Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-31 11:05:54 +01:00
Code Issues Packages Projects Releases Wiki Activity

only allow users in the room to get raw message content

Browse Source
This commit is contained in:
barisusakli
2015-12-17 11:22:15 +02:00
parent f4e502c793
commit f71fd0a3ec
3 changed files with 17 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
public/src/client/chats.js
View File

@@ -64,7 +64,7 @@ define('forum/chats', ['components', 'string', 'sounds', 'forum/infinitescroll',
.on('click', '[data-action="edit"]', function() { .on('click', '[data-action="edit"]', function() {
var messageId = $(this).parents('[data-mid]').attr('data-mid'); var messageId = $(this).parents('[data-mid]').attr('data-mid');
var inputEl = components.get('chat/input'); var inputEl = components.get('chat/input');
Chats.prepEdit(inputEl, messageId); Chats.prepEdit(inputEl, messageId, ajaxify.data.roomId);
}) })
.on('click', '[data-action="delete"]', function() { .on('click', '[data-action="delete"]', function() {
var messageId = $(this).parents('[data-mid]').attr('data-mid'); var messageId = $(this).parents('[data-mid]').attr('data-mid');
@@ -106,13 +106,13 @@ define('forum/chats', ['components', 'string', 'sounds', 'forum/infinitescroll',
var lastMid = message.attr('data-mid'); var lastMid = message.attr('data-mid');
var inputEl = components.get('chat/input'); var inputEl = components.get('chat/input');
Chats.prepEdit(inputEl, lastMid); Chats.prepEdit(inputEl, lastMid, ajaxify.data.roomId);
} }
}); });
}; };
Chats.prepEdit = function(inputEl, messageId) { Chats.prepEdit = function(inputEl, messageId, roomId) {
socket.emit('modules.chats.getRaw', { mid: messageId }, function(err, raw) { socket.emit('modules.chats.getRaw', { mid: messageId, roomId: roomId }, function(err, raw) {
if (err) { if (err) {
return app.alertError(err.message); return app.alertError(err.message);
} }

2
public/src/modules/chat.js
View File

@@ -260,7 +260,7 @@ define('chat', ['components', 'taskbar', 'string', 'sounds', 'forum/chats', 'tra
.on('click', '[data-action="edit"]', function() { .on('click', '[data-action="edit"]', function() {
var messageId = $(this).parents('[data-mid]').attr('data-mid'); var messageId = $(this).parents('[data-mid]').attr('data-mid');
var inputEl = chatModal.find('[component="chat/input"]'); var inputEl = chatModal.find('[component="chat/input"]');
Chats.prepEdit(inputEl, messageId); Chats.prepEdit(inputEl, messageId, data.roomId);
}) })
.on('click', '[data-action="delete"]', function() { .on('click', '[data-action="delete"]', function() {
var messageId = $(this).parents('[data-mid]').attr('data-mid'); var messageId = $(this).parents('[data-mid]').attr('data-mid');

13
src/socket.io/modules.js
View File

@@ -34,8 +34,17 @@ SocketModules.chats.getRaw = function(socket, data, callback) {
if (!data || !data.hasOwnProperty('mid')) { if (!data || !data.hasOwnProperty('mid')) {
return callback(new Error('[[error:invalid-data]]')); return callback(new Error('[[error:invalid-data]]'));
} }
async.waterfall([
Messaging.getMessageField(data.mid, 'content', callback); function (next) {
Messaging.isUserInRoom(socket.uid, data.roomId, next);
},
function (inRoom, next) {
if (!inRoom) {
return next(new Error('[[error:not-allowed]]'));
}
Messaging.getMessageField(data.mid, 'content', next);
}
], callback);
}; };
SocketModules.chats.newRoom = function(socket, data, callback) { SocketModules.chats.newRoom = function(socket, data, callback) {