Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-08 23:15:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

check privs on getRecentReplies and getRecentTopicReplies

Browse Source
This commit is contained in:
barisusakli
2014-11-14 16:20:36 -05:00
parent c7ca2e2573
commit 6a3a3669d2
2 changed files with 30 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
src/categories/recentreplies.js
View File

@@ -7,20 +7,23 @@ var async = require('async'),
db = require('../database'), db = require('../database'),
posts = require('../posts'), posts = require('../posts'),
topics = require('../topics'); topics = require('../topics'),
privileges = require('../privileges');
module.exports = function(Categories) { module.exports = function(Categories) {
Categories.getRecentReplies = function(cid, uid, count, callback) { Categories.getRecentReplies = function(cid, uid, count, callback) {
if (!parseInt(count, 10)) { privileges.categories.can('read', cid, uid, function(err, canRead) {
return callback(null, []); if (err || !canRead || !parseInt(count, 10)) {
}
db.getSortedSetRevRange('cid:' + cid + ':pids', 0, count - 1, function(err, pids) {
if (err || !pids || !pids.length) {
return callback(err, []); return callback(err, []);
} }
posts.getPostSummaryByPids(pids, uid, {stripTags: true}, callback); db.getSortedSetRevRange('cid:' + cid + ':pids', 0, count - 1, function(err, pids) {
if (err || !Array.isArray(pids) || !pids.length) {
return callback(err, []);
}
posts.getPostSummaryByPids(pids, uid, {stripTags: true}, callback);
});
}); });
}; };
@@ -28,29 +31,29 @@ module.exports = function(Categories) {
if (!Array.isArray(categoryData) || !categoryData.length) { if (!Array.isArray(categoryData) || !categoryData.length) {
return callback(null, []); return callback(null, []);
} }
async.map(categoryData, getRecentTopicPids, function(err, results) {
if (err) {
return callback(err);
}
var pids = _.flatten(results); async.waterfall([
function(next) {
pids = pids.filter(function(pid, index, array) { async.map(categoryData, getRecentTopicPids, next);
return !!pid && array.indexOf(pid) === index; },
}); function(results, next) {
var pids = _.flatten(results);
posts.getPostSummaryByPids(pids, uid, {stripTags: true}, function(err, posts) {
if (err) {
return callback(err);
}
pids = pids.filter(function(pid, index, array) {
return !!pid && array.indexOf(pid) === index;
});
privileges.posts.filter('read', pids, uid, next);
},
function(pids, next) {
posts.getPostSummaryByPids(pids, uid, {stripTags: true}, next);
},
function(posts, next) {
categoryData.forEach(function(category) { categoryData.forEach(function(category) {
assignPostsToCategory(category, posts); assignPostsToCategory(category, posts);
}); });
next();
callback(); }
}); ], callback);
});
}; };
function assignPostsToCategory(category, posts) { function assignPostsToCategory(category, posts) {

12
src/socket.io/categories.js
View File

@@ -11,17 +11,7 @@ var async = require('async'),
SocketCategories = {}; SocketCategories = {};
SocketCategories.getRecentReplies = function(socket, cid, callback) { SocketCategories.getRecentReplies = function(socket, cid, callback) {
privileges.categories.can('read', cid, socket.uid, function(err, canRead) { categories.getRecentReplies(cid, socket.uid, 4, callback);
if (err) {
return callback(err);
}
if (!canRead) {
return callback(null, []);
}
categories.getRecentReplies(cid, socket.uid, 4, callback);
});
}; };
SocketCategories.get = function(socket, data, callback) { SocketCategories.get = function(socket, data, callback) {