

		async.parallel({
			isAdmin: async.apply(user.isAdministrator, socket.uid),
			isPrivate: async.apply(groups.isPrivate, data.groupName)
		}, function(err, checks) {
			if (err) {
				return callback(err);
			}

			if (checks.isPrivate && !checks.isAdmin) {
				groups.requestMembership(data.groupName, socket.uid, callback);
			} else {
				groups.join(data.groupName, socket.uid, callback);
			}
		});
	});
};

SocketGroups.leave = function(socket, data, callback) {
	if (!parseInt(socket.uid, 10)) {
		return callback(new Error('[[error:invalid-uid]]'));
	}

	if (data.groupName === 'administrators') {
		return callback(new Error('[[error:cant-remove-self-as-admin]]'));
	}

	groups.leave(data.groupName, socket.uid, callback);
};

function isOwner(next) {
	return function (socket, data, callback) {
		async.parallel({
			isAdmin: async.apply(user.isAdministrator, socket.uid),
			isOwner: async.apply(groups.ownership.isOwner, socket.uid, data.groupName)
		}, function(err, results) {
			if (err || (!isOwner && !results.isAdmin)) {
				return callback(err || new Error('[[error:no-privileges]]'));
			}
			next(socket, data, callback);
		});
	};
}

function isInvited(next) {
	return function (socket, data, callback) {
		groups.isInvited(socket.uid, data.groupName, function(err, invited) {
			if (err || !invited) {
				return callback(err || new Error('[[error:not-invited]]'));
			}
			next(socket, data, callback);
		});
	};
}

SocketGroups.grant = isOwner(function(socket, data, callback) {
	groups.ownership.grant(data.toUid, data.groupName, callback);
});

SocketGroups.rescind = isOwner(function(socket, data, callback) {
	groups.ownership.rescind(data.toUid, data.groupName, callback);
});

SocketGroups.accept = isOwner(function(socket, data, callback) {
	groups.acceptMembership(data.groupName, data.toUid, callback);
});

SocketGroups.reject = isOwner(function(socket, data, callback) {
	groups.rejectMembership(data.groupName, data.toUid, callback);
});

SocketGroups.acceptAll = isOwner(function(socket, data, callback) {
	acceptRejectAll(groups.acceptMembership, socket, data, callback);
});

SocketGroups.rejectAll = isOwner(function(socket, data, callback) {
	acceptRejectAll(groups.rejectMembership, socket, data, callback);
});

function acceptRejectAll(method, socket, data, callback) {
	async.waterfall([
		function(next) {
			groups.getPending(data.groupName, next);
		},
		function(uids, next) {
			async.each(uids, function(uid, next) {
				method(data.groupName, uid, next);
			}, next);
		}
	], callback);
}

SocketGroups.issueInvite = isOwner(function(socket, data, callback) {
	groups.invite(data.groupName, data.toUid, callback);
});

SocketGroups.rescindInvite = isOwner(function(socket, data, callback) {
	groups.rejectMembership(data.groupName, data.toUid, callback);
});

SocketGroups.acceptInvite = isInvited(function(socket, data, callback) {
	groups.acceptMembership(data.groupName, socket.uid, callback);
});

SocketGroups.rejectInvite = isInvited(function(socket, data, callback) {
	groups.rejectMembership(data.groupName, socket.uid, callback);
});

SocketGroups.update = isOwner(function(socket, data, callback) {
	groups.update(data.groupName, data.values, callback);
});


SocketGroups.kick = isOwner(function(socket, data, callback) {
	groups.leave(data.groupName, data.uid, callback);
});


SocketGroups.create = function(socket, data, callback) {
	if (!socket.uid) {
		return callback(new Error('[[error:no-privileges]]'));
	} else if (parseInt(meta.config.allowGroupCreation, 10) !== 1) {
		return callback(new Error('[[error:group-creation-disabled]]'));
	}


	data.ownerUid = socket.uid;
	groups.create(data, callback);
};

SocketGroups.delete = function(socket, data, callback) {
	if (data.groupName === 'administrators' || data.groupName === 'registered-users') {
		return callback(new Error('[[error:not-allowed]]'));
	}

	var tasks = {
		isOwner: async.apply(groups.ownership.isOwner, socket.uid, data.groupName),
		isAdmin: async.apply(user.isAdministrator, socket.uid)
	};

	async.parallel(tasks, function(err, checks) {
		if (err) {
			return callback(err);
		}
		if (!checks.isOwner && !checks.isAdmin) {
			return callback(new Error('[[error:no-privileges]]'));
		}

		groups.destroy(data.groupName, callback);
	});
};

SocketGroups.search = function(socket, data, callback) {
	data.options = data.options || {};

	if (!data.query) {
		var groupsPerPage = 15;
		groupsController.getGroupsFromSet(socket.uid, data.options.sort, 0, groupsPerPage - 1, function(err, data) {
			callback(err, !err ? data.groups : null);
		});
		return;
	}

	groups.search(data.query, data.options || {}, callback);
};

SocketGroups.loadMore = function(socket, data, callback) {
	if (!data.sort || !data.after) {
		return callback();
	}

	var groupsPerPage = 9;
	var start = parseInt(data.after);
	var stop = start + groupsPerPage - 1;
	groupsController.getGroupsFromSet(socket.uid, data.sort, start, stop, callback);
};

SocketGroups.searchMembers = function(socket, data, callback) {
	data.uid = socket.uid;
	groups.searchMembers(data, callback);
};

SocketGroups.loadMoreMembers = function(socket, data, callback) {
	if (!data.groupName || !parseInt(data.after, 10)) {
		return callback(new Error('[[error:invalid-data]]'));
	}
	data.after = parseInt(data.after, 10);
	user.getUsersFromSet('group:' + data.groupName + ':members', socket.uid, data.after, data.after + 9, function(err, users) {
		if (err) {
			return callback(err);
		}

		callback(null, {users: users, nextStart: data.after + 10});
	});
};

SocketGroups.cover = {};

SocketGroups.cover.update = function(socket, data, callback) {
	if (!socket.uid) {
		return callback(new Error('[[error:no-privileges]]'));
	}

	groups.ownership.isOwner(socket.uid, data.groupName, function(err, isOwner) {
		if (!isOwner) {
			return callback(new Error('[[error:no-privileges]]'));
		}

		groups.updateCover(data, callback);
	});
};

SocketGroups.cover.remove = function(socket, data, callback) {
	if (!socket.uid) {
		return callback(new Error('[[error:no-privileges]]'));
	}

	groups.ownership.isOwner(socket.uid, data.groupName, function(err, isOwner) {
		if (!isOwner) {
			return callback(new Error('[[error:no-privileges]]'));
		}

		groups.removeCover(data, callback);
	});
}

module.exports = SocketGroups;
added methods and socket listeners for group joining and leaving, #2588 2015-01-07 16:55:14 -05:00			`"use strict";`

closes #3188, closes #3170 2015-06-02 16:20:10 -04:00			`var async = require('async'),`

			`groups = require('../groups'),`
attempting to join a private group causes the join to be pending, #2588 2015-01-08 16:50:31 -05:00			`meta = require('../meta'),`
admins can bypass the request step of a group and just join it, and they also become owners when they join a group 2015-01-22 16:01:17 -05:00			`user = require('../user'),`
closes #3188, closes #3170 2015-06-02 16:20:10 -04:00			`groupsController = require('../controllers/groups'),`
added methods and socket listeners for group joining and leaving, #2588 2015-01-07 16:55:14 -05:00
			`SocketGroups = {};`

added .before to socket.io/groups.js 2015-09-17 19:57:47 -04:00
			`SocketGroups.before = function(socket, method, data, next) {`
added methods and socket listeners for group joining and leaving, #2588 2015-01-07 16:55:14 -05:00			`if (!data) {`
added .before to socket.io/groups.js 2015-09-17 19:57:47 -04:00			`return next(new Error('[[error:invalid-data]]'));`
added methods and socket listeners for group joining and leaving, #2588 2015-01-07 16:55:14 -05:00			`}`
added .before to socket.io/groups.js 2015-09-17 19:57:47 -04:00			`next();`
			`};`
added methods and socket listeners for group joining and leaving, #2588 2015-01-07 16:55:14 -05:00
added .before to socket.io/groups.js 2015-09-17 19:57:47 -04:00			`SocketGroups.join = function(socket, data, callback) {`
fix tests, and groups.join duh 2015-02-04 00:46:51 -05:00			`if (!parseInt(socket.uid, 10)) {`
			`return callback(new Error('[[error:invalid-uid]]'));`
			`}`

check group exists before joining 2015-10-02 17:13:13 -04:00			`groups.exists(data.groupName, function(err, exists) {`
			`if (err \|\| !exists) {`
			`return callback(err \|\| new Error('[[error:no-group]]'));`
			`}`

			`if (parseInt(meta.config.allowPrivateGroups, 10) !== 1) {`
			`return groups.join(data.groupName, socket.uid, callback);`
			`}`

admins can bypass the request step of a group and just join it, and they also become owners when they join a group 2015-01-22 16:01:17 -05:00			`async.parallel({`
			`isAdmin: async.apply(user.isAdministrator, socket.uid),`
			`isPrivate: async.apply(groups.isPrivate, data.groupName)`
			`}, function(err, checks) {`
check group exists before joining 2015-10-02 17:13:13 -04:00			`if (err) {`
			`return callback(err);`
			`}`

admins can bypass the request step of a group and just join it, and they also become owners when they join a group 2015-01-22 16:01:17 -05:00			`if (checks.isPrivate && !checks.isAdmin) {`
attempting to join a private group causes the join to be pending, #2588 2015-01-08 16:50:31 -05:00			`groups.requestMembership(data.groupName, socket.uid, callback);`
			`} else {`
			`groups.join(data.groupName, socket.uid, callback);`
			`}`
			`});`
check group exists before joining 2015-10-02 17:13:13 -04:00			`});`
added methods and socket listeners for group joining and leaving, #2588 2015-01-07 16:55:14 -05:00			`};`

			`SocketGroups.leave = function(socket, data, callback) {`
#2690 2015-02-04 12:09:54 -05:00			`if (!parseInt(socket.uid, 10)) {`
			`return callback(new Error('[[error:invalid-uid]]'));`
			`}`

server side check so you can't leave admin group 2015-07-28 13:26:52 -04:00			`if (data.groupName === 'administrators') {`
			`return callback(new Error('[[error:cant-remove-self-as-admin]]'));`
			`}`

added methods and socket listeners for group joining and leaving, #2588 2015-01-07 16:55:14 -05:00			`groups.leave(data.groupName, socket.uid, callback);`
			`};`

added isOwner 2015-09-17 20:48:40 -04:00			`function isOwner(next) {`
			`return function (socket, data, callback) {`
closes #3741 2015-10-13 19:28:55 -04:00			`async.parallel({`
Fixed wrong method name in socket.io/groups.js from isAdmin to isAdministrator 2015-10-26 14:50:32 +01:00			`isAdmin: async.apply(user.isAdministrator, socket.uid),`
closes #3741 2015-10-13 19:28:55 -04:00			`isOwner: async.apply(groups.ownership.isOwner, socket.uid, data.groupName)`
			`}, function(err, results) {`
			`if (err \|\| (!isOwner && !results.isAdmin)) {`
added isOwner 2015-09-17 20:48:40 -04:00			`return callback(err \|\| new Error('[[error:no-privileges]]'));`
closes #3130 2015-06-09 17:47:02 -04:00			`}`
added isOwner 2015-09-17 20:48:40 -04:00			`next(socket, data, callback);`
			`});`
			`};`
server side check so you can't leave admin group 2015-07-28 13:26:52 -04:00			`}`
closed #2811 2015-07-15 16:58:25 -04:00
isInvited 2015-09-17 20:55:18 -04:00			`function isInvited(next) {`
			`return function (socket, data, callback) {`
			`groups.isInvited(socket.uid, data.groupName, function(err, invited) {`
			`if (err \|\| !invited) {`
			`return callback(err \|\| new Error('[[error:not-invited]]'));`
			`}`
			`next(socket, data, callback);`
			`});`
			`};`
			`}`

added isOwner 2015-09-17 20:48:40 -04:00			`SocketGroups.grant = isOwner(function(socket, data, callback) {`
			`groups.ownership.grant(data.toUid, data.groupName, callback);`
			`});`

			`SocketGroups.rescind = isOwner(function(socket, data, callback) {`
			`groups.ownership.rescind(data.toUid, data.groupName, callback);`
			`});`

			`SocketGroups.accept = isOwner(function(socket, data, callback) {`
			`groups.acceptMembership(data.groupName, data.toUid, callback);`
			`});`

			`SocketGroups.reject = isOwner(function(socket, data, callback) {`
			`groups.rejectMembership(data.groupName, data.toUid, callback);`
			`});`

			`SocketGroups.acceptAll = isOwner(function(socket, data, callback) {`
			`acceptRejectAll(groups.acceptMembership, socket, data, callback);`
			`});`

			`SocketGroups.rejectAll = isOwner(function(socket, data, callback) {`
			`acceptRejectAll(groups.rejectMembership, socket, data, callback);`
			`});`

			`function acceptRejectAll(method, socket, data, callback) {`
			`async.waterfall([`
			`function(next) {`
			`groups.getPending(data.groupName, next);`
			`},`
			`function(uids, next) {`
			`async.each(uids, function(uid, next) {`
			`method(data.groupName, uid, next);`
			`}, next);`
closed #2811 2015-07-15 16:58:25 -04:00			`}`
added isOwner 2015-09-17 20:48:40 -04:00			`], callback);`
			`}`
closed #2811 2015-07-15 16:58:25 -04:00
added isOwner 2015-09-17 20:48:40 -04:00			`SocketGroups.issueInvite = isOwner(function(socket, data, callback) {`
			`groups.invite(data.groupName, data.toUid, callback);`
			`});`
closed #2811 2015-07-15 16:58:25 -04:00
added isOwner 2015-09-17 20:48:40 -04:00			`SocketGroups.rescindInvite = isOwner(function(socket, data, callback) {`
			`groups.rejectMembership(data.groupName, data.toUid, callback);`
			`});`
closes #3130 2015-06-09 17:47:02 -04:00
isInvited 2015-09-17 20:55:18 -04:00			`SocketGroups.acceptInvite = isInvited(function(socket, data, callback) {`
			`groups.acceptMembership(data.groupName, socket.uid, callback);`
			`});`
hooking up accept/reject invite, #2758 2015-02-23 16:46:45 -05:00
isInvited 2015-09-17 20:55:18 -04:00			`SocketGroups.rejectInvite = isInvited(function(socket, data, callback) {`
			`groups.rejectMembership(data.groupName, socket.uid, callback);`
			`});`
hooking up accept/reject invite, #2758 2015-02-23 16:46:45 -05:00
added isOwner 2015-09-17 20:48:40 -04:00			`SocketGroups.update = isOwner(function(socket, data, callback) {`
			`groups.update(data.groupName, data.values, callback);`
			`});`


			`SocketGroups.kick = isOwner(function(socket, data, callback) {`
			`groups.leave(data.groupName, data.uid, callback);`
			`});`
added colorpicker to frontend, badge colour changes for groups, #2588 2015-01-09 13:51:27 -05:00

group creation and deletion from outside ACP, #2588 2015-01-12 13:00:23 -05:00			`SocketGroups.create = function(socket, data, callback) {`
added .before to socket.io/groups.js 2015-09-17 19:57:47 -04:00			`if (!socket.uid) {`
group creation and deletion from outside ACP, #2588 2015-01-12 13:00:23 -05:00			`return callback(new Error('[[error:no-privileges]]'));`
closes #2700 allowGroupCreation setting 2015-02-05 19:38:51 -05:00			`} else if (parseInt(meta.config.allowGroupCreation, 10) !== 1) {`
			`return callback(new Error('[[error:group-creation-disabled]]'));`
group creation and deletion from outside ACP, #2588 2015-01-12 13:00:23 -05:00			`}`

closes #2700 allowGroupCreation setting 2015-02-05 19:38:51 -05:00
group creation and deletion from outside ACP, #2588 2015-01-12 13:00:23 -05:00			`data.ownerUid = socket.uid;`
			`groups.create(data, callback);`
			`};`

ACP groups delete calls generic groups socket listener now, #2588 2015-01-11 18:17:49 -05:00			`SocketGroups.delete = function(socket, data, callback) {`
dont allow deletion of administrators and registered-users 2015-07-08 12:01:06 -04:00			`if (data.groupName === 'administrators' \|\| data.groupName === 'registered-users') {`
			`return callback(new Error('[[error:not-allowed]]'));`
			`}`

fixed #2644 2015-01-23 07:27:49 -05:00			`var tasks = {`
dont allow deletion of administrators and registered-users 2015-07-08 12:01:06 -04:00			`isOwner: async.apply(groups.ownership.isOwner, socket.uid, data.groupName),`
			`isAdmin: async.apply(user.isAdministrator, socket.uid)`
			`};`
fixed #2644 2015-01-23 07:27:49 -05:00
			`async.parallel(tasks, function(err, checks) {`
dont allow deletion of administrators and registered-users 2015-07-08 12:01:06 -04:00			`if (err) {`
			`return callback(err);`
			`}`
fixed #2644 2015-01-23 07:27:49 -05:00			`if (!checks.isOwner && !checks.isAdmin) {`
ACP groups delete calls generic groups socket listener now, #2588 2015-01-11 18:17:49 -05:00			`return callback(new Error('[[error:no-privileges]]'));`
			`}`

			`groups.destroy(data.groupName, callback);`
			`});`
			`};`

group searching 2015-01-21 15:43:05 -05:00			`SocketGroups.search = function(socket, data, callback) {`
admin/manage/groups pagination 2015-07-09 14:01:06 -04:00			`data.options = data.options \|\| {};`
added .before to socket.io/groups.js 2015-09-17 19:57:47 -04:00
closes #3188, closes #3170 2015-06-02 16:20:10 -04:00			`if (!data.query) {`
closes #3263 2015-06-24 17:15:58 -04:00			`var groupsPerPage = 15;`
closes #3188, closes #3170 2015-06-02 16:20:10 -04:00			`groupsController.getGroupsFromSet(socket.uid, data.options.sort, 0, groupsPerPage - 1, function(err, data) {`
			`callback(err, !err ? data.groups : null);`
			`});`
			`return;`
			`}`

			`groups.search(data.query, data.options \|\| {}, callback);`
			`};`

			`SocketGroups.loadMore = function(socket, data, callback) {`
added .before to socket.io/groups.js 2015-09-17 19:57:47 -04:00			`if (!data.sort \|\| !data.after) {`
closes #3188, closes #3170 2015-06-02 16:20:10 -04:00			`return callback();`
			`}`

			`var groupsPerPage = 9;`
			`var start = parseInt(data.after);`
			`var stop = start + groupsPerPage - 1;`
			`groupsController.getGroupsFromSet(socket.uid, data.sort, start, stop, callback);`
group searching 2015-01-21 15:43:05 -05:00			`};`

search group members 2015-03-10 14:09:24 -04:00			`SocketGroups.searchMembers = function(socket, data, callback) {`
			`data.uid = socket.uid;`
			`groups.searchMembers(data, callback);`
			`};`

closes #2605 2015-07-03 16:42:48 -04:00			`SocketGroups.loadMoreMembers = function(socket, data, callback) {`
added .before to socket.io/groups.js 2015-09-17 19:57:47 -04:00			`if (!data.groupName \|\| !parseInt(data.after, 10)) {`
closes #2605 2015-07-03 16:42:48 -04:00			`return callback(new Error('[[error:invalid-data]]'));`
			`}`
			`data.after = parseInt(data.after, 10);`
			`user.getUsersFromSet('group:' + data.groupName + ':members', socket.uid, data.after, data.after + 9, function(err, users) {`
			`if (err) {`
			`return callback(err);`
			`}`

			`callback(null, {users: users, nextStart: data.after + 10});`
			`});`
			`};`

cover photo for groups, #2588 2015-01-12 20:34:15 -05:00			`SocketGroups.cover = {};`

			`SocketGroups.cover.update = function(socket, data, callback) {`
added .before to socket.io/groups.js 2015-09-17 19:57:47 -04:00			`if (!socket.uid) {`
cover photo for groups, #2588 2015-01-12 20:34:15 -05:00			`return callback(new Error('[[error:no-privileges]]'));`
			`}`

			`groups.ownership.isOwner(socket.uid, data.groupName, function(err, isOwner) {`
			`if (!isOwner) {`
			`return callback(new Error('[[error:no-privileges]]'));`
			`}`

			`groups.updateCover(data, callback);`
			`});`
			`};`

Cover photo removal for groups, #3832 2015-11-06 10:50:14 -05:00			`SocketGroups.cover.remove = function(socket, data, callback) {`
			`if (!socket.uid) {`
			`return callback(new Error('[[error:no-privileges]]'));`
			`}`

			`groups.ownership.isOwner(socket.uid, data.groupName, function(err, isOwner) {`
			`if (!isOwner) {`
			`return callback(new Error('[[error:no-privileges]]'));`
			`}`

			`groups.removeCover(data, callback);`
			`});`
			`}`

added methods and socket listeners for group joining and leaving, #2588 2015-01-07 16:55:14 -05:00			`module.exports = SocketGroups;`