Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-02 03:55:55 +01:00
Code Issues Packages Projects Releases Wiki Activity

#2032

Browse Source
This commit is contained in:
barisusakli
2014-09-18 17:22:20 -04:00
parent 8f916ed066
commit 55cbaf6a19
2 changed files with 41 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
src/controllers/categories.js
View File

@@ -108,11 +108,11 @@ categoriesController.get = function(req, res, next) {
}, },
function(results, next) { function(results, next) {
if (!results.exists || parseInt(results.disabled, 10) === 1) { if (!results.exists || parseInt(results.disabled, 10) === 1) {
return notFound(req, res); return categoriesController.notFound(req, res);
} }
if (!results.privileges.read) { if (!results.privileges.read) {
return notAllowed(req, res); return categoriesController.notAllowed(req, res);
} }
var settings = results.userSettings; var settings = results.userSettings;
@@ -215,11 +215,11 @@ categoriesController.get = function(req, res, next) {
}); });
}; };
function notFound(req, res) { categoriesController.notFound = function(req, res) {
res.locals.isAPI ? res.json(404, 'not-found') : res.redirect(nconf.get('relative_path') + '/404'); res.locals.isAPI ? res.json(404, 'not-found') : res.redirect(nconf.get('relative_path') + '/404');
} };
function notAllowed(req, res) { categoriesController.notAllowed = function(req, res) {
var uid = req.user ? req.user.uid : 0; var uid = req.user ? req.user.uid : 0;
if (uid) { if (uid) {
res.locals.isAPI ? res.json(403, 'not-allowed') : res.redirect(nconf.get('relative_path') + '/403'); res.locals.isAPI ? res.json(403, 'not-allowed') : res.redirect(nconf.get('relative_path') + '/403');
@@ -231,6 +231,6 @@ function notAllowed(req, res) {
res.redirect(nconf.get('relative_path') + '/login'); res.redirect(nconf.get('relative_path') + '/login');
} }
} }
} };
module.exports = categoriesController; module.exports = categoriesController;

58
src/controllers/topics.js
View File

@@ -6,12 +6,13 @@ var topicsController = {},
validator = require('validator'), validator = require('validator'),
nconf = require('nconf'), nconf = require('nconf'),
qs = require('querystring'), qs = require('querystring'),
user = require('./../user'), user = require('../user'),
meta = require('./../meta'), meta = require('../meta'),
topics = require('./../topics'), topics = require('../topics'),
posts = require('../posts'), posts = require('../posts'),
privileges = require('../privileges'), privileges = require('../privileges'),
utils = require('./../../public/src/utils'); categoriesController = require('./categories'),
utils = require('../../public/src/utils');
topicsController.get = function(req, res, next) { topicsController.get = function(req, res, next) {
var tid = req.params.topic_id, var tid = req.params.topic_id,
@@ -22,16 +23,10 @@ topicsController.get = function(req, res, next) {
async.waterfall([ async.waterfall([
function (next) { function (next) {
privileges.topics.get(tid, uid, next);
},
function (privileges, next) {
if (!privileges.read || privileges.disabled) {
return next(new Error('[[error:no-privileges]]'));
}
userPrivileges = privileges;
async.parallel({ async.parallel({
privileges: function(next) {
privileges.topics.get(tid, uid, next);
},
postCount: function(next) { postCount: function(next) {
topics.getPostCount(tid, next); topics.getPostCount(tid, next);
}, },
@@ -41,6 +36,16 @@ topicsController.get = function(req, res, next) {
}, next); }, next);
}, },
function (results, next) { function (results, next) {
userPrivileges = results.privileges;
if (userPrivileges.disabled) {
return categoriesController.notFound(req, res);
}
if (!userPrivileges.read) {
return categoriesController.notAllowed(req, res);
}
var settings = results.settings; var settings = results.settings;
var postCount = parseInt(results.postCount, 10) + 1; var postCount = parseInt(results.postCount, 10) + 1;
var set = 'tid:' + tid + ':posts', var set = 'tid:' + tid + ':posts',
@@ -82,16 +87,22 @@ topicsController.get = function(req, res, next) {
end = start + settings.postsPerPage - 1; end = start + settings.postsPerPage - 1;
topics.getTopicWithPosts(tid, set, uid, start, end, reverse, function (err, topicData) { topics.getTopicWithPosts(tid, set, uid, start, end, reverse, function (err, topicData) {
if (topicData) { if (err && err.message === '[[error:no-topic]]' && !topicData) {
if (topicData.deleted && !userPrivileges.view_deleted) { return categoriesController.notFound(req, res);
return next(new Error('[[error:no-topic]]'));
}
topicData.currentPage = page;
if(page > 1) {
topicData.posts.splice(0, 1);
}
} }
next(err, topicData); if (err && !topicData) {
return next(err);
}
if (topicData.deleted && !userPrivileges.view_deleted) {
return categoriesController.notAllowed(req, res);
}
topicData.currentPage = page;
if(page > 1) {
topicData.posts.splice(0, 1);
}
next(null, topicData);
}); });
}, },
function (topicData, next) { function (topicData, next) {
@@ -191,7 +202,7 @@ topicsController.get = function(req, res, next) {
} }
], function (err, data) { ], function (err, data) {
if (err) { if (err) {
return res.locals.isAPI ? res.json(404, 'not-found') : res.redirect(nconf.get('relative_path') + '/404'); return next(err);
} }
data.privileges = userPrivileges; data.privileges = userPrivileges;
@@ -214,6 +225,7 @@ topicsController.get = function(req, res, next) {
active: x === parseInt(page, 10) active: x === parseInt(page, 10)
}); });
} }
res.render('topic', data); res.render('topic', data);
}); });
}; };