nodebb/src/privileges/topics.js


'use strict';

var async = require('async'),

	db = require('../database'),
	topics = require('../topics'),
	user = require('../user'),
	helpers = require('./helpers'),
	groups = require('../groups'),
	categories = require('../categories'),
	plugins = require('../plugins');

module.exports = function(privileges) {

	privileges.topics = {};

	privileges.topics.get = function(tid, uid, callback) {
		async.waterfall([
			async.apply(topics.getTopicFields, tid, ['cid', 'uid']),
			function(topic, next) {
				async.parallel({
					'topics:reply': async.apply(helpers.isUserAllowedTo, 'topics:reply', uid, [topic.cid]),
					read: async.apply(helpers.isUserAllowedTo, 'read', uid, [topic.cid]),
					isOwner: function(next) {
						next(null, parseInt(uid, 10) === parseInt(topic.uid, 10));
					},
					manage_topic: async.apply(helpers.hasEnoughReputationFor, 'privileges:manage_topic', uid),
					isAdministrator: async.apply(user.isAdministrator, uid),
					isModerator: async.apply(user.isModerator, uid, topic.cid),
					disabled: async.apply(categories.getCategoryField, topic.cid, 'disabled')
				}, next);
			}
		], function(err, results) {
			if (err) {
				return callback(err);
			}

			var disabled = parseInt(results.disabled, 10) === 1;
			var	isAdminOrMod = results.isAdministrator || results.isModerator;
			var editable = isAdminOrMod || results.manage_topic;
			var deletable = isAdminOrMod || results.isOwner;

			plugins.fireHook('filter:privileges.topics.get', {
				'topics:reply': results['topics:reply'][0] || isAdminOrMod,
				read: results.read[0] || isAdminOrMod,
				view_thread_tools: editable || deletable,
				editable: editable,
				deletable: deletable,
				view_deleted: isAdminOrMod || results.manage_topic || results.isOwner,
				disabled: disabled,
				tid: tid,
				uid: uid
			}, callback);
		});
	};

	privileges.topics.can = function(privilege, tid, uid, callback) {
		topics.getTopicField(tid, 'cid', function(err, cid) {
			if (err) {
				return callback(err);
			}

			privileges.categories.can(privilege, cid, uid, callback);
		});
	};

	privileges.topics.filter = function(privilege, tids, uid, callback) {
		if (!Array.isArray(tids) || !tids.length) {
			return callback(null, []);
		}

		topics.getTopicsFields(tids, ['tid', 'cid'], function(err, topics) {
			if (err) {
				return callback(err);
			}

			var cids = topics.map(function(topic) {
				return topic.cid;
			});

			privileges.categories.filterCids(privilege, cids, uid, function(err, cids) {
				if (err) {
					return callback(err);
				}

				tids = topics.filter(function(topic) {
					return cids.indexOf(topic.cid) !== -1;
				}).map(function(topic) {
					return topic.tid;
				});

				plugins.fireHook('filter:privileges.topics.filter', {
					privilege: privilege,
					uid: uid,
					tids: tids
				}, function(err, data) {
					callback(err, data ? data.tids : null);
				});
			});
		});
	};

	privileges.topics.canEdit = function(tid, uid, callback) {
		helpers.some([
			function(next) {
				topics.isOwner(tid, uid, next);
			},
			function(next) {
				helpers.hasEnoughReputationFor('privileges:manage_topic', uid, next);
			},
			function(next) {
				isAdminOrMod(tid, uid, next);
			}
		], callback);
	};

	privileges.topics.canMove = function(tid, uid, callback) {
		isAdminOrMod(tid, uid, callback);
	};

	function isAdminOrMod(tid, uid, callback) {
		helpers.some([
			function(next) {
				topics.getTopicField(tid, 'cid', function(err, cid) {
					if (err) {
						return next(err);
					}
					user.isModerator(uid, cid, next);
				});
			},
			function(next) {
				user.isAdministrator(uid, next);
			}
		], callback);
	}
};
more work on #1518 still needs more work, category is next 11 years ago
			`'use strict';`

			`var async = require('async'),`

optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`db = require('../database'),`
more work on #1518 still needs more work, category is next 11 years ago			`topics = require('../topics'),`
			`user = require('../user'),`
			`helpers = require('./helpers'),`
			`groups = require('../groups'),`
updating privilege handling to fire two new hooks, filter:privileges.topics.get and filter:category.topics.get 10 years ago			`categories = require('../categories'),`
			`plugins = require('../plugins');`
more work on #1518 still needs more work, category is next 11 years ago
			`module.exports = function(privileges) {`

			`privileges.topics = {};`

			`privileges.topics.get = function(tid, uid, callback) {`
updating privilege handling to fire two new hooks, filter:privileges.topics.get and filter:category.topics.get 10 years ago			`async.waterfall([`
one less query in privileges.topics.get 10 years ago			`async.apply(topics.getTopicFields, tid, ['cid', 'uid']),`
			`function(topic, next) {`
updating privilege handling to fire two new hooks, filter:privileges.topics.get and filter:category.topics.get 10 years ago			`async.parallel({`
one less query in privileges.topics.get 10 years ago			`'topics:reply': async.apply(helpers.isUserAllowedTo, 'topics:reply', uid, [topic.cid]),`
			`read: async.apply(helpers.isUserAllowedTo, 'read', uid, [topic.cid]),`
			`isOwner: function(next) {`
			`next(null, parseInt(uid, 10) === parseInt(topic.uid, 10));`
			`},`
updating privilege handling to fire two new hooks, filter:privileges.topics.get and filter:category.topics.get 10 years ago			`manage_topic: async.apply(helpers.hasEnoughReputationFor, 'privileges:manage_topic', uid),`
			`isAdministrator: async.apply(user.isAdministrator, uid),`
one less query in privileges.topics.get 10 years ago			`isModerator: async.apply(user.isModerator, uid, topic.cid),`
			`disabled: async.apply(categories.getCategoryField, topic.cid, 'disabled')`
updating privilege handling to fire two new hooks, filter:privileges.topics.get and filter:category.topics.get 10 years ago			`}, next);`
			`}`
			`], function(err, results) {`
fixed indents 11 years ago			`if (err) {`
			`return callback(err);`
			`}`
more work on #1518 still needs more work, category is next 11 years ago
updating privilege handling to fire two new hooks, filter:privileges.topics.get and filter:category.topics.get 10 years ago			`var disabled = parseInt(results.disabled, 10) === 1;`
			`var isAdminOrMod = results.isAdministrator \|\| results.isModerator;`
			`var editable = isAdminOrMod \|\| results.manage_topic;`
			`var deletable = isAdminOrMod \|\| results.isOwner;`

			`plugins.fireHook('filter:privileges.topics.get', {`
			`'topics:reply': results['topics:reply'][0] \|\| isAdminOrMod,`
			`read: results.read[0] \|\| isAdminOrMod,`
			`view_thread_tools: editable \|\| deletable,`
			`editable: editable,`
			`deletable: deletable,`
			`view_deleted: isAdminOrMod \|\| results.manage_topic \|\| results.isOwner,`
			`disabled: disabled,`
			`tid: tid,`
			`uid: uid`
			`}, callback);`
more work on #1518 still needs more work, category is next 11 years ago			`});`
			`};`

removing allowGuestPosting logic in NodeBB 11 years ago			`privileges.topics.can = function(privilege, tid, uid, callback) {`
			`topics.getTopicField(tid, 'cid', function(err, cid) {`
			`if (err) {`
			`return callback(err);`
			`}`

			`privileges.categories.can(privilege, cid, uid, callback);`
			`});`
			`};`

optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`privileges.topics.filter = function(privilege, tids, uid, callback) {`
src/topics.js cleanup 10 years ago			`if (!Array.isArray(tids) \|\| !tids.length) {`
early outs for privs no need to check if empty array is passed in, happens if there are no unread topics remove dupe cids before checking for privileges 11 years ago			`return callback(null, []);`
			`}`

use wrapper functions getPostsFields and getTopicsFields 10 years ago			`topics.getTopicsFields(tids, ['tid', 'cid'], function(err, topics) {`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`if (err) {`
			`return callback(err);`
			`}`

			`var cids = topics.map(function(topic) {`
			`return topic.cid;`
			`});`

added filterUids method to privileges used to filter uids on a single category 11 years ago			`privileges.categories.filterCids(privilege, cids, uid, function(err, cids) {`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`if (err) {`
			`return callback(err);`
			`}`

			`tids = topics.filter(function(topic) {`
			`return cids.indexOf(topic.cid) !== -1;`
			`}).map(function(topic) {`
			`return topic.tid;`
			`});`
added four new hooks: filter:categories.recent, filter:privileges.categories.get, filter:privileges.posts.filter, filter:privileges.topics.filter 10 years ago
			`plugins.fireHook('filter:privileges.topics.filter', {`
			`privilege: privilege,`
			`uid: uid,`
			`tids: tids`
			`}, function(err, data) {`
err check 10 years ago			`callback(err, data ? data.tids : null);`
added four new hooks: filter:categories.recent, filter:privileges.categories.get, filter:privileges.posts.filter, filter:privileges.topics.filter 10 years ago			`});`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`});`
			`});`
			`};`

more work on #1518 still needs more work, category is next 11 years ago			`privileges.topics.canEdit = function(tid, uid, callback) {`
			`helpers.some([`
			`function(next) {`
closes #1731 11 years ago			`topics.isOwner(tid, uid, next);`
more work on #1518 still needs more work, category is next 11 years ago			`},`
			`function(next) {`
closes #1731 11 years ago			`helpers.hasEnoughReputationFor('privileges:manage_topic', uid, next);`
more work on #1518 still needs more work, category is next 11 years ago			`},`
			`function(next) {`
closes #1731 11 years ago			`isAdminOrMod(tid, uid, next);`
more work on #1518 still needs more work, category is next 11 years ago			`}`
			`], callback);`
			`};`

			`privileges.topics.canMove = function(tid, uid, callback) {`
closes #1731 11 years ago			`isAdminOrMod(tid, uid, callback);`
			`};`

			`function isAdminOrMod(tid, uid, callback) {`
more work on #1518 still needs more work, category is next 11 years ago			`helpers.some([`
			`function(next) {`
			`topics.getTopicField(tid, 'cid', function(err, cid) {`
			`if (err) {`
			`return next(err);`
			`}`
			`user.isModerator(uid, cid, next);`
			`});`
			`},`
			`function(next) {`
			`user.isAdministrator(uid, next);`
			`}`
			`], callback);`
closes #1731 11 years ago			`}`
more work on #1518 still needs more work, category is next 11 years ago			`};`