make sure user is admin/mod before forking

2025-11-01 03:26:04 +01:00 · 2015-09-01 12:38:26 -04:00
parent f9575efaf0
commit ffff8093ba
3 changed files with 41 additions and 34 deletions
--- a/src/topics/fork.js
+++ b/src/topics/fork.js
@@ -6,6 +6,7 @@ var async = require('async'),
 	db = require('../database'),
 	user = require('../user'),
 	posts = require('../posts'),
 	privileges = require('../privileges'),
 	postTools = require('../postTools'),
@@ -32,37 +33,33 @@ module.exports = function(Topics) {
 			return a - b;
 		});
 		var mainPid = pids[0];
-
+		var cid;
-		async.parallel({
+		var tid;
-			postData: function(callback) {
+		async.waterfall([
-				posts.getPostData(mainPid, callback);
+			function(next) {
 				posts.getCidByPid(mainPid, next);
 			},
-			cid: function(callback) {
+			function(_cid, next) {
-				posts.getCidByPid(mainPid, callback);
+				cid = _cid;
 				async.parallel({
 					postData: function(next) {
 						posts.getPostData(mainPid, next);
 					},
 					isAdmin: function(next) {
 						user.isAdministrator(uid, next);
 					},
 					isModerator: function(next) {
 						user.isModerator(uid, cid, next);
 					}
-		}, function(err, results) {
+				}, next);
-			if (err) {
+			},
-				return callback(err);
+			function(results, next) {
 				if (!results.isAdmin && !results.isModerator) {
 					return next(new Error('[[error:no-privileges]]'));
 				}
-
+				Topics.create({uid: results.postData.uid, title: title, cid: cid}, next);
-			Topics.create({uid: results.postData.uid, title: title, cid: results.cid}, function(err, tid) {
+			},
-				if (err) {
+			function(_tid, next) {
 					return callback(err);
 				}
 				async.eachSeries(pids, move, function(err) {
 					if (err) {
 						return callback(err);
 					}
 					Topics.updateTimestamp(tid, Date.now(), function(err) {
 						if (err) {
 							return callback(err);
 						}
 						Topics.getTopicData(tid, callback);
 					});
 				});
 				function move(pid, next) {
 					privileges.posts.canEdit(pid, uid, function(err, canEdit) {
 						if(err || !canEdit) {
@@ -72,8 +69,16 @@ module.exports = function(Topics) {
 						Topics.movePostToTopic(pid, tid, next);
 					});
 				}
-			});
+				tid = _tid;
-		});
+				async.eachSeries(pids, move, next);
 			},
 			function(next) {
 				Topics.updateTimestamp(tid, Date.now(), next);
 			},
 			function(next) {
 				Topics.getTopicData(tid, next);
 			}
 		], callback);
 	};
 	Topics.movePostToTopic = function(pid, tid, callback) {
--- a/src/topics/recent.js
+++ b/src/topics/recent.js
@@ -47,7 +47,9 @@ module.exports = function(Topics) {
 			function(next) {
 				Topics.setTopicField(tid, 'lastposttime', timestamp, next);
 			}
-		], callback);
+		], function(err, results) {
 			callback(err);
 		});
 	};
 	Topics.updateRecent = function(tid, timestamp, callback) {