Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-01 19:46:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

closes #1518

Browse Source
This commit is contained in:
barisusakli
2014-05-15 20:49:47 -04:00
parent 033364a2a9
commit b1aae05a08
19 changed files with 166 additions and 224 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
public/src/admin.js
View File

@@ -18,7 +18,7 @@ var admin = {};
} }
} }
}); });
}); });
}; };
$(function() { $(function() {

8
public/src/forum/admin/categories.js
View File

@@ -308,9 +308,11 @@ define(['uploader'], function(uploader) {
uid: uid, uid: uid,
privilege: privilege, privilege: privilege,
set: !anchorEl.hasClass('active') set: !anchorEl.hasClass('active')
}, function(err, privileges) { }, function(err) {
anchorEl.toggleClass('active', privileges[privilege]); if (err) {
return app.alertError(err.message);
}
anchorEl.toggleClass('active', !anchorEl.hasClass('active'));
Categories.refreshPrivilegeList(cid); Categories.refreshPrivilegeList(cid);
}); });
}); });

5
src/categories.js
View File

@@ -8,7 +8,6 @@ var db = require('./database'),
Groups = require('./groups'), Groups = require('./groups'),
topics = require('./topics'), topics = require('./topics'),
plugins = require('./plugins'), plugins = require('./plugins'),
CategoryTools = require('./categoryTools'),
meta = require('./meta'), meta = require('./meta'),
emitter = require('./emitter'), emitter = require('./emitter'),
validator = require('validator'), validator = require('validator'),
@@ -60,6 +59,10 @@ var db = require('./database'),
}); });
}; };
Categories.exists = function(cid, callback) {
db.isSortedSetMember('categories:cid', cid, callback);
};
Categories.getCategoryById = function(cid, start, end, uid, callback) { Categories.getCategoryById = function(cid, start, end, uid, callback) {
Categories.getCategoryData(cid, function(err, category) { Categories.getCategoryData(cid, function(err, category) {
if(err || !category) { if(err || !category) {

3
src/categories/recentreplies.js
View File

@@ -6,8 +6,7 @@ var async = require('async'),
db = require('./../database'), db = require('./../database'),
posts = require('./../posts'), posts = require('./../posts'),
topics = require('./../topics'), topics = require('./../topics');
CategoryTools = require('./../categoryTools');
module.exports = function(Categories) { module.exports = function(Categories) {
Categories.getRecentReplies = function(cid, uid, count, callback) { Categories.getRecentReplies = function(cid, uid, count, callback) {

135
src/categoryTools.js
View File

@@ -1,135 +0,0 @@
"use strict";
var Groups = require('./groups'),
User = require('./user'),
categories = require('./categories'),
async = require('async'),
db = require('./database');
var internals = {
isMember: function(key, candidate, next){
Groups.exists(key, function(err, exists) {
if (exists) {
Groups.isMember(candidate, key, next);
} else {
next(null, null);
}
});
},
isMemberOfGroupList: function(key, candidate, next){
Groups.exists(key, function(err, exists) {
if (exists) {
Groups.isMemberOfGroupList(candidate, key, next);
} else {
next(null, null);
}
});
}
};
var CategoryTools = {};
CategoryTools.exists = function(cid, callback) {
db.isSortedSetMember('categories:cid', cid, callback);
};
CategoryTools.privileges = function(cid, uid, callback) {
async.parallel({
"disabled": function(next) {
categories.getCategoryField(cid, 'disabled', next);
},
read: function(next) {
internals.isMember('cid:' + cid + ':privileges:read', uid, next);
},
"topics:create": function(next) {
internals.isMember('cid:' + cid + ':privileges:topics:create', uid, next);
},
"topics:reply": function(next) {
internals.isMember('cid:' + cid + ':privileges:topics:reply', uid, next);
},
"groups:read": function(next) {
internals.isMemberOfGroupList('cid:' + cid + ':privileges:groups:read', uid, next);
},
"groups:topics:create": function(next) {
internals.isMemberOfGroupList('cid:' + cid + ':privileges:groups:topics:create', uid, next);
},
"groups:topics:reply": function(next) {
internals.isMemberOfGroupList('cid:' + cid + ':privileges:groups:topics:reply', uid, next);
},
mods: function(next) {
User.isModerator(uid, cid, next);
},
admin: function(next) {
User.isAdministrator(uid, next);
}
}, function(err, privileges) {
if (privileges) {
privileges.meta = {
read: (
(
parseInt(privileges.disabled, 10) !== 1 &&
(
(privileges['read'] === null && privileges['groups:read'] === null) ||
privileges['read'] || privileges['groups:read']
)
) ||
privileges.mods ||
privileges.admin
),
"topics:create": (
(
parseInt(privileges.disabled, 10) !== 1 &&
(
(privileges['topics:create'] === null && privileges['groups:topics:create'] === null) ||
privileges['topics:create'] || privileges['groups:topics:create']
)
) ||
privileges.mods ||
privileges.admin
),
"topics:reply": (
(
parseInt(privileges.disabled, 10) !== 1 &&
(
(privileges['topics:reply'] === null && privileges['groups:topics:reply'] === null) ||
privileges['topics:reply'] || privileges['groups:topics:reply']
)
) ||
privileges.mods ||
privileges.admin
),
editable: privileges.mods || privileges.admin,
view_deleted: privileges.mods || privileges.admin
};
}
// console.log(privileges, cid, uid);
callback(err, privileges || null);
});
};
CategoryTools.groupPrivileges = function(cid, groupName, callback) {
async.parallel({
"groups:read":function(next) {
internals.isMember('cid:' + cid + ':privileges:groups:read', groupName, function(err, isMember){
next(err, !!isMember);
});
},
"groups:topics:create":function(next) {
internals.isMember('cid:' + cid + ':privileges:groups:topics:create', groupName, function(err, isMember){
next(err, !!isMember);
});
},
"groups:topics:reply":function(next) {
internals.isMember('cid:' + cid + ':privileges:groups:topics:reply', groupName, function(err, isMember){
next(err, !!isMember);
});
}
}, function(err, privileges) {
callback(err, privileges || null);
});
};
module.exports = CategoryTools;

18
src/controllers/categories.js
View File

@@ -4,7 +4,7 @@ var categoriesController = {},
async = require('async'), async = require('async'),
qs = require('querystring'), qs = require('querystring'),
nconf = require('nconf'), nconf = require('nconf'),
categoryTools = require('./../categoryTools'), privileges = require('../privileges'),
user = require('./../user'), user = require('./../user'),
categories = require('./../categories'), categories = require('./../categories'),
topics = require('./../topics'); topics = require('./../topics');
@@ -72,16 +72,16 @@ categoriesController.get = function(req, res, next) {
}); });
}, },
function(next) { function(next) {
categoryTools.privileges(cid, uid, function(err, categoryPrivileges) { privileges.categories.get(cid, uid, function(err, categoryPrivileges) {
if (err) { if (err) {
return next(err); return next(err);
} }
if (!categoryPrivileges.meta.read) { if (!categoryPrivileges.meta.read) {
next(new Error('[[error:no-privileges]]')); return next(new Error('[[error:no-privileges]]'));
} else {
next(null, categoryPrivileges);
} }
next(null, categoryPrivileges);
}); });
}, },
function (privileges, next) { function (privileges, next) {
@@ -152,14 +152,14 @@ categoriesController.get = function(req, res, next) {
} }
], function (err, data) { ], function (err, data) {
if (err) { if (err) {
if (err.message === 'not-enough-privileges') { if (err.message === '[[error:no-privileges]]') {
return res.redirect('403'); return res.locals.isAPI ? res.json(403, err.message) : res.redirect('403');
} else { } else {
return res.redirect('404'); return res.locals.isAPI ? res.json(404, 'not-found') : res.redirect('404');
} }
} }
if(data.link) { if (data.link) {
return res.redirect(data.link); return res.redirect(data.link);
} }

14
src/controllers/index.js
View File

@@ -17,7 +17,7 @@ var topicsController = require('./topics'),
topics = require('./../topics'), topics = require('./../topics'),
plugins = require('./../plugins'), plugins = require('./../plugins'),
categories = require('./../categories'), categories = require('./../categories'),
categoryTools = require('./../categoryTools'); privileges = require('../privileges');
@@ -69,12 +69,6 @@ Controllers.home = function(req, res, next) {
return !category.disabled; return !category.disabled;
}); });
function canSee(category, next) {
categoryTools.privileges(category.cid, ((req.user) ? req.user.uid || 0 : 0), function(err, privileges) {
next(!err && privileges.meta.read);
});
}
function getRecentReplies(category, callback) { function getRecentReplies(category, callback) {
categories.getRecentReplies(category.cid, uid, parseInt(category.numRecentReplies, 10), function (err, posts) { categories.getRecentReplies(category.cid, uid, parseInt(category.numRecentReplies, 10), function (err, posts) {
category.posts = posts; category.posts = posts;
@@ -83,7 +77,11 @@ Controllers.home = function(req, res, next) {
}); });
} }
async.filter(data.categories, canSee, function(visibleCategories) { async.filter(data.categories, function (category, next) {
privileges.categories.canRead(category.cid, uid, function(err, canRead) {
next(!err && canRead);
});
}, function(visibleCategories) {
data.categories = visibleCategories; data.categories = visibleCategories;
async.each(data.categories, getRecentReplies, function (err) { async.each(data.categories, getRecentReplies, function (err) {

2
src/controllers/topics.js
View File

@@ -147,7 +147,7 @@ topicsController.get = function(req, res, next) {
} }
], function (err, data) { ], function (err, data) {
if (err) { if (err) {
if (err.message === 'not-enough-privileges') { if (err.message === '[[error:no-privileges]]') {
return res.locals.isAPI ? res.json(403, err.message) : res.redirect('403'); return res.locals.isAPI ? res.json(403, err.message) : res.redirect('403');
} else { } else {
return res.locals.isAPI ? res.json(404, 'not-found') : res.redirect('404'); return res.locals.isAPI ? res.json(404, 'not-found') : res.redirect('404');

90
src/privileges/categories.js
View File

@@ -4,6 +4,7 @@
var async = require('async'), var async = require('async'),
user = require('../user'), user = require('../user'),
groups = require('../groups'),
helpers = require('./helpers'); helpers = require('./helpers');
@@ -11,6 +12,38 @@ module.exports = function(privileges) {
privileges.categories = {}; privileges.categories = {};
privileges.categories.get = function(cid, uid, callback) {
async.parallel({
'topics:create': function(next) {
helpers.allowedTo('topics:create', uid, cid, next);
},
read: function(next) {
helpers.allowedTo('read', uid, cid, next);
},
isAdministrator: function(next) {
user.isAdministrator(uid, next);
},
isModerator: function(next) {
user.isModerator(uid, cid, next);
}
}, function(err, results) {
if(err) {
return callback(err);
}
var editable = results.isAdministrator || results.isModerator;
callback(null, {
meta: {
'topics:create': results['topics:create'],
editable: editable,
view_deleted: editable,
read: results.read
}
});
});
};
privileges.categories.canRead = function(cid, uid, callback) { privileges.categories.canRead = function(cid, uid, callback) {
helpers.some([ helpers.some([
function(next) { function(next) {
@@ -25,4 +58,61 @@ module.exports = function(privileges) {
], callback); ], callback);
}; };
privileges.categories.canMoveAllTopics = function(currentCid, targetCid, uid, callback) {
async.parallel({
isAdministrator: function(next) {
user.isAdministrator(uid, next);
},
moderatorOfCurrent: function(next) {
user.isModerator(uid, currentCid, next);
},
moderatorOfTarget: function(next) {
user.isModerator(uid, targetCid, next);
}
}, function(err, results) {
if (err) {
return callback(err);
}
callback(null, results.isAdministrator || (results.moderatorOfCurrent && results.moderatorOfTarget));
});
};
privileges.categories.userPrivileges = function(cid, uid, callback) {
async.parallel({
read: function(next) {
helpers.isMember(groups.isMember, 'cid:' + cid + ':privileges:read', uid, next);
},
'topics:create': function(next) {
helpers.isMember(groups.isMember, 'cid:' + cid + ':privileges:topics:create', uid, next);
},
'topics:reply': function(next) {
helpers.isMember(groups.isMember, 'cid:' + cid + ':privileges:topics:reply', uid, next);
},
mods: function(next) {
user.isModerator(uid, cid, next);
}
}, callback);
};
privileges.categories.groupPrivileges = function(cid, groupName, callback) {
async.parallel({
'groups:read': function(next) {
helpers.isMember(groups.isMember, 'cid:' + cid + ':privileges:groups:read', groupName, function(err, isMember){
next(err, !!isMember);
});
},
'groups:topics:create': function(next) {
helpers.isMember(groups.isMember, 'cid:' + cid + ':privileges:groups:topics:create', groupName, function(err, isMember){
next(err, !!isMember);
});
},
'groups:topics:reply': function(next) {
helpers.isMember(groups.isMember, 'cid:' + cid + ':privileges:groups:topics:reply', groupName, function(err, isMember){
next(err, !!isMember);
});
}
}, callback);
};
}; };

6
src/privileges/helpers.js
View File

@@ -32,10 +32,10 @@ helpers.allowedTo = function(privilege, uid, cid, callback) {
async.parallel({ async.parallel({
hasUserPrivilege: function(next) { hasUserPrivilege: function(next) {
isMember(groups.isMember, 'cid:' + cid + ':privileges:' + privilege, uid, next); helpers.isMember(groups.isMember, 'cid:' + cid + ':privileges:' + privilege, uid, next);
}, },
hasGroupPrivilege: function(next) { hasGroupPrivilege: function(next) {
isMember(groups.isMemberOfGroupList, 'cid:' + cid + ':privileges:groups:' + privilege, uid, next); helpers.isMember(groups.isMemberOfGroupList, 'cid:' + cid + ':privileges:groups:' + privilege, uid, next);
}, },
}, function(err, results) { }, function(err, results) {
if (err) { if (err) {
@@ -47,7 +47,7 @@ helpers.allowedTo = function(privilege, uid, cid, callback) {
}); });
}; };
function isMember(method, group, uid, callback) { helpers.isMember = function(method, group, uid, callback) {
groups.exists(group, function(err, exists) { groups.exists(group, function(err, exists) {
if (err) { if (err) {
return callback(err); return callback(err);

14
src/privileges/topics.js
View File

@@ -65,6 +65,20 @@ module.exports = function(privileges) {
}); });
}; };
privileges.topics.canCreate = function(cid, uid, callback) {
helpers.some([
function(next) {
helpers.allowedTo('topics:create', uid, cid, next);
},
function(next) {
user.isModerator(uid, cid, next);
},
function(next) {
user.isAdministrator(uid, next);
}
], callback);
};
privileges.topics.canReply = function(tid, uid, callback) { privileges.topics.canReply = function(tid, uid, callback) {
topics.getTopicField(tid, 'cid', function(err, cid) { topics.getTopicField(tid, 'cid', function(err, cid) {
if (err) { if (err) {

9
src/routes/debug.js
View File

@@ -54,11 +54,10 @@ module.exports = function(app, middleware, controllers) {
}); });
app.get('/test', function(req, res) { app.get('/test', function(req, res) {
var tools = require('../categoryTools'); var privileges = require('../privileges');
tools.privileges(1, 2, function() { privileges.topics.get(1299, 1, function(err, result) {
console.log(arguments); res.json(result);
}) });
res.send(200);
}); });
}); });
}; };

1
src/socket.io/admin.js
View File

@@ -7,7 +7,6 @@ var groups = require('../groups'),
user = require('../user'), user = require('../user'),
topics = require('../topics'), topics = require('../topics'),
categories = require('../categories'), categories = require('../categories'),
CategoryTools = require('../categoryTools'),
logger = require('../logger'), logger = require('../logger'),
events = require('../events'), events = require('../events'),
db = require('../database'), db = require('../database'),

27
src/socket.io/admin/categories.js
View File

@@ -3,7 +3,7 @@
var groups = require('../../groups'), var groups = require('../../groups'),
user = require('../../user'), user = require('../../user'),
categories = require('../../categories'), categories = require('../../categories'),
categoryTools = require('../../categoryTools'), privileges = require('../../privileges'),
async = require('async'), async = require('async'),
Categories = {}; Categories = {};
@@ -32,8 +32,12 @@ Categories.search = function(socket, data, callback) {
cid = data.cid; cid = data.cid;
user.search(username, function(err, data) { user.search(username, function(err, data) {
if (err) {
return callback(err);
}
async.map(data.users, function(userObj, next) { async.map(data.users, function(userObj, next) {
categoryTools.privileges(cid, userObj.uid, function(err, privileges) { privileges.categories.userPrivileges(cid, userObj.uid, function(err, privileges) {
if(err) { if(err) {
return next(err); return next(err);
} }
@@ -50,22 +54,7 @@ Categories.setPrivilege = function(socket, data, callback) {
return callback(new Error('[[error:invalid-data]]')); return callback(new Error('[[error:invalid-data]]'));
} }
var cid = data.cid, groups[data.set ? 'join' : 'leave']('cid:' + data.cid + ':privileges:' + data.privilege, data.uid, callback);
uid = data.uid,
privilege = data.privilege,
set = data.set,
cb = function(err) {
if(err) {
return callback(err);
}
categoryTools.privileges(cid, uid, callback);
};
if (set) {
groups.join('cid:' + cid + ':privileges:' + privilege, uid, cb);
} else {
groups.leave('cid:' + cid + ':privileges:' + privilege, uid, cb);
}
}; };
Categories.getPrivilegeSettings = function(socket, cid, callback) { Categories.getPrivilegeSettings = function(socket, cid, callback) {
@@ -119,7 +108,7 @@ Categories.groupsList = function(socket, cid, callback) {
} }
async.map(data, function(groupObj, next) { async.map(data, function(groupObj, next) {
categoryTools.groupPrivileges(cid, groupObj.name, function(err, privileges) { privileges.categories.groupPrivileges(cid, groupObj.name, function(err, privileges) {
if(err) { if(err) {
return next(err); return next(err);
} }

8
src/socket.io/categories.js
View File

@@ -2,19 +2,19 @@
var async = require('async'), var async = require('async'),
categories = require('../categories'), categories = require('../categories'),
categoryTools = require('../categoryTools'), privileges = require('../privileges'),
meta = require('./../meta'), meta = require('./../meta'),
user = require('./../user'), user = require('./../user'),
SocketCategories = {}; SocketCategories = {};
SocketCategories.getRecentReplies = function(socket, cid, callback) { SocketCategories.getRecentReplies = function(socket, cid, callback) {
categoryTools.privileges(cid, socket.uid, function(err, privileges) { privileges.categories.canRead(cid, socket.uid, function(err, canRead) {
if (err) { if (err) {
return callback(err); return callback(err);
} }
if (!privileges || !privileges.meta.read) { if (!canRead) {
return callback(null, []); return callback(null, []);
} }
@@ -33,7 +33,7 @@ SocketCategories.loadMore = function(socket, data, callback) {
async.parallel({ async.parallel({
privileges: function(next) { privileges: function(next) {
categoryTools.privileges(data.cid, socket.uid, next); privileges.categories.get(data.cid, socket.uid, next);
}, },
settings: function(next) { settings: function(next) {
user.getSettings(socket.uid, next); user.getSettings(socket.uid, next);

18
src/socket.io/topics.js
View File

@@ -5,7 +5,6 @@ var topics = require('../topics'),
categories = require('../categories'), categories = require('../categories'),
privileges = require('../privileges'), privileges = require('../privileges'),
threadTools = require('../threadTools'), threadTools = require('../threadTools'),
categoryTools = require('../categoryTools'),
websockets = require('./index'), websockets = require('./index'),
user = require('../user'), user = require('../user'),
db = require('./../database'), db = require('./../database'),
@@ -275,20 +274,9 @@ SocketTopics.moveAll = function(socket, data, callback) {
return callback(new Error('[[error:invalid-data]]')); return callback(new Error('[[error:invalid-data]]'));
} }
async.parallel({ privileges.categories.canMoveAllTopics(data.currentCid, data.cid, data.uid, function(err, canMove) {
from: function(next) { if (err || canMove) {
categoryTools.privileges(data.currentCid, socket.uid, next); return callback(err || new Error('[[error:no-privileges]]'));
},
to: function(next) {
categoryTools.privileges(data.cid, socket.uid, next);
}
}, function(err, results) {
if (err) {
return callback(err);
}
if (!results.from.admin && (!results.from.mods || !results.to.mods)) {
return callback(new Error('[[error:no-privileges]]'));
} }
categories.getTopicIds(data.currentCid, 0, -1, function(err, tids) { categories.getTopicIds(data.currentCid, 0, -1, function(err, tids) {

1
src/threadTools.js
View File

@@ -7,7 +7,6 @@ var winston = require('winston'),
db = require('./database'), db = require('./database'),
topics = require('./topics'), topics = require('./topics'),
categories = require('./categories'), categories = require('./categories'),
CategoryTools = require('./categoryTools'),
user = require('./user'), user = require('./user'),
notifications = require('./notifications'), notifications = require('./notifications'),
posts = require('./posts'), posts = require('./posts'),

5
src/topics.js
View File

@@ -10,8 +10,6 @@ var async = require('async'),
plugins = require('./plugins'), plugins = require('./plugins'),
user = require('./user'), user = require('./user'),
categories = require('./categories'), categories = require('./categories'),
categoryTools = require('./categoryTools'),
threadTools = require('./threadTools'),
privileges = require('./privileges'); privileges = require('./privileges');
(function(Topics) { (function(Topics) {
@@ -23,7 +21,6 @@ var async = require('async'),
require('./topics/posts')(Topics); require('./topics/posts')(Topics);
require('./topics/follow')(Topics); require('./topics/follow')(Topics);
Topics.getTopicData = function(tid, callback) { Topics.getTopicData = function(tid, callback) {
Topics.getTopicsData([tid], function(err, topics) { Topics.getTopicsData([tid], function(err, topics) {
if (err) { if (err) {
@@ -200,7 +197,7 @@ var async = require('async'),
if (privilegeCache[topicData.cid]) { if (privilegeCache[topicData.cid]) {
return next(null, privilegeCache[topicData.cid]); return next(null, privilegeCache[topicData.cid]);
} }
categoryTools.privileges(topicData.cid, uid, next); privileges.categories.get(topicData.cid, uid, next);
}, },
categoryData: function(next) { categoryData: function(next) {
if (categoryCache[topicData.cid]) { if (categoryCache[topicData.cid]) {

24
src/topics/create.js
View File

@@ -2,15 +2,15 @@
'use strict'; 'use strict';
var async = require('async'), var async = require('async'),
db = require('./../database'), db = require('../database'),
utils = require('./../../public/src/utils'), utils = require('../../public/src/utils'),
plugins = require('./../plugins'), plugins = require('../plugins'),
user = require('./../user'), user = require('../user'),
meta = require('./../meta'), meta = require('../meta'),
posts = require('./../posts'), posts = require('../posts'),
threadTools = require('./../threadTools'), threadTools = require('../threadTools'),
privileges = require('../privileges'), privileges = require('../privileges'),
categoryTools = require('./../categoryTools'); categories = require('../categories');
module.exports = function(Topics) { module.exports = function(Topics) {
@@ -93,16 +93,16 @@ module.exports = function(Topics) {
}); });
}, },
function(next) { function(next) {
categoryTools.exists(cid, next); categories.exists(cid, next);
}, },
function(categoryExists, next) { function(categoryExists, next) {
if (!categoryExists) { if (!categoryExists) {
return next(new Error('[[error:no-category]]')); return next(new Error('[[error:no-category]]'));
} }
categoryTools.privileges(cid, uid, next); privileges.topics.canCreate(cid, uid, next);
}, },
function(privileges, next) { function(canCreate, next) {
if(!privileges.meta['topics:create']) { if(!canCreate) {
return next(new Error('[[error:no-privileges]]')); return next(new Error('[[error:no-privileges]]'));
} }
next(); next();