Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-01 11:35:55 +01:00
Code Issues Packages Projects Releases Wiki Activity

closes #4194

Browse Source
This commit is contained in:
Barış Soner Uşaklı
2016-02-16 18:04:02 +02:00
parent 82875de32d
commit 88e4591f88
8 changed files with 78 additions and 74 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
public/src/client/account/edit.js
View File

@@ -78,6 +78,7 @@ define('forum/account/edit', ['forum/account/header', 'uploader', 'translator'],
if (err) {
return app.alertError(err.message);
}
templates.parse('partials/modals/change_picture_modal', {
pictures: pictures,
uploaded: !!ajaxify.data.uploadedpicture,
@@ -191,7 +192,6 @@ define('forum/account/edit', ['forum/account/header', 'uploader', 'translator'],
$('#user-current-picture, img.avatar').attr('src', urlOnServer);
updateHeader(urlOnServer);
uploadedPicture = urlOnServer;
ajaxify.refresh();
}
function onRemoveComplete(urlOnServer) {

2
public/src/modules/uploader.js
View File

@@ -58,7 +58,7 @@ define('uploader', ['csrf', 'translator'], function(csrf, translator) {
},
error: function(xhr) {
xhr = maybeParse(xhr);
showAlert('error', xhr.responseJSON ? xhr.responseJSON.error : 'error uploading, code : ' + xhr.status);
showAlert('error', xhr.responseJSON ? (xhr.responseJSON.error || xhr.statusText) : 'error uploading, code : ' + xhr.status);
},
uploadProgress: function(event, position, total, percent) {

26
src/controllers/accounts/edit.js
View File

@@ -25,6 +25,7 @@ editController.get = function(req, res, callback) {
userData.allowProfileImageUploads = parseInt(meta.config.allowProfileImageUploads) === 1;
userData.allowAccountDelete = parseInt(meta.config.allowAccountDelete, 10) === 1;
userData.title = '[[pages:account/edit, ' + userData.username + ']]';
userData.breadcrumbs = helpers.buildBreadcrumbs([{text: userData.username, url: '/user/' + userData.userslug}, {text: '[[user:edit]]'}]);
@@ -94,30 +95,25 @@ function getUserData(req, next, callback) {
editController.uploadPicture = function (req, res, next) {
var userPhoto = req.files.files[0];
var updateUid = req.uid;
var updateUid;
async.waterfall([
function(next) {
user.getUidByUserslug(req.params.userslug, next);
},
function(uid, next) {
if (parseInt(updateUid, 10) === parseInt(uid, 10)) {
return next();
updateUid = uid;
if (parseInt(req.uid, 10) === parseInt(uid, 10)) {
return next(null, true);
}
user.isAdministrator(req.uid, function(err, isAdmin) {
if (err) {
return next(err);
}
if (!isAdmin) {
return helpers.notAllowed(req, res);
}
updateUid = uid;
next();
});
user.isAdminOrGlobalMod(req.uid, next);
},
function(next) {
function(isAllowed, next) {
if (!isAllowed) {
return helpers.notAllowed(req, res);
}
user.uploadPicture(updateUid, userPhoto, next);
}
], function(err, image) {

19
src/controllers/accounts/helpers.js
View File

@@ -57,23 +57,24 @@ helpers.getUserDataByUserSlug = function(userslug, callerUID, callback) {
var userData = results.userData;
var userSettings = results.userSettings;
var isAdmin = results.isAdmin;
var isGlobalModerator = results.isGlobalModerator;
var self = parseInt(callerUID, 10) === parseInt(userData.uid, 10);
userData.joindateISO = utils.toISOString(userData.joindate);
userData.lastonlineISO = utils.toISOString(userData.lastonline || userData.joindate);
userData.age = Math.max(0, userData.birthday ? Math.floor((new Date().getTime() - new Date(userData.birthday).getTime()) / 31536000000) : 0);
if (!(isAdmin || self || (userData.email && userSettings.showemail))) {
if (!(isAdmin || isGlobalModerator || self || (userData.email && userSettings.showemail))) {
userData.email = '';
}
userData.emailClass = (self && !userSettings.showemail) ? '' : 'hide';
if (!isAdmin && !self && !userSettings.showfullname) {
if (!isAdmin && !isGlobalModerator && !self && !userSettings.showfullname) {
userData.fullname = '';
}
if (isAdmin || self) {
if (isAdmin || isGlobalModerator || self) {
userData.ips = results.ips;
}
@@ -81,10 +82,11 @@ helpers.getUserDataByUserSlug = function(userslug, callerUID, callback) {
userData.yourid = callerUID;
userData.theirid = userData.uid;
userData.isAdmin = isAdmin;
userData.isGlobalModerator = results.isGlobalModerator;
userData.canBan = isAdmin || results.isGlobalModerator;
userData.isGlobalModerator = isGlobalModerator;
userData.canBan = isAdmin || isGlobalModerator;
userData.canChangePassword = isAdmin || self;
userData.isSelf = self;
userData.showHidden = self || isAdmin;
userData.showHidden = self || isAdmin || isGlobalModerator;
userData.groups = Array.isArray(results.groups) && results.groups.length ? results.groups[0] : [];
userData.disableSignatures = meta.config.disableSignatures !== undefined && parseInt(meta.config.disableSignatures, 10) === 1;
userData['email:confirmed'] = !!parseInt(userData['email:confirmed'], 10);
@@ -133,6 +135,9 @@ helpers.getBaseUser = function(userslug, callerUID, callback) {
isAdmin: function(next) {
user.isAdministrator(callerUID, next);
},
isGlobalModerator: function(next) {
user.isGlobalModerator(callerUID, next);
},
profile_links: function(next) {
plugins.fireHook('filter:user.profileLinks', [], next);
}
@@ -147,7 +152,7 @@ helpers.getBaseUser = function(userslug, callerUID, callback) {
results.user.theirid = results.user.uid;
results.user.status = user.getStatus(results.user);
results.user.isSelf = parseInt(callerUID, 10) === parseInt(results.user.uid, 10);
results.user.showHidden = results.user.isSelf || results.isAdmin;
results.user.showHidden = results.user.isSelf || results.isAdmin || results.isGlobalModerator;
results.user.profile_links = filterLinks(results.profile_links, results.user.isSelf);
results.user['cover:url'] = results.user['cover:url'] || require('../../coverPhoto').getDefaultProfileCover(results.user.uid);

2
src/middleware/middleware.js
View File

@@ -145,7 +145,7 @@ middleware.checkAccountPermissions = function(req, res, next) {
return next(null, true);
}
user.isAdministrator(req.uid, next);
user.isAdminOrGlobalMod(req.uid, next);
}
], function (err, allowed) {
if (err || allowed) {

18
src/socket.io/user.js
View File

@@ -188,12 +188,20 @@ SocketUser.saveSettings = function(socket, data, callback) {
return callback(new Error('[[error:invalid-data]]'));
}
user.isAdminOrSelf(socket.uid, data.uid, function(err) {
if (err) {
return callback(err);
async.waterfall([
function(next) {
if (socket.uid === parseInt(data.uid, 10)) {
return next(null, true);
}
user.isAdminOrGlobalMod(socket.uid, next);
},
function(allowed, next) {
if (!allowed) {
return next(new Error('[[error:no-privileges]]'));
}
user.saveSettings(data.uid, data.settings, next);
}
user.saveSettings(data.uid, data.settings, callback);
});
], callback);
};
SocketUser.setTopicSort = function(socket, sort, callback) {

10
src/socket.io/user/profile.js
View File

@@ -122,18 +122,18 @@ module.exports = function(SocketUser) {
return next(new Error('[[error:invalid-data]]'));
}
user.isAdministrator(socket.uid, next);
user.isAdminOrGlobalMod(socket.uid, next);
},
function(isAdmin, next) {
if (!isAdmin && socket.uid !== parseInt(data.uid, 10)) {
function(isAdminOrGlobalMod, next) {
if (!isAdminOrGlobalMod && socket.uid !== parseInt(data.uid, 10)) {
return next(new Error('[[error:no-privileges]]'));
}
if (!isAdmin && parseInt(meta.config['username:disableEdit'], 10) === 1) {
if (!isAdminOrGlobalMod && parseInt(meta.config['username:disableEdit'], 10) === 1) {
data.username = oldUserData.username;
}
if (!isAdmin && parseInt(meta.config['email:disableEdit'], 10) === 1) {
if (!isAdminOrGlobalMod && parseInt(meta.config['email:disableEdit'], 10) === 1) {
data.email = oldUserData.email;
}

73
src/user/picture.js
View File

@@ -25,6 +25,7 @@ module.exports = function(User) {
var updateUid = uid;
var imageDimension = parseInt(meta.config.profileImageDimension, 10) || 128;
var convertToPNG = parseInt(meta.config['profile:convertProfileImageToPNG'], 10) === 1;
var uploadedImage;
async.waterfall([
function(next) {
@@ -53,48 +54,42 @@ module.exports = function(User) {
} else {
next();
}
}
], function(err) {
function done(err, image) {
if (err) {
return callback(err);
},
function(next) {
if (plugins.hasListeners('filter:uploadImage')) {
return plugins.fireHook('filter:uploadImage', {image: picture, uid: updateUid}, next);
}
User.setUserFields(updateUid, {uploadedpicture: image.url, picture: image.url});
var filename = updateUid + '-profileimg' + (convertToPNG ? '.png' : extension);
callback(null, image);
async.waterfall([
function(next) {
User.getUserField(updateUid, 'uploadedpicture', next);
},
function(oldpicture, next) {
if (!oldpicture) {
return file.saveFileToLocal(filename, 'profile', picture.path, next);
}
var oldpicturePath = path.join(nconf.get('base_dir'), nconf.get('upload_path'), 'profile', path.basename(oldpicture));
fs.unlink(oldpicturePath, function (err) {
if (err) {
winston.error(err);
}
file.saveFileToLocal(filename, 'profile', picture.path, next);
});
},
], next);
},
function(_image, next) {
uploadedImage = _image;
User.setUserFields(updateUid, {uploadedpicture: uploadedImage.url, picture: uploadedImage.url}, next);
},
function(next) {
next(null, uploadedImage);
}
if (err) {
return callback(err);
}
if (plugins.hasListeners('filter:uploadImage')) {
return plugins.fireHook('filter:uploadImage', {image: picture, uid: updateUid}, done);
}
var filename = updateUid + '-profileimg' + (convertToPNG ? '.png' : extension);
User.getUserField(updateUid, 'uploadedpicture', function (err, oldpicture) {
if (err) {
return callback(err);
}
if (!oldpicture) {
return file.saveFileToLocal(filename, 'profile', picture.path, done);
}
var absolutePath = path.join(nconf.get('base_dir'), nconf.get('upload_path'), 'profile', path.basename(oldpicture));
fs.unlink(absolutePath, function (err) {
if (err) {
winston.error(err);
}
file.saveFileToLocal(filename, 'profile', picture.path, done);
});
});
});
], callback);
};
User.uploadFromUrl = function(uid, url, callback) {
@@ -135,7 +130,7 @@ module.exports = function(User) {
};
User.updateCoverPicture = function(data, callback) {
var tempPath, url, md5sum;
var url, md5sum;
if (!data.imageData && data.position) {
return User.updateCoverPosition(data.uid, data.position, callback);