fix: change how admin middlewares are exported

src/middleware/admin.js

@@ -18,118 +18,114 @@ var controllers = {
 	helpers: require('../controllers/helpers'),
 };
 
-module.exports = function (middleware) {
+module.exports.buildHeader = helpers.try(async function (req, res, next) {
-	middleware.admin = {};
+	res.locals.renderAdminHeader = true;
+	res.locals.config = await controllers.api.loadConfig(req);
+	next();
+});
 
-	middleware.admin.buildHeader = helpers.try(async function (req, res, next) {
+module.exports.renderHeader = async (req, res, data) => {
-		res.locals.renderAdminHeader = true;
+	var custom_header = {
-		res.locals.config = await controllers.api.loadConfig(req);
+		plugins: [],
-		next();
+		authentication: [],
+	};
+	res.locals.config = res.locals.config || {};
+
+	const results = await utils.promiseParallel({
+		userData: user.getUserFields(req.uid, ['username', 'userslug', 'email', 'picture', 'email:confirmed']),
+		scripts: getAdminScripts(),
+		custom_header: plugins.fireHook('filter:admin.header.build', custom_header),
+		configs: meta.configs.list(),
+		latestVersion: getLatestVersion(),
+		privileges: privileges.admin.get(req.uid),
 	});
 
-	middleware.admin.renderHeader = async (req, res, data) => {
+	var userData = results.userData;
-		var custom_header = {
+	userData.uid = req.uid;
-			plugins: [],
+	userData['email:confirmed'] = userData['email:confirmed'] === 1;
-			authentication: [],
+	userData.privileges = results.privileges;
-		};
-		res.locals.config = res.locals.config || {};
 
-		const results = await utils.promiseParallel({
+	var acpPath = req.path.slice(1).split('/');
-			userData: user.getUserFields(req.uid, ['username', 'userslug', 'email', 'picture', 'email:confirmed']),
+	acpPath.forEach(function (path, i) {
-			scripts: getAdminScripts(),
+		acpPath[i] = path.charAt(0).toUpperCase() + path.slice(1);
-			custom_header: plugins.fireHook('filter:admin.header.build', custom_header),
+	});
-			configs: meta.configs.list(),
+	acpPath = acpPath.join(' > ');
-			latestVersion: getLatestVersion(),
-			privileges: privileges.admin.get(req.uid),
-		});
 
-		var userData = results.userData;
+	var version = nconf.get('version');
-		userData.uid = req.uid;
-		userData['email:confirmed'] = userData['email:confirmed'] === 1;
-		userData.privileges = results.privileges;
 
-		var acpPath = req.path.slice(1).split('/');
+	res.locals.config.userLang = res.locals.config.acpLang || res.locals.config.userLang;
-		acpPath.forEach(function (path, i) {
+	var templateValues = {
-			acpPath[i] = path.charAt(0).toUpperCase() + path.slice(1);
+		config: res.locals.config,
-		});
+		configJSON: jsesc(JSON.stringify(res.locals.config), { isScriptContext: true }),
-		acpPath = acpPath.join(' > ');
+		relative_path: res.locals.config.relative_path,
-
+		adminConfigJSON: encodeURIComponent(JSON.stringify(results.configs)),
-		var version = nconf.get('version');
+		user: userData,
-
+		userJSON: jsesc(JSON.stringify(userData), { isScriptContext: true }),
-		res.locals.config.userLang = res.locals.config.acpLang || res.locals.config.userLang;
+		plugins: results.custom_header.plugins,
-		var templateValues = {
+		authentication: results.custom_header.authentication,
-			config: res.locals.config,
+		scripts: results.scripts,
-			configJSON: jsesc(JSON.stringify(res.locals.config), { isScriptContext: true }),
+		'cache-buster': meta.config['cache-buster'] || '',
-			relative_path: res.locals.config.relative_path,
+		env: !!process.env.NODE_ENV,
-			adminConfigJSON: encodeURIComponent(JSON.stringify(results.configs)),
+		title: (acpPath || 'Dashboard') + ' | NodeBB Admin Control Panel',
-			user: userData,
+		bodyClass: data.bodyClass,
-			userJSON: jsesc(JSON.stringify(userData), { isScriptContext: true }),
+		version: version,
-			plugins: results.custom_header.plugins,
+		latestVersion: results.latestVersion,
-			authentication: results.custom_header.authentication,
+		upgradeAvailable: results.latestVersion && semver.gt(results.latestVersion, version),
-			scripts: results.scripts,
-			'cache-buster': meta.config['cache-buster'] || '',
-			env: !!process.env.NODE_ENV,
-			title: (acpPath || 'Dashboard') + ' | NodeBB Admin Control Panel',
-			bodyClass: data.bodyClass,
-			version: version,
-			latestVersion: results.latestVersion,
-			upgradeAvailable: results.latestVersion && semver.gt(results.latestVersion, version),
-		};
-
-		templateValues.template = { name: res.locals.template };
-		templateValues.template[res.locals.template] = true;
-
-		return await req.app.renderAsync('admin/header', templateValues);
 	};
 
-	async function getAdminScripts() {
+	templateValues.template = { name: res.locals.template };
-		const scripts = await plugins.fireHook('filter:admin.scripts.get', []);
+	templateValues.template[res.locals.template] = true;
-		return scripts.map(function (script) {
+
-			return { src: script };
+	return await req.app.renderAsync('admin/header', templateValues);
-		});
+};
+
+async function getAdminScripts() {
+	const scripts = await plugins.fireHook('filter:admin.scripts.get', []);
+	return scripts.map(function (script) {
+		return { src: script };
+	});
+}
+
+async function getLatestVersion() {
+	try {
+		const result = await versions.getLatestVersion();
+		return result;
+	} catch (err) {
+		winston.error('[acp] Failed to fetch latest version' + err.stack);
+	}
+	return null;
+}
+
+module.exports.renderFooter = async function (req, res, data) {
+	return await req.app.renderAsync('admin/footer', data);
+};
+
+module.exports.checkPrivileges = async (req, res, next) => {
+	// Kick out guests, obviously
+	if (!req.uid) {
+		return controllers.helpers.notAllowed(req, res);
 	}
 
-	async function getLatestVersion() {
+	// Users in "administrators" group are considered super admins
-		try {
+	const isAdmin = await user.isAdministrator(req.uid);
-			const result = await versions.getLatestVersion();
+	if (isAdmin) {
-			return result;
+		return next();
-		} catch (err) {
-			winston.error('[acp] Failed to fetch latest version' + err.stack);
-		}
-		return null;
 	}
 
-	middleware.admin.renderFooter = async function (req, res, data) {
+	// Otherwise, check for privilege based on page (if not in mapping, deny access)
-		return await req.app.renderAsync('admin/footer', data);
+	const path = req.path.replace(/^(\/api)?\/admin\/?/g, '');
-	};
+	if (path) {
-
+		const privilege = privileges.admin.resolve(path);
-	middleware.admin.checkPrivileges = async (req, res, next) => {
+		if (!privilege || !await privileges.admin.can(privilege, req.uid)) {
-		// Kick out guests, obviously
-		if (!req.uid) {
 			return controllers.helpers.notAllowed(req, res);
 		}
-
+	} else {
-		// Users in "administrators" group are considered super admins
+		// If accessing /admin, check for any valid admin privs
-		const isAdmin = await user.isAdministrator(req.uid);
+		const privilegeSet = await privileges.admin.get(req.uid);
-		if (isAdmin) {
+		if (!Object.values(privilegeSet).some(Boolean)) {
-			return next();
+			return controllers.helpers.notAllowed(req, res);
 		}
+	}
 
-		// Otherwise, check for privilege based on page (if not in mapping, deny access)
+	next();
-		const path = req.path.replace(/^(\/api)?\/admin\/?/g, '');
-		if (path) {
-			const privilege = privileges.admin.resolve(path);
-			if (!privilege || !await privileges.admin.can(privilege, req.uid)) {
-				return controllers.helpers.notAllowed(req, res);
-			}
-		} else {
-			// If accessing /admin, check for any valid admin privs
-			const privilegeSet = await privileges.admin.get(req.uid);
-			if (!Object.values(privilegeSet).some(Boolean)) {
-				return controllers.helpers.notAllowed(req, res);
-			}
-		}
-
-		next();
-	};
 };

src/middleware/index.js

@@ -51,7 +51,7 @@ middleware.applyCSRF = function (req, res, next) {
 
 middleware.ensureLoggedIn = ensureLoggedIn.ensureLoggedIn(nconf.get('relative_path') + '/login');
 
-require('./admin')(middleware);
+middleware.admin = require('./admin');
 require('./header')(middleware);
 require('./render')(middleware);
 require('./maintenance')(middleware);