securing settings.save socket listeners behind admin namespace

2025-10-31 19:15:58 +01:00 · 2014-03-17 10:48:30 -04:00
parent c1ccc81400
commit 14a0b45ae8
3 changed files with 23 additions and 33 deletions
--- a/public/src/modules/settings.js
+++ b/public/src/modules/settings.js
@@ -17,7 +17,7 @@ define(function() {
 	var Settings = {};

 	Settings.load = function(hash, formEl) {
-		socket.emit('modules.settings.get', {
+		socket.emit('admin.settings.get', {
 			hash: hash
 		}, function(err, values) {
 			if (!err) {
@@ -33,7 +33,7 @@ define(function() {
 		if (formEl.length) {
 			var	values = formEl.serializeObject();

-			socket.emit('modules.settings.set', {
+			socket.emit('admin.settings.set', {
 				hash: hash,
 				values: values
 			}, function(err) {
--- a/src/socket.io/admin.js
+++ b/src/socket.io/admin.js
@@ -19,7 +19,17 @@ var	groups = require('../groups'),
 	winston = require('winston'),
 	index = require('./index'),

-	SocketAdmin = {};
+	SocketAdmin = {
+		topics: {},
+		user: {},
+		categories: {},
+		themes: {},
+		plugins: {},
+		widgets: {},
+		config: {},
+		groups: {},
+		settings: {}
+	};

 SocketAdmin.before = function(socket, next) {
 	// Verify administrative privileges
@@ -61,9 +71,6 @@ SocketAdmin.getVisitorCount = function(socket, data, callback) {
 }

 /* Topics */
-
-SocketAdmin.topics = {};
-
 SocketAdmin.topics.getMore = function(socket, data, callback) {
 	if(!data) {
 		return callback(new Error('invalid data'));
@@ -76,9 +83,6 @@ SocketAdmin.topics.getMore = function(socket, data, callback) {
 };

 /* User */
-
-SocketAdmin.user = {};
-
 SocketAdmin.user.makeAdmin = function(socket, theirid) {
 	admin.user.makeAdmin(socket.uid, theirid, socket);
 };
@@ -136,9 +140,6 @@ SocketAdmin.user.search = function(socket, username, callback) {
 };

 /* Categories */
-
-SocketAdmin.categories = {};
-
 SocketAdmin.categories.create = function(socket, data, callback) {
 	if(!data) {
 		return callback(new Error('invalid data'));
@@ -290,11 +291,6 @@ SocketAdmin.categories.groupsList = function(socket, cid, callback) {
 };

 /* Themes, Widgets, and Plugins */
-
-SocketAdmin.themes = {};
-SocketAdmin.plugins = {};
-SocketAdmin.widgets = {};
-
 SocketAdmin.themes.getInstalled = function(socket, data, callback) {
 	meta.themes.get(callback);
 };
@@ -325,9 +321,6 @@ SocketAdmin.widgets.set = function(socket, data, callback) {
 };

 /* Configs */
-
-SocketAdmin.config = {};
-
 SocketAdmin.config.get = function(socket, data, callback) {
 	meta.configs.list(callback);
 };
@@ -358,9 +351,6 @@ SocketAdmin.config.remove = function(socket, key) {
 };

 /* Groups */
-
-SocketAdmin.groups = {};
-
 SocketAdmin.groups.create = function(socket, data, callback) {
 	if(!data) {
 		return callback(new Error('invalid data'));
@@ -409,4 +399,14 @@ SocketAdmin.groups.update = function(socket, data, callback) {
 	});
 };

+/* Settings */
+SocketAdmin.settings.get = function(socket, data, callback) {
+	meta.settings.get(data.hash, callback);
+};
+
+SocketAdmin.settings.set = function(socket, data, callback) {
+	console.log('setting', data);
+	meta.settings.set(data.hash, data.values, callback);
+};
+
 module.exports = SocketAdmin;
--- a/src/socket.io/modules.js
+++ b/src/socket.io/modules.js
@@ -245,14 +245,4 @@ SocketModules.sounds.getMapping = function(socket, data, callback) {
 	meta.sounds.getMapping(callback);
 };

-/* Settings */
-SocketModules.settings.get = function(socket, data, callback) {
-	meta.settings.get(data.hash, callback);
-};
-
-SocketModules.settings.set = function(socket, data, callback) {
-	console.log('setting', data);
-	meta.settings.set(data.hash, data.values, callback);
-};
-
 module.exports = SocketModules;