src/privileges/categories.js


'use strict';

var async = require('async');
var _ = require('lodash');

var categories = require('../categories');
var user = require('../user');
var groups = require('../groups');
var helpers = require('./helpers');
var plugins = require('../plugins');

module.exports = function (privileges) {
	privileges.categories = {};

	privileges.categories.list = function (cid, callback) {
		// Method used in admin/category controller to show all users/groups with privs in that given cid

		async.waterfall([
			function (next) {
				async.parallel({
					labels: function (next) {
						async.parallel({
							users: async.apply(plugins.fireHook, 'filter:privileges.list_human', privileges.privilegeLabels),
							groups: async.apply(plugins.fireHook, 'filter:privileges.groups.list_human', privileges.privilegeLabels),
						}, next);
					},
					users: function (next) {
						var userPrivileges;
						var memberSets;
						async.waterfall([
							async.apply(plugins.fireHook, 'filter:privileges.list', privileges.userPrivilegeList),
							function (_privs, next) {
								userPrivileges = _privs;
								groups.getMembersOfGroups(userPrivileges.map(function (privilege) {
									return 'cid:' + cid + ':privileges:' + privilege;
								}), next);
							},
							function (_memberSets, next) {
								memberSets = _memberSets.map(function (set) {
									return set.map(function (uid) {
										return parseInt(uid, 10);
									});
								});

								var members = _.uniq(_.flatten(memberSets));

								user.getUsersFields(members, ['picture', 'username'], next);
							},
							function (memberData, next) {
								memberData.forEach(function (member) {
									member.privileges = {};
									for (var x = 0, numPrivs = userPrivileges.length; x < numPrivs; x += 1) {
										member.privileges[userPrivileges[x]] = memberSets[x].indexOf(parseInt(member.uid, 10)) !== -1;
									}
								});

								next(null, memberData);
							},
						], next);
					},
					groups: function (next) {
						var groupPrivileges;
						async.waterfall([
							async.apply(plugins.fireHook, 'filter:privileges.groups.list', privileges.groupPrivilegeList),
							function (_privs, next) {
								groupPrivileges = _privs;
								async.parallel({
									memberSets: function (next) {
										groups.getMembersOfGroups(groupPrivileges.map(function (privilege) {
											return 'cid:' + cid + ':privileges:' + privilege;
										}), next);
									},
									groupNames: function (next) {
										groups.getGroups('groups:createtime', 0, -1, next);
									},
								}, next);
							},
							function (results, next) {
								var memberSets = results.memberSets;
								var uniqueGroups = _.uniq(_.flatten(memberSets));

								var groupNames = results.groupNames.filter(function (groupName) {
									return groupName.indexOf(':privileges:') === -1 && uniqueGroups.indexOf(groupName) !== -1;
								});

								groupNames = groups.ephemeralGroups.concat(groupNames);
								var registeredUsersIndex = groupNames.indexOf('registered-users');
								if (registeredUsersIndex !== -1) {
									groupNames.splice(0, 0, groupNames.splice(registeredUsersIndex, 1)[0]);
								} else {
									groupNames = ['registered-users'].concat(groupNames);
								}

								var adminIndex = groupNames.indexOf('administrators');
								if (adminIndex !== -1) {
									groupNames.splice(adminIndex, 1);
								}

								var memberPrivs;

								var memberData = groupNames.map(function (member) {
									memberPrivs = {};

									for (var x = 0, numPrivs = groupPrivileges.length; x < numPrivs; x += 1) {
										memberPrivs[groupPrivileges[x]] = memberSets[x].indexOf(member) !== -1;
									}
									return {
										name: member,
										privileges: memberPrivs,
									};
								});

								next(null, memberData);
							},
							function (memberData, next) {
								// Grab privacy info for the groups as well
								async.map(memberData, function (member, next) {
									async.waterfall([
										function (next) {
											groups.isPrivate(member.name, next);
										},
										function (isPrivate, next) {
											member.isPrivate = isPrivate;
											next(null, member);
										},
									], next);
								}, next);
							},
						], next);
					},
				}, next);
			},
			function (payload, next) {
				// This is a hack because I can't do {labels.users.length} to echo the count in templates.js
				payload.columnCount = payload.labels.users.length + 2;
				next(null, payload);
			},
		], callback);
	};

	privileges.categories.get = function (cid, uid, callback) {
		var privs = ['topics:create', 'topics:read', 'topics:tag', 'read'];
		async.waterfall([
			function (next) {
				async.parallel({
					privileges: function (next) {
						helpers.isUserAllowedTo(privs, uid, cid, next);
					},
					isAdministrator: function (next) {
						user.isAdministrator(uid, next);
					},
					isModerator: function (next) {
						user.isModerator(uid, cid, next);
					},
				}, next);
			},
			function (results, next) {
				var privData = _.zipObject(privs, results.privileges);
				var isAdminOrMod = results.isAdministrator || results.isModerator;

				plugins.fireHook('filter:privileges.categories.get', {
					'topics:create': privData['topics:create'] || isAdminOrMod,
					'topics:read': privData['topics:read'] || isAdminOrMod,
					'topics:tag': privData['topics:tag'] || isAdminOrMod,
					read: privData.read || isAdminOrMod,
					cid: cid,
					uid: uid,
					editable: isAdminOrMod,
					view_deleted: isAdminOrMod,
					isAdminOrMod: isAdminOrMod,
				}, next);
			},
		], callback);
	};

	privileges.categories.isAdminOrMod = function (cid, uid, callback) {
		if (!parseInt(uid, 10)) {
			return callback(null, false);
		}
		helpers.some([
			function (next) {
				user.isModerator(uid, cid, next);
			},
			function (next) {
				user.isAdministrator(uid, next);
			},
		], callback);
	};

	privileges.categories.isUserAllowedTo = function (privilege, cid, uid, callback) {
		if (!cid) {
			return callback(null, false);
		}
		helpers.isUserAllowedTo(privilege, uid, [cid], function (err, results) {
			callback(err, Array.isArray(results) && results.length ? results[0] : false);
		});
	};

	privileges.categories.can = function (privilege, cid, uid, callback) {
		if (!cid) {
			return callback(null, false);
		}

		async.waterfall([
			function (next) {
				categories.getCategoryField(cid, 'disabled', next);
			},
			function (disabled, next) {
				if (parseInt(disabled, 10) === 1) {
					return callback(null, false);
				}
				helpers.some([
					function (next) {
						helpers.isUserAllowedTo(privilege, uid, [cid], function (err, results) {
							next(err, Array.isArray(results) && results.length ? results[0] : false);
						});
					},
					function (next) {
						user.isModerator(uid, cid, next);
					},
					function (next) {
						user.isAdministrator(uid, next);
					},
				], next);
			},
		], callback);
	};

	privileges.categories.filterCids = function (privilege, cids, uid, callback) {
		if (!Array.isArray(cids) || !cids.length) {
			return callback(null, []);
		}

		cids = cids.filter(function (cid, index, array) {
			return array.indexOf(cid) === index;
		});

		async.waterfall([
			function (next) {
				privileges.categories.getBase(privilege, cids, uid, next);
			},
			function (results, next) {
				cids = cids.filter(function (cid, index) {
					return !results.categories[index].disabled &&
						(results.allowedTo[index] || results.isAdmin || results.isModerators[index]);
				});

				next(null, cids.filter(Boolean));
			},
		], callback);
	};

	privileges.categories.getBase = function (privilege, cids, uid, callback) {
		async.parallel({
			categories: function (next) {
				categories.getCategoriesFields(cids, ['disabled'], next);
			},
			allowedTo: function (next) {
				helpers.isUserAllowedTo(privilege, uid, cids, next);
			},
			isModerators: function (next) {
				user.isModerator(uid, cids, next);
			},
			isAdmin: function (next) {
				user.isAdministrator(uid, next);
			},
		}, callback);
	};

	privileges.categories.filterUids = function (privilege, cid, uids, callback) {
		if (!uids.length) {
			return callback(null, []);
		}

		uids = _.uniq(uids);

		async.waterfall([
			function (next) {
				async.parallel({
					allowedTo: function (next) {
						helpers.isUsersAllowedTo(privilege, uids, cid, next);
					},
					isModerators: function (next) {
						user.isModerator(uids, cid, next);
					},
					isAdmins: function (next) {
						user.isAdministrator(uids, next);
					},
				}, next);
			},
			function (results, next) {
				uids = uids.filter(function (uid, index) {
					return results.allowedTo[index] || results.isModerators[index] || results.isAdmins[index];
				});
				next(null, uids);
			},
		], callback);
	};

	privileges.categories.give = function (privileges, cid, groupName, callback) {
		giveOrRescind(groups.join, privileges, cid, groupName, callback);
	};

	privileges.categories.rescind = function (privileges, cid, groupName, callback) {
		giveOrRescind(groups.leave, privileges, cid, groupName, callback);
	};

	function giveOrRescind(method, privileges, cid, groupName, callback) {
		async.each(privileges, function (privilege, next) {
			method('cid:' + cid + ':privileges:groups:' + privilege, groupName, next);
		}, callback);
	}

	privileges.categories.canMoveAllTopics = function (currentCid, targetCid, uid, callback) {
		async.waterfall([
			function (next) {
				async.parallel({
					isAdministrator: function (next) {
						user.isAdministrator(uid, next);
					},
					moderatorOfCurrent: function (next) {
						user.isModerator(uid, currentCid, next);
					},
					moderatorOfTarget: function (next) {
						user.isModerator(uid, targetCid, next);
					},
				}, next);
			},
			function (results, next) {
				next(null, results.isAdministrator || (results.moderatorOfCurrent && results.moderatorOfTarget));
			},
		], callback);
	};

	privileges.categories.userPrivileges = function (cid, uid, callback) {
		var tasks = {};

		privileges.userPrivilegeList.forEach(function (privilege) {
			tasks[privilege] = async.apply(groups.isMember, uid, 'cid:' + cid + ':privileges:' + privilege);
		});

		async.parallel(tasks, callback);
	};

	privileges.categories.groupPrivileges = function (cid, groupName, callback) {
		var tasks = {};

		privileges.groupPrivilegeList.forEach(function (privilege) {
			tasks[privilege] = async.apply(groups.isMember, groupName, 'cid:' + cid + ':privileges:' + privilege);
		});

		async.parallel(tasks, callback);
	};
};
more work on #1518 still needs more work, category is next 2014-05-15 10:38:02 -04:00
			`'use strict';`

removed dupe privilegeList, added missing privilege to copyPrivsFrom 2016-06-08 10:37:46 +03:00			`var async = require('async');`
Switch from underscore to lodash 2017-05-26 01:39:40 -06:00			`var _ = require('lodash');`
more work on #1518 still needs more work, category is next 2014-05-15 10:38:02 -04:00
partially revert https://github.com/NodeBB/NodeBB/commit/fa9f1ac7fe26462febda07189203365e984a146d extending module.exports instead of overwriting fixes the issue 2016-08-27 12:58:08 +03:00			`var categories = require('../categories');`
			`var user = require('../user');`
			`var groups = require('../groups');`
removed dupe privilegeList, added missing privilege to copyPrivsFrom 2016-06-08 10:37:46 +03:00			`var helpers = require('./helpers');`
partially revert https://github.com/NodeBB/NodeBB/commit/fa9f1ac7fe26462febda07189203365e984a146d extending module.exports instead of overwriting fixes the issue 2016-08-27 12:58:08 +03:00			`var plugins = require('../plugins');`
more work on #1518 still needs more work, category is next 2014-05-15 10:38:02 -04:00
Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`module.exports = function (privileges) {`
more work on #1518 still needs more work, category is next 2014-05-15 10:38:02 -04:00			`privileges.categories = {};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`privileges.categories.list = function (cid, callback) {`
some priv cleanup 2015-09-15 19:21:24 -04:00			`// Method used in admin/category controller to show all users/groups with privs in that given cid`

privileges style changes 2017-05-25 21:17:20 -04:00			`async.waterfall([`
			`function (next) {`
a huge frickin' number of changes for #2887. This is part of #2463 2015-03-25 15:42:15 -04:00			`async.parallel({`
privileges style changes 2017-05-25 21:17:20 -04:00			`labels: function (next) {`
			`async.parallel({`
closes #5127 2017-06-16 14:25:40 -04:00			`users: async.apply(plugins.fireHook, 'filter:privileges.list_human', privileges.privilegeLabels),`
			`groups: async.apply(plugins.fireHook, 'filter:privileges.groups.list_human', privileges.privilegeLabels),`
privileges style changes 2017-05-25 21:17:20 -04:00			`}, next);`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`},`
privileges style changes 2017-05-25 21:17:20 -04:00			`users: function (next) {`
			`var userPrivileges;`
			`var memberSets;`
			`async.waterfall([`
			`async.apply(plugins.fireHook, 'filter:privileges.list', privileges.userPrivilegeList),`
			`function (_privs, next) {`
			`userPrivileges = _privs;`
			`groups.getMembersOfGroups(userPrivileges.map(function (privilege) {`
			`return 'cid:' + cid + ':privileges:' + privilege;`
			`}), next);`
			`},`
			`function (_memberSets, next) {`
			`memberSets = _memberSets.map(function (set) {`
			`return set.map(function (uid) {`
			`return parseInt(uid, 10);`
			`});`
			`});`

Switch from underscore to lodash 2017-05-26 01:39:40 -06:00			`var members = _.uniq(_.flatten(memberSets));`
privileges style changes 2017-05-25 21:17:20 -04:00
			`user.getUsersFields(members, ['picture', 'username'], next);`
			`},`
			`function (memberData, next) {`
			`memberData.forEach(function (member) {`
			`member.privileges = {};`
			`for (var x = 0, numPrivs = userPrivileges.length; x < numPrivs; x += 1) {`
			`member.privileges[userPrivileges[x]] = memberSets[x].indexOf(parseInt(member.uid, 10)) !== -1;`
			`}`
			`});`

			`next(null, memberData);`
			`},`
			`], next);`
a huge frickin' number of changes for #2887. This is part of #2463 2015-03-25 15:42:15 -04:00			`},`
privileges style changes 2017-05-25 21:17:20 -04:00			`groups: function (next) {`
			`var groupPrivileges;`
			`async.waterfall([`
			`async.apply(plugins.fireHook, 'filter:privileges.groups.list', privileges.groupPrivilegeList),`
			`function (_privs, next) {`
			`groupPrivileges = _privs;`
			`async.parallel({`
			`memberSets: function (next) {`
			`groups.getMembersOfGroups(groupPrivileges.map(function (privilege) {`
			`return 'cid:' + cid + ':privileges:' + privilege;`
			`}), next);`
			`},`
			`groupNames: function (next) {`
			`groups.getGroups('groups:createtime', 0, -1, next);`
			`},`
			`}, next);`
			`},`
			`function (results, next) {`
			`var memberSets = results.memberSets;`
Switch from underscore to lodash 2017-05-26 01:39:40 -06:00			`var uniqueGroups = _.uniq(_.flatten(memberSets));`
privileges style changes 2017-05-25 21:17:20 -04:00
			`var groupNames = results.groupNames.filter(function (groupName) {`
			`return groupName.indexOf(':privileges:') === -1 && uniqueGroups.indexOf(groupName) !== -1;`
			`});`

			`groupNames = groups.ephemeralGroups.concat(groupNames);`
			`var registeredUsersIndex = groupNames.indexOf('registered-users');`
			`if (registeredUsersIndex !== -1) {`
			`groupNames.splice(0, 0, groupNames.splice(registeredUsersIndex, 1)[0]);`
			`} else {`
			`groupNames = ['registered-users'].concat(groupNames);`
changed behaviour of privilege table so that groups without explicit privileges are not shown in the privilege table 2015-05-26 10:51:23 -04:00			`}`
privileges style changes 2017-05-25 21:17:20 -04:00
			`var adminIndex = groupNames.indexOf('administrators');`
			`if (adminIndex !== -1) {`
			`groupNames.splice(adminIndex, 1);`
updating groups access control so: 1. Guests can no longer receive the moderate bit 2. If you attempt to grant the moderate privilege to a public group, a confirmation modal appears 3. A lock icon is present next to all private groups 2015-03-28 11:20:43 -04:00			`}`

privileges style changes 2017-05-25 21:17:20 -04:00			`var memberPrivs;`

			`var memberData = groupNames.map(function (member) {`
			`memberPrivs = {};`

			`for (var x = 0, numPrivs = groupPrivileges.length; x < numPrivs; x += 1) {`
			`memberPrivs[groupPrivileges[x]] = memberSets[x].indexOf(member) !== -1;`
			`}`
			`return {`
			`name: member,`
			`privileges: memberPrivs,`
			`};`
			`});`

			`next(null, memberData);`
			`},`
			`function (memberData, next) {`
			`// Grab privacy info for the groups as well`
			`async.map(memberData, function (member, next) {`
			`async.waterfall([`
			`function (next) {`
			`groups.isPrivate(member.name, next);`
			`},`
			`function (isPrivate, next) {`
			`member.isPrivate = isPrivate;`
fix acp privilege page not loading 2017-05-28 01:06:26 -04:00			`next(null, member);`
privileges style changes 2017-05-25 21:17:20 -04:00			`},`
			`], next);`
			`}, next);`
			`},`
			`], next);`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`},`
privileges style changes 2017-05-25 21:17:20 -04:00			`}, next);`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`},`
privileges style changes 2017-05-25 21:17:20 -04:00			`function (payload, next) {`
			`// This is a hack because I can't do {labels.users.length} to echo the count in templates.js`
			`payload.columnCount = payload.labels.users.length + 2;`
			`next(null, payload);`
			`},`
			`], callback);`
a huge frickin' number of changes for #2887. This is part of #2463 2015-03-25 15:42:15 -04:00			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`privileges.categories.get = function (cid, uid, callback) {`
closes #5127 2017-06-16 14:25:40 -04:00			`var privs = ['topics:create', 'topics:read', 'topics:tag', 'read'];`
privileges tests 2017-03-03 21:04:01 +03:00			`async.waterfall([`
			`function (next) {`
			`async.parallel({`
			`privileges: function (next) {`
			`helpers.isUserAllowedTo(privs, uid, cid, next);`
			`},`
			`isAdministrator: function (next) {`
			`user.isAdministrator(uid, next);`
			`},`
			`isModerator: function (next) {`
			`user.isModerator(uid, cid, next);`
			`},`
			`}, next);`
closes #1518 2014-05-15 20:49:47 -04:00			`},`
privileges tests 2017-03-03 21:04:01 +03:00			`function (results, next) {`
Use zipObject, more test-related ignores 2017-05-29 11:23:25 -06:00			`var privData = _.zipObject(privs, results.privileges);`
privileges tests 2017-03-03 21:04:01 +03:00			`var isAdminOrMod = results.isAdministrator \|\| results.isModerator;`

			`plugins.fireHook('filter:privileges.categories.get', {`
			`'topics:create': privData['topics:create'] \|\| isAdminOrMod,`
			`'topics:read': privData['topics:read'] \|\| isAdminOrMod,`
closes #5127 2017-06-16 14:25:40 -04:00			`'topics:tag': privData['topics:tag'] \|\| isAdminOrMod,`
privileges tests 2017-03-03 21:04:01 +03:00			`read: privData.read \|\| isAdminOrMod,`
			`cid: cid,`
			`uid: uid,`
			`editable: isAdminOrMod,`
			`view_deleted: isAdminOrMod,`
			`isAdminOrMod: isAdminOrMod,`
			`}, next);`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`},`
privileges tests 2017-03-03 21:04:01 +03:00			`], callback);`
closes #1518 2014-05-15 20:49:47 -04:00			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`privileges.categories.isAdminOrMod = function (cid, uid, callback) {`
closes https://github.com/NodeBB/nodebb-theme-persona/issues/181 2015-10-28 15:10:27 -04:00			`if (!parseInt(uid, 10)) {`
			`return callback(null, false);`
			`}`
privilege fixes 2015-09-15 18:21:17 -04:00			`helpers.some([`
			`function (next) {`
			`user.isModerator(uid, cid, next);`
			`},`
			`function (next) {`
			`user.isAdministrator(uid, next);`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`},`
privilege fixes 2015-09-15 18:21:17 -04:00			`], callback);`
			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`privileges.categories.isUserAllowedTo = function (privilege, cid, uid, callback) {`
closes #2330 2015-09-16 08:35:40 -04:00			`if (!cid) {`
			`return callback(null, false);`
			`}`
Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`helpers.isUserAllowedTo(privilege, uid, [cid], function (err, results) {`
closes #2330 2015-09-16 08:35:40 -04:00			`callback(err, Array.isArray(results) && results.length ? results[0] : false);`
			`});`
			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`privileges.categories.can = function (privilege, cid, uid, callback) {`
api/post/pid route 2015-02-24 13:02:58 -05:00			`if (!cid) {`
			`return callback(null, false);`
			`}`
partially revert https://github.com/NodeBB/NodeBB/commit/fa9f1ac7fe26462febda07189203365e984a146d extending module.exports instead of overwriting fixes the issue 2016-08-27 12:58:08 +03:00
privileges tests 2017-03-03 21:04:01 +03:00			`async.waterfall([`
			`function (next) {`
			`categories.getCategoryField(cid, 'disabled', next);`
			`},`
			`function (disabled, next) {`
			`if (parseInt(disabled, 10) === 1) {`
			`return callback(null, false);`
			`}`
			`helpers.some([`
			`function (next) {`
			`helpers.isUserAllowedTo(privilege, uid, [cid], function (err, results) {`
			`next(err, Array.isArray(results) && results.length ? results[0] : false);`
			`});`
			`},`
			`function (next) {`
			`user.isModerator(uid, cid, next);`
			`},`
			`function (next) {`
			`user.isAdministrator(uid, next);`
			`},`
			`], next);`
			`},`
			`], callback);`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 2014-07-29 21:51:46 -04:00			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`privileges.categories.filterCids = function (privilege, cids, uid, callback) {`
fix moderators 2014-11-09 00:33:26 -05:00			`if (!Array.isArray(cids) \|\| !cids.length) {`
early outs for privs no need to check if empty array is passed in, happens if there are no unread topics remove dupe cids before checking for privileges 2014-07-31 17:29:20 -04:00			`return callback(null, []);`
			`}`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`cids = cids.filter(function (cid, index, array) {`
early outs for privs no need to check if empty array is passed in, happens if there are no unread topics remove dupe cids before checking for privileges 2014-07-31 17:29:20 -04:00			`return array.indexOf(cid) === index;`
			`});`

privileges tests 2017-03-03 21:04:01 +03:00			`async.waterfall([`
			`function (next) {`
			`privileges.categories.getBase(privilege, cids, uid, next);`
			`},`
			`function (results, next) {`
			`cids = cids.filter(function (cid, index) {`
			`return !results.categories[index].disabled &&`
			`(results.allowedTo[index] \|\| results.isAdmin \|\| results.isModerators[index]);`
			`});`
closes #4499 2016-04-29 20:35:49 +03:00
privileges tests 2017-03-03 21:04:01 +03:00			`next(null, cids.filter(Boolean));`
			`},`
			`], callback);`
closes #4499 2016-04-29 20:35:49 +03:00			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`privileges.categories.getBase = function (privilege, cids, uid, callback) {`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 2014-07-29 21:51:46 -04:00			`async.parallel({`
Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`categories: function (next) {`
more refactors 2015-09-25 17:38:58 -04:00			`categories.getCategoriesFields(cids, ['disabled'], next);`
closes #2777 2015-02-25 14:17:30 -05:00			`},`
Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`allowedTo: function (next) {`
added filterUids method to privileges used to filter uids on a single category 2014-09-09 15:19:57 -04:00			`helpers.isUserAllowedTo(privilege, uid, cids, next);`
added new privilege "find", added guest meta group, closed #1282 2014-05-16 15:47:04 -04:00			`},`
Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`isModerators: function (next) {`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 2014-07-29 21:51:46 -04:00			`user.isModerator(uid, cids, next);`
added new privilege "find", added guest meta group, closed #1282 2014-05-16 15:47:04 -04:00			`},`
Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`isAdmin: function (next) {`
added new privilege "find", added guest meta group, closed #1282 2014-05-16 15:47:04 -04:00			`user.isAdministrator(uid, next);`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`},`
closes #4499 2016-04-29 20:35:49 +03:00			`}, callback);`
added new privilege "find", added guest meta group, closed #1282 2014-05-16 15:47:04 -04:00			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`privileges.categories.filterUids = function (privilege, cid, uids, callback) {`
added filterUids method to privileges used to filter uids on a single category 2014-09-09 15:19:57 -04:00			`if (!uids.length) {`
			`return callback(null, []);`
			`}`

switch .filter to uniq 2017-06-25 19:05:13 -04:00			`uids = _.uniq(uids);`
partially revert https://github.com/NodeBB/NodeBB/commit/fa9f1ac7fe26462febda07189203365e984a146d extending module.exports instead of overwriting fixes the issue 2016-08-27 12:58:08 +03:00
privileges tests 2017-03-03 21:04:01 +03:00			`async.waterfall([`
			`function (next) {`
			`async.parallel({`
			`allowedTo: function (next) {`
			`helpers.isUsersAllowedTo(privilege, uids, cid, next);`
			`},`
			`isModerators: function (next) {`
			`user.isModerator(uids, cid, next);`
			`},`
switch .filter to uniq 2017-06-25 19:05:13 -04:00			`isAdmins: function (next) {`
privileges tests 2017-03-03 21:04:01 +03:00			`user.isAdministrator(uids, next);`
			`},`
			`}, next);`
added filterUids method to privileges used to filter uids on a single category 2014-09-09 15:19:57 -04:00			`},`
privileges tests 2017-03-03 21:04:01 +03:00			`function (results, next) {`
			`uids = uids.filter(function (uid, index) {`
switch .filter to uniq 2017-06-25 19:05:13 -04:00			`return results.allowedTo[index] \|\| results.isModerators[index] \|\| results.isAdmins[index];`
privileges tests 2017-03-03 21:04:01 +03:00			`});`
			`next(null, uids);`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`},`
privileges tests 2017-03-03 21:04:01 +03:00			`], callback);`
added filterUids method to privileges used to filter uids on a single category 2014-09-09 15:19:57 -04:00			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`privileges.categories.give = function (privileges, cid, groupName, callback) {`
fix tests 2015-09-27 15:21:23 -04:00			`giveOrRescind(groups.join, privileges, cid, groupName, callback);`
on category creation give defaults privs to admins and registered users 2014-11-11 22:58:34 -05:00			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`privileges.categories.rescind = function (privileges, cid, groupName, callback) {`
fix tests 2015-09-27 15:21:23 -04:00			`giveOrRescind(groups.leave, privileges, cid, groupName, callback);`
remove dupe 2015-09-27 15:02:04 -04:00			`};`

			`function giveOrRescind(method, privileges, cid, groupName, callback) {`
Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`async.each(privileges, function (privilege, next) {`
remove dupe 2015-09-27 15:02:04 -04:00			`method('cid:' + cid + ':privileges:groups:' + privilege, groupName, next);`
category privilege rescinding 2015-01-16 17:03:05 -05:00			`}, callback);`
remove dupe 2015-09-27 15:02:04 -04:00			`}`
category privilege rescinding 2015-01-16 17:03:05 -05:00
Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`privileges.categories.canMoveAllTopics = function (currentCid, targetCid, uid, callback) {`
privileges tests 2017-03-03 21:04:01 +03:00			`async.waterfall([`
			`function (next) {`
			`async.parallel({`
			`isAdministrator: function (next) {`
			`user.isAdministrator(uid, next);`
			`},`
			`moderatorOfCurrent: function (next) {`
			`user.isModerator(uid, currentCid, next);`
			`},`
			`moderatorOfTarget: function (next) {`
			`user.isModerator(uid, targetCid, next);`
			`},`
			`}, next);`
closes #1518 2014-05-15 20:49:47 -04:00			`},`
privileges tests 2017-03-03 21:04:01 +03:00			`function (results, next) {`
			`next(null, results.isAdministrator \|\| (results.moderatorOfCurrent && results.moderatorOfTarget));`
ESlint comma-dangle 2017-02-17 19:31:21 -07:00			`},`
privileges tests 2017-03-03 21:04:01 +03:00			`], callback);`
closes #1518 2014-05-15 20:49:47 -04:00			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`privileges.categories.userPrivileges = function (cid, uid, callback) {`
refactor userPrivileges and groupPrivileges 2017-06-15 14:02:51 -04:00			`var tasks = {};`

			`privileges.userPrivilegeList.forEach(function (privilege) {`
			`tasks[privilege] = async.apply(groups.isMember, uid, 'cid:' + cid + ':privileges:' + privilege);`
			`});`

			`async.parallel(tasks, callback);`
closes #1518 2014-05-15 20:49:47 -04:00			`};`

Fix space-before-function-paren linter rule 2016-10-13 11:43:39 +02:00			`privileges.categories.groupPrivileges = function (cid, groupName, callback) {`
refactor userPrivileges and groupPrivileges 2017-06-15 14:02:51 -04:00			`var tasks = {};`

			`privileges.groupPrivilegeList.forEach(function (privilege) {`
			`tasks[privilege] = async.apply(groups.isMember, groupName, 'cid:' + cid + ':privileges:' + privilege);`
			`});`

			`async.parallel(tasks, callback);`
closes #1518 2014-05-15 20:49:47 -04:00			`};`
ESlint eol-last 2017-02-18 02:30:48 -07:00			`};`