nodebb/src/privileges/categories.js


'use strict';

var async = require('async'),

	user = require('../user'),
	categories = require('../categories'),
	groups = require('../groups'),
	helpers = require('./helpers'),
	plugins = require('../plugins');

module.exports = function(privileges) {

	privileges.categories = {};

	privileges.categories.get = function(cid, uid, callback) {
		async.parallel({
			'topics:create': function(next) {
				helpers.isUserAllowedTo('topics:create', uid, [cid], next);
			},
			read: function(next) {
				helpers.isUserAllowedTo('read', uid, [cid], next);
			},
			isAdministrator: function(next) {
				user.isAdministrator(uid, next);
			},
			isModerator: function(next) {
				user.isModerator(uid, cid, next);
			}
		}, function(err, results) {
			if (err) {
				return callback(err);
			}

			var isAdminOrMod = results.isAdministrator || results.isModerator;

			plugins.fireHook('filter:privileges.categories.get', {
				cid: cid,
				uid: uid,
				'topics:create': results['topics:create'][0] || isAdminOrMod,
				editable: isAdminOrMod,
				view_deleted: isAdminOrMod,
				read: results.read[0] || isAdminOrMod
			}, callback);
		});
	};

	privileges.categories.can = function(privilege, cid, uid, callback) {
		if (!cid) {
			return callback(null, false);
		}
		categories.getCategoryField(cid, 'disabled', function(err, disabled) {
			if (err) {
				return callback(err);
			}

			if (parseInt(disabled, 10) === 1) {
				return callback(null, false);
			}

			helpers.some([
				function(next) {
					helpers.isUserAllowedTo(privilege, uid, [cid], function(err, results) {
						next(err, Array.isArray(results) && results.length ? results[0] : false);
					});
				},
				function(next) {
					user.isModerator(uid, cid, next);
				},
				function(next) {
					user.isAdministrator(uid, next);
				}
			], callback);
		});
	};

	privileges.categories.filterCids = function(privilege, cids, uid, callback) {
		if (!Array.isArray(cids) || !cids.length) {
			return callback(null, []);
		}

		cids = cids.filter(function(cid, index, array) {
			return array.indexOf(cid) === index;
		});

		async.parallel({
			categories: function(next) {
				categories.getMultipleCategoryFields(cids, ['disabled'], next);
			},
			allowedTo: function(next) {
				helpers.isUserAllowedTo(privilege, uid, cids, next);
			},
			isModerators: function(next) {
				user.isModerator(uid, cids, next);
			},
			isAdmin: function(next) {
				user.isAdministrator(uid, next);
			}
		}, function(err, results) {
			if (err) {
				return callback(err);
			}

			cids = cids.filter(function(cid, index) {
				return !results.categories[index].disabled &&
					(results.allowedTo[index] || results.isAdmin || results.isModerators[index]);
			});

			callback(null, cids.filter(Boolean));
		});
	};

	privileges.categories.filterUids = function(privilege, cid, uids, callback) {
		if (!uids.length) {
			return callback(null, []);
		}

		uids = uids.filter(function(uid, index, array) {
			return array.indexOf(uid) === index;
		});

		async.parallel({
			allowedTo: function(next) {
				helpers.isUsersAllowedTo(privilege, uids, cid, next);
			},
			isModerators: function(next) {
				user.isModerator(uids, cid, next);
			},
			isAdmin: function(next) {
				user.isAdministrator(uids, next);
			}
		}, function(err, results) {
			if (err) {
				return callback(err);
			}

			uids = uids.filter(function(uid, index) {
				return results.allowedTo[index] || results.isModerators[index] || results.isAdmin[index];
			});
			callback(null, uids);
		});
	};

	privileges.categories.give = function(privileges, cid, groupName, callback) {
		async.each(privileges, function(privilege, next) {
			groups.join('cid:' + cid + ':privileges:groups:' + privilege, groupName, next);
		}, callback);
	};

	privileges.categories.rescind = function(privileges, cid, groupName, callback) {
		async.each(privileges, function(privilege, next) {
			groups.leave('cid:' + cid + ':privileges:groups:' + privilege, groupName, next);
		}, callback);
	};

	privileges.categories.canMoveAllTopics = function(currentCid, targetCid, uid, callback) {
		async.parallel({
			isAdministrator: function(next) {
				user.isAdministrator(uid, next);
			},
			moderatorOfCurrent: function(next) {
				user.isModerator(uid, currentCid, next);
			},
			moderatorOfTarget: function(next) {
				user.isModerator(uid, targetCid, next);
			}
		}, function(err, results) {
			if (err) {
				return callback(err);
			}

			callback(null, results.isAdministrator || (results.moderatorOfCurrent && results.moderatorOfTarget));
		});
	};

	privileges.categories.userPrivileges = function(cid, uid, callback) {
		async.parallel({
			find: async.apply(groups.isMember, uid, 'cid:' + cid + ':privileges:find'),
			read: function(next) {
				groups.isMember(uid, 'cid:' + cid + ':privileges:read', next);
			},
			'topics:create': function(next) {
				groups.isMember(uid, 'cid:' + cid + ':privileges:topics:create', next);
			},
			'topics:reply': function(next) {
				groups.isMember(uid, 'cid:' + cid + ':privileges:topics:reply', next);
			},
			mods: function(next) {
				user.isModerator(uid, cid, next);
			}
		}, callback);
	};

	privileges.categories.groupPrivileges = function(cid, groupName, callback) {
		async.parallel({
			'groups:find': async.apply(groups.isMember, groupName, 'cid:' + cid + ':privileges:groups:find'),
			'groups:read': function(next) {
				groups.isMember(groupName, 'cid:' + cid + ':privileges:groups:read', next);
			},
			'groups:topics:create': function(next) {
				groups.isMember(groupName, 'cid:' + cid + ':privileges:groups:topics:create', next);
			},
			'groups:topics:reply': function(next) {
				groups.isMember(groupName, 'cid:' + cid + ':privileges:groups:topics:reply', next);
			}
		}, callback);
	};

};
more work on #1518 still needs more work, category is next 11 years ago
			`'use strict';`

			`var async = require('async'),`

			`user = require('../user'),`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`categories = require('../categories'),`
closes #1518 11 years ago			`groups = require('../groups'),`
added four new hooks: filter:categories.recent, filter:privileges.categories.get, filter:privileges.posts.filter, filter:privileges.topics.filter 10 years ago			`helpers = require('./helpers'),`
			`plugins = require('../plugins');`
more work on #1518 still needs more work, category is next 11 years ago
			`module.exports = function(privileges) {`

			`privileges.categories = {};`

closes #1518 11 years ago			`privileges.categories.get = function(cid, uid, callback) {`
			`async.parallel({`
			`'topics:create': function(next) {`
added filterUids method to privileges used to filter uids on a single category 11 years ago			`helpers.isUserAllowedTo('topics:create', uid, [cid], next);`
closes #1518 11 years ago			`},`
			`read: function(next) {`
added filterUids method to privileges used to filter uids on a single category 11 years ago			`helpers.isUserAllowedTo('read', uid, [cid], next);`
closes #1518 11 years ago			`},`
			`isAdministrator: function(next) {`
			`user.isAdministrator(uid, next);`
			`},`
			`isModerator: function(next) {`
			`user.isModerator(uid, cid, next);`
			`}`
			`}, function(err, results) {`
fix typo in ajaxify, closes #2279 10 years ago			`if (err) {`
closes #1518 11 years ago			`return callback(err);`
			`}`

fix typo in ajaxify, closes #2279 10 years ago			`var isAdminOrMod = results.isAdministrator \|\| results.isModerator;`
closes #1518 11 years ago
added four new hooks: filter:categories.recent, filter:privileges.categories.get, filter:privileges.posts.filter, filter:privileges.topics.filter 10 years ago			`plugins.fireHook('filter:privileges.categories.get', {`
			`cid: cid,`
			`uid: uid,`
only use multipart on upload routes, delete temp files if there is an error in admin, admin/mods should see topic reply 10 years ago			`'topics:create': results['topics:create'][0] \|\| isAdminOrMod,`
fix typo in ajaxify, closes #2279 10 years ago			`editable: isAdminOrMod,`
			`view_deleted: isAdminOrMod,`
			`read: results.read[0] \|\| isAdminOrMod`
added four new hooks: filter:categories.recent, filter:privileges.categories.get, filter:privileges.posts.filter, filter:privileges.topics.filter 10 years ago			`}, callback);`
closes #1518 11 years ago			`});`
			`};`

added new privilege "find", added guest meta group, closed #1282 11 years ago			`privileges.categories.can = function(privilege, cid, uid, callback) {`
api/post/pid route 10 years ago			`if (!cid) {`
			`return callback(null, false);`
			`}`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`categories.getCategoryField(cid, 'disabled', function(err, disabled) {`
			`if (err) {`
			`return callback(err);`
			`}`

			`if (parseInt(disabled, 10) === 1) {`
			`return callback(null, false);`
			`}`

			`helpers.some([`
			`function(next) {`
added filterUids method to privileges used to filter uids on a single category 11 years ago			`helpers.isUserAllowedTo(privilege, uid, [cid], function(err, results) {`
privilege fix for single category check 11 years ago			`next(err, Array.isArray(results) && results.length ? results[0] : false);`
			`});`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`},`
			`function(next) {`
			`user.isModerator(uid, cid, next);`
			`},`
			`function(next) {`
			`user.isAdministrator(uid, next);`
			`}`
			`], callback);`
			`});`
			`};`

added filterUids method to privileges used to filter uids on a single category 11 years ago			`privileges.categories.filterCids = function(privilege, cids, uid, callback) {`
fix moderators 10 years ago			`if (!Array.isArray(cids) \|\| !cids.length) {`
early outs for privs no need to check if empty array is passed in, happens if there are no unread topics remove dupe cids before checking for privileges 11 years ago			`return callback(null, []);`
			`}`

			`cids = cids.filter(function(cid, index, array) {`
			`return array.indexOf(cid) === index;`
			`});`

optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`async.parallel({`
closes #2777 10 years ago			`categories: function(next) {`
			`categories.getMultipleCategoryFields(cids, ['disabled'], next);`
			`},`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`allowedTo: function(next) {`
added filterUids method to privileges used to filter uids on a single category 11 years ago			`helpers.isUserAllowedTo(privilege, uid, cids, next);`
added new privilege "find", added guest meta group, closed #1282 11 years ago			`},`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`isModerators: function(next) {`
			`user.isModerator(uid, cids, next);`
added new privilege "find", added guest meta group, closed #1282 11 years ago			`},`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`isAdmin: function(next) {`
added new privilege "find", added guest meta group, closed #1282 11 years ago			`user.isAdministrator(uid, next);`
			`}`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`}, function(err, results) {`
			`if (err) {`
			`return callback(err);`
			`}`

filter cids with a single .filter thanks @julianlam 10 years ago			`cids = cids.filter(function(cid, index) {`
fixed my logic fail 10 years ago			`return !results.categories[index].disabled &&`
filter cids with a single .filter thanks @julianlam 10 years ago			`(results.allowedTo[index] \|\| results.isAdmin \|\| results.isModerators[index]);`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`});`
fixed bug in privilege settings where categories near the end of a list were not having their permissions read properly if earlier categories were disabled, #2887 10 years ago
			`callback(null, cids.filter(Boolean));`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`});`
added new privilege "find", added guest meta group, closed #1282 11 years ago			`};`

added filterUids method to privileges used to filter uids on a single category 11 years ago			`privileges.categories.filterUids = function(privilege, cid, uids, callback) {`
			`if (!uids.length) {`
			`return callback(null, []);`
			`}`

			`uids = uids.filter(function(uid, index, array) {`
			`return array.indexOf(uid) === index;`
			`});`

			`async.parallel({`
			`allowedTo: function(next) {`
			`helpers.isUsersAllowedTo(privilege, uids, cid, next);`
			`},`
			`isModerators: function(next) {`
			`user.isModerator(uids, cid, next);`
			`},`
			`isAdmin: function(next) {`
			`user.isAdministrator(uids, next);`
			`}`
			`}, function(err, results) {`
			`if (err) {`
			`return callback(err);`
			`}`

			`uids = uids.filter(function(uid, index) {`
			`return results.allowedTo[index] \|\| results.isModerators[index] \|\| results.isAdmin[index];`
			`});`
			`callback(null, uids);`
			`});`
			`};`

on category creation give defaults privs to admins and registered users 10 years ago			`privileges.categories.give = function(privileges, cid, groupName, callback) {`
			`async.each(privileges, function(privilege, next) {`
			`groups.join('cid:' + cid + ':privileges:groups:' + privilege, groupName, next);`
			`}, callback);`
			`};`

category privilege rescinding 10 years ago			`privileges.categories.rescind = function(privileges, cid, groupName, callback) {`
			`async.each(privileges, function(privilege, next) {`
			`groups.leave('cid:' + cid + ':privileges:groups:' + privilege, groupName, next);`
			`}, callback);`
			`};`

closes #1518 11 years ago			`privileges.categories.canMoveAllTopics = function(currentCid, targetCid, uid, callback) {`
			`async.parallel({`
			`isAdministrator: function(next) {`
			`user.isAdministrator(uid, next);`
			`},`
			`moderatorOfCurrent: function(next) {`
			`user.isModerator(uid, currentCid, next);`
			`},`
			`moderatorOfTarget: function(next) {`
			`user.isModerator(uid, targetCid, next);`
			`}`
			`}, function(err, results) {`
			`if (err) {`
			`return callback(err);`
			`}`

			`callback(null, results.isAdministrator \|\| (results.moderatorOfCurrent && results.moderatorOfTarget));`
			`});`
			`};`

			`privileges.categories.userPrivileges = function(cid, uid, callback) {`
			`async.parallel({`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`find: async.apply(groups.isMember, uid, 'cid:' + cid + ':privileges:find'),`
closes #1518 11 years ago			`read: function(next) {`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`groups.isMember(uid, 'cid:' + cid + ':privileges:read', next);`
closes #1518 11 years ago			`},`
			`'topics:create': function(next) {`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`groups.isMember(uid, 'cid:' + cid + ':privileges:topics:create', next);`
closes #1518 11 years ago			`},`
			`'topics:reply': function(next) {`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`groups.isMember(uid, 'cid:' + cid + ':privileges:topics:reply', next);`
closes #1518 11 years ago			`},`
			`mods: function(next) {`
			`user.isModerator(uid, cid, next);`
			`}`
			`}, callback);`
			`};`

			`privileges.categories.groupPrivileges = function(cid, groupName, callback) {`
			`async.parallel({`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`'groups:find': async.apply(groups.isMember, groupName, 'cid:' + cid + ':privileges:groups:find'),`
closes #1518 11 years ago			`'groups:read': function(next) {`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`groups.isMember(groupName, 'cid:' + cid + ':privileges:groups:read', next);`
closes #1518 11 years ago			`},`
			`'groups:topics:create': function(next) {`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`groups.isMember(groupName, 'cid:' + cid + ':privileges:groups:topics:create', next);`
closes #1518 11 years ago			`},`
			`'groups:topics:reply': function(next) {`
optimize privileges and assorted fixes. * new methods privileges.categories.filter privileges.topics.filter privileges.posts.filter they take a list of ids and a privilege, and return the filtered list of ids, faster than doing async.filter and calling the db for each id. * remove event listeners on recent page before adding * group.exists works for both single group names and arrays * helpers.allowedTo works for both a single cid and an array of cids * moved filter:topic.post hook right before topic creation. * moved filter:topic.reply hook right before topic reply. 11 years ago			`groups.isMember(groupName, 'cid:' + cid + ':privileges:groups:topics:reply', next);`
closes #1518 11 years ago			`}`
			`}, callback);`
			`};`

more work on #1518 still needs more work, category is next 11 years ago			`};`