nodebb/src/privileges/posts.js


'use strict';

var async = require('async');
var _ = require('lodash');

var meta = require('../meta');
var posts = require('../posts');
var topics = require('../topics');
var user = require('../user');
var helpers = require('./helpers');
var plugins = require('../plugins');
var utils = require('../utils');

module.exports = function (privileges) {
	privileges.posts = {};

	privileges.posts.get = function (pids, uid, callback) {
		if (!Array.isArray(pids) || !pids.length) {
			return callback(null, []);
		}

		async.waterfall([
			function (next) {
				posts.getCidsByPids(pids, next);
			},
			function (cids, next) {
				async.parallel({
					isAdmin: async.apply(user.isAdministrator, uid),
					isModerator: async.apply(user.isModerator, uid, cids),
					isOwner: async.apply(posts.isOwner, pids, uid),
					'topics:read': async.apply(helpers.isUserAllowedTo, 'topics:read', uid, cids),
					read: async.apply(helpers.isUserAllowedTo, 'read', uid, cids),
					'posts:edit': async.apply(helpers.isUserAllowedTo, 'posts:edit', uid, cids),
					'posts:view_deleted': async.apply(helpers.isUserAllowedTo, 'posts:view_deleted', uid, cids),
				}, next);
			},
			function (results, next) {
				var privileges = pids.map(function (pid, i) {
					var isAdminOrMod = results.isAdmin || results.isModerator[i];
					var editable = isAdminOrMod || (results.isOwner[i] && results['posts:edit'][i]);
					var viewDeletedPosts = isAdminOrMod || (results.isOwner[i] && results['posts:view_deleted'][i]);

					return {
						editable: editable,
						view_deleted: editable,
						move: isAdminOrMod,
						isAdminOrMod: isAdminOrMod,
						'topics:read': results['topics:read'][i] || isAdminOrMod,
						read: results.read[i] || isAdminOrMod,
						'posts:view_deleted': viewDeletedPosts,
					};
				});

				next(null, privileges);
			},
		], callback);
	};

	privileges.posts.can = function (privilege, pid, uid, callback) {
		async.waterfall([
			function (next) {
				posts.getCidByPid(pid, next);
			},
			function (cid, next) {
				privileges.categories.can(privilege, cid, uid, next);
			},
		], callback);
	};

	privileges.posts.filter = function (privilege, pids, uid, callback) {
		if (!Array.isArray(pids) || !pids.length) {
			return callback(null, []);
		}
		var cids;
		var postData;
		var tids;
		var tidToTopic = {};

		pids = _.uniq(pids);

		async.waterfall([
			function (next) {
				posts.getPostsFields(pids, ['uid', 'tid', 'deleted'], next);
			},
			function (_posts, next) {
				postData = _posts;
				tids = _.uniq(_posts.map(function (post) {
					return post && post.tid;
				}).filter(Boolean));

				topics.getTopicsFields(tids, ['deleted', 'cid'], next);
			},
			function (topicData, next) {
				topicData.forEach(function (topic, index) {
					if (topic) {
						tidToTopic[tids[index]] = topic;
					}
				});

				cids = postData.map(function (post, index) {
					if (post) {
						post.pid = pids[index];
						post.topic = tidToTopic[post.tid];
					}
					return tidToTopic[post.tid] && tidToTopic[post.tid].cid;
				}).filter(function (cid, index, array) {
					return cid && array.indexOf(cid) === index;
				});

				privileges.categories.getBase(privilege, cids, uid, next);
			},
			function (results, next) {
				var isModOf = {};
				cids = cids.filter(function (cid, index) {
					isModOf[cid] = results.isModerators[index];
					return !results.categories[index].disabled &&
						(results.allowedTo[index] || results.isAdmin || results.isModerators[index]);
				});


				pids = postData.filter(function (post) {
					return post.topic && cids.indexOf(post.topic.cid) !== -1 &&
						((parseInt(post.topic.deleted, 10) !== 1 && parseInt(post.deleted, 10) !== 1) || results.isAdmin || isModOf[post.cid]);
				}).map(function (post) {
					return post.pid;
				});

				plugins.fireHook('filter:privileges.posts.filter', {
					privilege: privilege,
					uid: uid,
					pids: pids,
				}, function (err, data) {
					next(err, data ? data.pids : null);
				});
			},
		], callback);
	};

	privileges.posts.canEdit = function (pid, uid, callback) {
		async.waterfall([
			function (next) {
				async.parallel({
					isEditable: async.apply(isPostEditable, pid, uid),
					isAdminOrMod: async.apply(isAdminOrMod, pid, uid),
				}, next);
			},
			function (results, next) {
				if (results.isAdminOrMod) {
					return next(null, { flag: true });
				}

				next(null, results.isEditable);
			},
		], callback);
	};

	privileges.posts.canDelete = function (pid, uid, callback) {
		var postData;
		async.waterfall([
			function (next) {
				posts.getPostFields(pid, ['uid', 'tid', 'timestamp', 'deleterUid'], next);
			},
			function (_postData, next) {
				postData = _postData;
				async.parallel({
					isAdminOrMod: async.apply(isAdminOrMod, pid, uid),
					isLocked: async.apply(topics.isLocked, postData.tid),
					isOwner: async.apply(posts.isOwner, pid, uid),
					'posts:delete': async.apply(privileges.posts.can, 'posts:delete', pid, uid),
				}, next);
			},
			function (results, next) {
				if (results.isAdminOrMod) {
					return next(null, { flag: true });
				}

				if (results.isLocked) {
					return next(null, { flag: false, message: '[[error:topic-locked]]' });
				}

				if (!results['posts:delete']) {
					return next(null, { flag: false, message: '[[error:no-privileges]]' });
				}

				var postDeleteDuration = parseInt(meta.config.postDeleteDuration, 10);
				if (postDeleteDuration && (Date.now() - parseInt(postData.timestamp, 10) > postDeleteDuration * 1000)) {
					return next(null, { flag: false, message: '[[error:post-delete-duration-expired, ' + meta.config.postDeleteDuration + ']]' });
				}
				var deleterUid = parseInt(postData.deleterUid, 10) || 0;
				var flag = results.isOwner && (deleterUid === 0 || deleterUid === parseInt(postData.uid, 10));
				next(null, { flag: flag, message: '[[error:no-privileges]]' });
			},
		], callback);
	};

	privileges.posts.canFlag = function (pid, uid, callback) {
		async.waterfall([
			function (next) {
				async.parallel({
					userReputation: async.apply(user.getUserField, uid, 'reputation'),
					isAdminOrMod: async.apply(isAdminOrMod, pid, uid),
				}, next);
			},
			function (results, next) {
				var minimumReputation = utils.isNumber(meta.config['min:rep:flag']) ? parseInt(meta.config['min:rep:flag'], 10) : 0;
				var canFlag = results.isAdminOrMod || parseInt(results.userReputation, 10) >= minimumReputation;
				next(null, { flag: canFlag });
			},
		], callback);
	};

	privileges.posts.canMove = function (pid, uid, callback) {
		async.waterfall([
			function (next) {
				posts.isMain(pid, next);
			},
			function (isMain, next) {
				if (isMain) {
					return next(new Error('[[error:cant-move-mainpost]]'));
				}
				isAdminOrMod(pid, uid, next);
			},
		], callback);
	};

	privileges.posts.canPurge = function (pid, uid, callback) {
		async.waterfall([
			function (next) {
				posts.getCidByPid(pid, next);
			},
			function (cid, next) {
				async.parallel({
					purge: async.apply(privileges.categories.isUserAllowedTo, 'purge', cid, uid),
					owner: async.apply(posts.isOwner, pid, uid),
					isAdminOrMod: async.apply(privileges.categories.isAdminOrMod, cid, uid),
				}, next);
			},
			function (results, next) {
				next(null, results.isAdminOrMod || (results.purge && results.owner));
			},
		], callback);
	};

	function isPostEditable(pid, uid, callback) {
		async.waterfall([
			function (next) {
				posts.getPostFields(pid, ['tid', 'timestamp'], next);
			},
			function (postData, next) {
				var postEditDuration = parseInt(meta.config.postEditDuration, 10);
				if (postEditDuration && Date.now() - parseInt(postData.timestamp, 10) > postEditDuration * 1000) {
					return callback(null, { flag: false, message: '[[error:post-edit-duration-expired, ' + meta.config.postEditDuration + ']]' });
				}
				topics.isLocked(postData.tid, next);
			},
			function (isLocked, next) {
				if (isLocked) {
					return callback(null, { flag: false, message: '[[error:topic-locked]]' });
				}

				async.parallel({
					owner: async.apply(posts.isOwner, pid, uid),
					edit: async.apply(privileges.posts.can, 'posts:edit', pid, uid),
				}, next);
			},
			function (result, next) {
				next(null, { flag: result.owner && result.edit, message: '[[error:no-privileges]]' });
			},
		], callback);
	}

	function isAdminOrMod(pid, uid, callback) {
		helpers.some([
			function (next) {
				async.waterfall([
					function (next) {
						posts.getCidByPid(pid, next);
					},
					function (cid, next) {
						user.isModerator(uid, cid, next);
					},
				], next);
			},
			function (next) {
				user.isAdministrator(uid, next);
			},
		], callback);
	}
};
first pass for #1518 this only handles postTools privileges, topic and category will follow 11 years ago
			`'use strict';`

remove unused code 9 years ago			`var async = require('async');`
use _.uniq 8 years ago			`var _ = require('lodash');`
remove unused code 9 years ago
partially revert https://github.com/NodeBB/NodeBB/commit/fa9f1ac7fe26462febda07189203365e984a146d extending module.exports instead of overwriting fixes the issue 9 years ago			`var meta = require('../meta');`
			`var posts = require('../posts');`
			`var topics = require('../topics');`
			`var user = require('../user');`
remove unused code 9 years ago			`var helpers = require('./helpers');`
partially revert https://github.com/NodeBB/NodeBB/commit/fa9f1ac7fe26462febda07189203365e984a146d extending module.exports instead of overwriting fixes the issue 9 years ago			`var plugins = require('../plugins');`
closes #5885 8 years ago			`var utils = require('../utils');`
first pass for #1518 this only handles postTools privileges, topic and category will follow 11 years ago
Fix space-before-function-paren linter rule 8 years ago			`module.exports = function (privileges) {`
first pass for #1518 this only handles postTools privileges, topic and category will follow 11 years ago			`privileges.posts = {};`

Fix space-before-function-paren linter rule 8 years ago			`privileges.posts.get = function (pids, uid, callback) {`
crash fix 11 years ago			`if (!Array.isArray(pids) \|\| !pids.length) {`
			`return callback(null, []);`
			`}`
partially revert https://github.com/NodeBB/NodeBB/commit/fa9f1ac7fe26462febda07189203365e984a146d extending module.exports instead of overwriting fixes the issue 9 years ago
closes #4810 9 years ago			`async.waterfall([`
Fix space-before-function-paren linter rule 8 years ago			`function (next) {`
closes #4810 9 years ago			`posts.getCidsByPids(pids, next);`
closes #2904 10 years ago			`},`
Fix space-before-function-paren linter rule 8 years ago			`function (cids, next) {`
closes #4810 9 years ago			`async.parallel({`
			`isAdmin: async.apply(user.isAdministrator, uid),`
show deleted replies like regular deleted posts 8 years ago			`isModerator: async.apply(user.isModerator, uid, cids),`
closes #4810 9 years ago			`isOwner: async.apply(posts.isOwner, pids, uid),`
			`'topics:read': async.apply(helpers.isUserAllowedTo, 'topics:read', uid, cids),`
			`read: async.apply(helpers.isUserAllowedTo, 'read', uid, cids),`
see NodeBB/NodeBB#4909 9 years ago			`'posts:edit': async.apply(helpers.isUserAllowedTo, 'posts:edit', uid, cids),`
closes #6562 7 years ago			`'posts:view_deleted': async.apply(helpers.isUserAllowedTo, 'posts:view_deleted', uid, cids),`
closes #4810 9 years ago			`}, next);`
ESlint comma-dangle 8 years ago			`},`
privileges style changes 8 years ago			`function (results, next) {`
			`var privileges = pids.map(function (pid, i) {`
			`var isAdminOrMod = results.isAdmin \|\| results.isModerator[i];`
			`var editable = isAdminOrMod \|\| (results.isOwner[i] && results['posts:edit'][i]);`
closes #6562 7 years ago			`var viewDeletedPosts = isAdminOrMod \|\| (results.isOwner[i] && results['posts:view_deleted'][i]);`
privileges style changes 8 years ago
			`return {`
			`editable: editable,`
			`view_deleted: editable,`
			`move: isAdminOrMod,`
			`isAdminOrMod: isAdminOrMod,`
			`'topics:read': results['topics:read'][i] \|\| isAdminOrMod,`
			`read: results.read[i] \|\| isAdminOrMod,`
closes #6562 7 years ago			`'posts:view_deleted': viewDeletedPosts,`
privileges style changes 8 years ago			`};`
closes #2904 10 years ago			`});`
first pass for #1518 this only handles postTools privileges, topic and category will follow 11 years ago
privileges style changes 8 years ago			`next(null, privileges);`
			`},`
			`], callback);`
first pass for #1518 this only handles postTools privileges, topic and category will follow 11 years ago			`};`

Fix space-before-function-paren linter rule 8 years ago			`privileges.posts.can = function (privilege, pid, uid, callback) {`
privileges style changes 8 years ago			`async.waterfall([`
			`function (next) {`
			`posts.getCidByPid(pid, next);`
			`},`
			`function (cid, next) {`
			`privileges.categories.can(privilege, cid, uid, next);`
			`},`
			`], callback);`
first pass for #1518 this only handles postTools privileges, topic and category will follow 11 years ago			`};`

Fix space-before-function-paren linter rule 8 years ago			`privileges.posts.filter = function (privilege, pids, uid, callback) {`
posts/recent.js refactor 10 years ago			`if (!Array.isArray(pids) \|\| !pids.length) {`
early outs for privs no need to check if empty array is passed in, happens if there are no unread topics remove dupe cids before checking for privileges 11 years ago			`return callback(null, []);`
			`}`
closes #4499 9 years ago			`var cids;`
			`var postData;`
			`var tids;`
			`var tidToTopic = {};`

use _.uniq 8 years ago			`pids = _.uniq(pids);`

closes #4499 9 years ago			`async.waterfall([`
			`function (next) {`
			`posts.getPostsFields(pids, ['uid', 'tid', 'deleted'], next);`
			`},`
			`function (_posts, next) {`
			`postData = _posts;`
use _.uniq 8 years ago			`tids = _.uniq(_posts.map(function (post) {`
closes #4499 9 years ago			`return post && post.tid;`
use _.uniq 8 years ago			`}).filter(Boolean));`

closes #4499 9 years ago			`topics.getTopicsFields(tids, ['deleted', 'cid'], next);`
			`},`
			`function (topicData, next) {`
Fix space-before-function-paren linter rule 8 years ago			`topicData.forEach(function (topic, index) {`
closes #4499 9 years ago			`if (topic) {`
			`tidToTopic[tids[index]] = topic;`
			`}`
			`});`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago
Fix space-before-function-paren linter rule 8 years ago			`cids = postData.map(function (post, index) {`
closes #4499 9 years ago			`if (post) {`
			`post.pid = pids[index];`
			`post.topic = tidToTopic[post.tid];`
			`}`
			`return tidToTopic[post.tid] && tidToTopic[post.tid].cid;`
Fix space-before-function-paren linter rule 8 years ago			`}).filter(function (cid, index, array) {`
closes #4499 9 years ago			`return cid && array.indexOf(cid) === index;`
			`});`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago
closes #4499 9 years ago			`privileges.categories.getBase(privilege, cids, uid, next);`
			`},`
			`function (results, next) {`
			`var isModOf = {};`
Fix space-before-function-paren linter rule 8 years ago			`cids = cids.filter(function (cid, index) {`
closes #4499 9 years ago			`isModOf[cid] = results.isModerators[index];`
			`return !results.categories[index].disabled &&`
			`(results.allowedTo[index] \|\| results.isAdmin \|\| results.isModerators[index]);`
			`});`


Fix space-before-function-paren linter rule 8 years ago			`pids = postData.filter(function (post) {`
check for invalid topic 9 years ago			`return post.topic && cids.indexOf(post.topic.cid) !== -1 &&`
closes #4499 9 years ago			`((parseInt(post.topic.deleted, 10) !== 1 && parseInt(post.deleted, 10) !== 1) \|\| results.isAdmin \|\| isModOf[post.cid]);`
Fix space-before-function-paren linter rule 8 years ago			`}).map(function (post) {`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`return post.pid;`
			`});`
added four new hooks: filter:categories.recent, filter:privileges.categories.get, filter:privileges.posts.filter, filter:privileges.topics.filter 10 years ago
			`plugins.fireHook('filter:privileges.posts.filter', {`
			`privilege: privilege,`
			`uid: uid,`
ESlint comma-dangle 8 years ago			`pids: pids,`
Fix space-before-function-paren linter rule 8 years ago			`}, function (err, data) {`
closes #4499 9 years ago			`next(err, data ? data.pids : null);`
added four new hooks: filter:categories.recent, filter:privileges.categories.get, filter:privileges.posts.filter, filter:privileges.topics.filter 10 years ago			`});`
ESlint comma-dangle 8 years ago			`},`
closes #4499 9 years ago			`], callback);`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`};`

Fix space-before-function-paren linter rule 8 years ago			`privileges.posts.canEdit = function (pid, uid, callback) {`
privileges style changes 8 years ago			`async.waterfall([`
			`function (next) {`
			`async.parallel({`
			`isEditable: async.apply(isPostEditable, pid, uid),`
			`isAdminOrMod: async.apply(isAdminOrMod, pid, uid),`
			`}, next);`
			`},`
			`function (results, next) {`
			`if (results.isAdminOrMod) {`
			`return next(null, { flag: true });`
			`}`
privilege fixes 9 years ago
privileges style changes 8 years ago			`next(null, results.isEditable);`
			`},`
			`], callback);`
more work on #1518 still needs more work, category is next 11 years ago			`};`

Fix space-before-function-paren linter rule 8 years ago			`privileges.posts.canDelete = function (pid, uid, callback) {`
closes #4800 9 years ago			`var postData;`
			`async.waterfall([`
Fix space-before-function-paren linter rule 8 years ago			`function (next) {`
closes #5015 8 years ago			`posts.getPostFields(pid, ['uid', 'tid', 'timestamp', 'deleterUid'], next);`
closes #4800 9 years ago			`},`
Fix space-before-function-paren linter rule 8 years ago			`function (_postData, next) {`
closes #4800 9 years ago			`postData = _postData;`
			`async.parallel({`
			`isAdminOrMod: async.apply(isAdminOrMod, pid, uid),`
			`isLocked: async.apply(topics.isLocked, postData.tid),`
Add edit, delete, and topics:delete permissions for users acting on their own posts 9 years ago			`isOwner: async.apply(posts.isOwner, pid, uid),`
ESlint comma-dangle 8 years ago			`'posts:delete': async.apply(privileges.posts.can, 'posts:delete', pid, uid),`
closes #4800 9 years ago			`}, next);`
ESlint comma-dangle 8 years ago			`},`
privileges style changes 8 years ago			`function (results, next) {`
			`if (results.isAdminOrMod) {`
			`return next(null, { flag: true });`
			`}`
privilege fixes 9 years ago
privileges style changes 8 years ago			`if (results.isLocked) {`
			`return next(null, { flag: false, message: '[[error:topic-locked]]' });`
			`}`
privilege fixes 9 years ago
privileges style changes 8 years ago			`if (!results['posts:delete']) {`
			`return next(null, { flag: false, message: '[[error:no-privileges]]' });`
			`}`
privilege fixes 9 years ago
privileges style changes 8 years ago			`var postDeleteDuration = parseInt(meta.config.postDeleteDuration, 10);`
			`if (postDeleteDuration && (Date.now() - parseInt(postData.timestamp, 10) > postDeleteDuration * 1000)) {`
			`return next(null, { flag: false, message: '[[error:post-delete-duration-expired, ' + meta.config.postDeleteDuration + ']]' });`
			`}`
			`var deleterUid = parseInt(postData.deleterUid, 10) \|\| 0;`
			`var flag = results.isOwner && (deleterUid === 0 \|\| deleterUid === parseInt(postData.uid, 10));`
			`next(null, { flag: flag, message: '[[error:no-privileges]]' });`
			`},`
			`], callback);`
closes #4800 9 years ago			`};`

closes #5885 8 years ago			`privileges.posts.canFlag = function (pid, uid, callback) {`
			`async.waterfall([`
			`function (next) {`
			`async.parallel({`
			`userReputation: async.apply(user.getUserField, uid, 'reputation'),`
			`isAdminOrMod: async.apply(isAdminOrMod, pid, uid),`
			`}, next);`
			`},`
			`function (results, next) {`
closes #5991, closes #5884 7 years ago			`var minimumReputation = utils.isNumber(meta.config['min:rep:flag']) ? parseInt(meta.config['min:rep:flag'], 10) : 0;`
closes #5885 8 years ago			`var canFlag = results.isAdminOrMod \|\| parseInt(results.userReputation, 10) >= minimumReputation;`
			`next(null, { flag: canFlag });`
			`},`
			`], callback);`
			`};`

Fix space-before-function-paren linter rule 8 years ago			`privileges.posts.canMove = function (pid, uid, callback) {`
privileges style changes 8 years ago			`async.waterfall([`
			`function (next) {`
			`posts.isMain(pid, next);`
			`},`
			`function (isMain, next) {`
			`if (isMain) {`
			`return next(new Error('[[error:cant-move-mainpost]]'));`
			`}`
			`isAdminOrMod(pid, uid, next);`
			`},`
			`], callback);`
closes #1731 11 years ago			`};`

Fix space-before-function-paren linter rule 8 years ago			`privileges.posts.canPurge = function (pid, uid, callback) {`
closes #2330 10 years ago			`async.waterfall([`
			`function (next) {`
			`posts.getCidByPid(pid, next);`
			`},`
			`function (cid, next) {`
			`async.parallel({`
			`purge: async.apply(privileges.categories.isUserAllowedTo, 'purge', cid, uid),`
			`owner: async.apply(posts.isOwner, pid, uid),`
ESlint comma-dangle 8 years ago			`isAdminOrMod: async.apply(privileges.categories.isAdminOrMod, cid, uid),`
closes #2330 10 years ago			`}, next);`
			`},`
			`function (results, next) {`
			`next(null, results.isAdminOrMod \|\| (results.purge && results.owner));`
ESlint comma-dangle 8 years ago			`},`
closes #2330 10 years ago			`], callback);`
			`};`

closes #2247 10 years ago			`function isPostEditable(pid, uid, callback) {`
			`async.waterfall([`
Fix space-before-function-paren linter rule 8 years ago			`function (next) {`
closes #2247 10 years ago			`posts.getPostFields(pid, ['tid', 'timestamp'], next);`
			`},`
Fix space-before-function-paren linter rule 8 years ago			`function (postData, next) {`
closes #2247 10 years ago			`var postEditDuration = parseInt(meta.config.postEditDuration, 10);`
			`if (postEditDuration && Date.now() - parseInt(postData.timestamp, 10) > postEditDuration * 1000) {`
ESlint object-curly-spacing 8 years ago			`return callback(null, { flag: false, message: '[[error:post-edit-duration-expired, ' + meta.config.postEditDuration + ']]' });`
closes #2247 10 years ago			`}`
			`topics.isLocked(postData.tid, next);`
			`},`
Fix space-before-function-paren linter rule 8 years ago			`function (isLocked, next) {`
closes #2247 10 years ago			`if (isLocked) {`
ESlint object-curly-spacing 8 years ago			`return callback(null, { flag: false, message: '[[error:topic-locked]]' });`
closes #2247 10 years ago			`}`
closes #2904 10 years ago
Add edit, delete, and topics:delete permissions for users acting on their own posts 9 years ago			`async.parallel({`
			`owner: async.apply(posts.isOwner, pid, uid),`
ESlint comma-dangle 8 years ago			`edit: async.apply(privileges.posts.can, 'posts:edit', pid, uid),`
Add edit, delete, and topics:delete permissions for users acting on their own posts 9 years ago			`}, next);`
closes #2904 10 years ago			`},`
Fix space-before-function-paren linter rule 8 years ago			`function (result, next) {`
ESlint object-curly-spacing 8 years ago			`next(null, { flag: result.owner && result.edit, message: '[[error:no-privileges]]' });`
ESlint comma-dangle 8 years ago			`},`
closes #2247 10 years ago			`], callback);`
			`}`

closes #1731 11 years ago			`function isAdminOrMod(pid, uid, callback) {`
more work on #1518 still needs more work, category is next 11 years ago			`helpers.some([`
Fix space-before-function-paren linter rule 8 years ago			`function (next) {`
privileges style changes 8 years ago			`async.waterfall([`
			`function (next) {`
			`posts.getCidByPid(pid, next);`
			`},`
			`function (cid, next) {`
			`user.isModerator(uid, cid, next);`
			`},`
			`], next);`
more work on #1518 still needs more work, category is next 11 years ago			`},`
Fix space-before-function-paren linter rule 8 years ago			`function (next) {`
more work on #1518 still needs more work, category is next 11 years ago			`user.isAdministrator(uid, next);`
ESlint comma-dangle 8 years ago			`},`
more work on #1518 still needs more work, category is next 11 years ago			`], callback);`
closes #1731 11 years ago			`}`
ESlint eol-last 8 years ago			`};`