Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-09 07:25:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

moved upload route into API namespace

Browse Source
This commit is contained in:
barisusakli
2014-06-30 16:33:10 -04:00
parent b41b311d94
commit b8b6ae7b2f
4 changed files with 18 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
public/src/forum/account/edit.js
View File

@@ -125,7 +125,7 @@ define('forum/account/edit', ['forum/account/header', 'uploader'], function(head
$('#uploadPictureBtn').on('click', function() { $('#uploadPictureBtn').on('click', function() {
$('#change-picture-modal').modal('hide'); $('#change-picture-modal').modal('hide');
uploader.open(config.relative_path + '/user/uploadpicture', {uid: ajaxify.variables.get('theirid')}, config.maximumProfileImageSize, function(imageUrlOnServer) { uploader.open(config.relative_path + '/api/user/' + ajaxify.variables.get('userslug') + '/uploadpicture', {}, config.maximumProfileImageSize, function(imageUrlOnServer) {
imageUrlOnServer = imageUrlOnServer + '?' + new Date().getTime(); imageUrlOnServer = imageUrlOnServer + '?' + new Date().getTime();
$('#user-current-picture').attr('src', imageUrlOnServer); $('#user-current-picture').attr('src', imageUrlOnServer);

16
src/controllers/accounts.js
View File

@@ -407,26 +407,24 @@ accountsController.uploadPicture = function (req, res, next) {
image.convertImageToPng(req.files.userPhoto.path, extension, next); image.convertImageToPng(req.files.userPhoto.path, extension, next);
}, },
function(next) { function(next) {
try { user.getUidByUserslug(req.params.userslug, next);
var params = JSON.parse(req.body.params); },
if(parseInt(updateUid, 10) === parseInt(params.uid, 10)) { function(uid, next) {
if(parseInt(updateUid, 10) === parseInt(uid, 10)) {
return next(); return next();
} }
user.isAdministrator(req.user.uid, function(err, isAdmin) { user.isAdministrator(req.user.uid, function(err, isAdmin) {
if(err) { if (err) {
return next(err); return next(err);
} }
if(!isAdmin) { if (!isAdmin) {
return userNotAllowed(); return userNotAllowed();
} }
updateUid = params.uid; updateUid = uid;
next(); next();
}); });
} catch(err) {
next(err);
}
} }
], function(err, result) { ], function(err, result) {

2
src/middleware/middleware.js
View File

@@ -154,13 +154,11 @@ middleware.checkAccountPermissions = function(req, res, next) {
return res.redirect('/login?next=' + req.url); return res.redirect('/login?next=' + req.url);
} }
// this function requires userslug to be passed in. todo: /user/uploadpicture should pass in userslug I think
user.getUidByUserslug(req.params.userslug, function (err, uid) { user.getUidByUserslug(req.params.userslug, function (err, uid) {
if (err) { if (err) {
return next(err); return next(err);
} }
// not sure if this check really should belong here. also make sure we're not doing this check again in the actual method
if (!uid) { if (!uid) {
if (res.locals.isAPI) { if (res.locals.isAPI) {
return res.json(404, 'not-found'); return res.json(404, 'not-found');

4
src/routes/api.js
View File

@@ -188,9 +188,7 @@ module.exports = function(app, middleware, controllers) {
app.post('/post/upload', uploadPost); app.post('/post/upload', uploadPost);
app.post('/topic/thumb/upload', uploadThumb); app.post('/topic/thumb/upload', uploadThumb);
app.post('/user/:userslug/uploadpicture', middleware.authenticate, middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.uploadPicture);
}); });
// this should be in the API namespace
// also, perhaps pass in :userslug so we can use checkAccountPermissions middleware - in future will allow admins to upload a picture for a user
app.post('/user/uploadpicture', middleware.authenticate, middleware.checkGlobalPrivacySettings, /*middleware.checkAccountPermissions,*/ controllers.accounts.uploadPicture);
}; };