nodebb/src/routes/api.js

"use strict";

var path = require('path'),
	async = require('async'),
	fs = require('fs'),
	nconf = require('nconf'),

	user = require('../user'),
	topics = require('../topics'),
	posts = require('../posts'),
	categories = require('../categories'),
	meta = require('../meta'),
	plugins = require('../plugins'),
	utils = require('../../public/src/utils'),
	image = require('../image'),
	pkg = require('../../package.json');


function deleteTempFiles(files) {
	for(var i=0; i<files.length; ++i) {
		fs.unlink(files[i].path);
	}
}

function upload(req, res, filesIterator, next) {
	var files = req.files.files;

	if(!req.user) {
		deleteTempFiles(files);
		return res.json(403, {message:'not allowed'});
	}

	if(!Array.isArray(files)) {
		return res.json(500, {message: 'invalid files'});
	}

	if(Array.isArray(files[0])) {
		files = files[0];
	}

	async.map(files, filesIterator, function(err, images) {
		deleteTempFiles(files);

		if(err) {
			return res.send(500, err.message);
		}

		// IE8 - send it as text/html so browser won't trigger a file download for the json response
		// malsup.com/jquery/form/#file-upload
		res.send(200, req.xhr ? images : JSON.stringify(images));
	});
}

function uploadPost(req, res, next) {
	upload(req, res, function(file, next) {
		if(file.type.match(/image./)) {
			uploadImage(file, next);
		} else {
			uploadFile(file, next);
		}
	}, next);
}

function uploadThumb(req, res, next) {
	if (!meta.config.allowTopicsThumbnail) {
		deleteTempFiles(req.files.files);
		return next(new Error('[[error:topic-thumbnails-are-disabled]]'));
	}

	upload(req, res, function(file, next) {
		if(file.type.match(/image./)) {
			var size = meta.config.topicThumbSize || 120;
			image.resizeImage(file.path, path.extname(file.name), size, size, function(err) {
				if (err) {
					return next(err);
				}
				uploadImage(file, next);
			});
		} else {
			next(new Error('[[error:invalid-file]]'));
		}
	}, next);
}


function uploadImage(image, callback) {
	if(plugins.hasListeners('filter:uploadImage')) {
		plugins.fireHook('filter:uploadImage', image, callback);
	} else {

		if (meta.config.allowFileUploads) {
			uploadFile(image, callback);
		} else {
			callback(new Error('[[error:uploads-are-disabled]]'));
		}
	}
}

function uploadFile(file, callback) {
	if(plugins.hasListeners('filter:uploadFile')) {
		plugins.fireHook('filter:uploadFile', file, callback);
	} else {

		if(!meta.config.allowFileUploads) {
			return callback(new Error('[[error:uploads-are-disabled]]'));
		}

		if(!file) {
			return callback(new Error('[[error:invalid-file]]'));
		}

		if(file.size > parseInt(meta.config.maximumFileSize, 10) * 1024) {
			return callback(new Error('[[error:file-too-big, ' + meta.config.maximumFileSize + ']]'));
		}

		var filename = 'upload-' + utils.generateUUID() + path.extname(file.name);
		require('../file').saveFileToLocal(filename, file.path, function(err, upload) {
			if(err) {
				return callback(err);
			}

			callback(null, {
				url: upload.url,
				name: file.name
			});
		});
	}
}


function getModerators(req, res, next) {
	categories.getModerators(req.params.cid, function(err, moderators) {
		res.json({moderators: moderators});
	});
}

function getTemplatesListing(req, res, next) {
	var data = [];

	async.parallel({
		views: function(next) {
			utils.walk(nconf.get('views_dir'), function (err, views) {
				data = data.concat(
						views.filter(function(value, index, self) {
							return self.indexOf(value) === index;
						}).map(function(el) {
							return el.replace(nconf.get('views_dir') + '/', '');
						}));

				res.json(data);
			});
		},
		extended: function(next) {
			plugins.fireHook('filter:templates.get_virtual', [], function(err, virtual) {
				data = data.concat(virtual);
			});
		}
	}, function(err) {
		res.json(data);
	});
}

function getRecentPosts(req, res, next) {
	var uid = (req.user) ? req.user.uid : 0;

	posts.getRecentPosts(uid, 0, 19, req.params.term, function (err, data) {
		if(err) {
			return next(err);
		}

		res.json(data);
	});
}

module.exports =  function(app, middleware, controllers) {
	app.namespace('/api', function () {
		app.get('/config', controllers.api.getConfig);

		app.get('/user/uid/:uid', middleware.checkGlobalPrivacySettings, controllers.accounts.getUserByUID);
		app.get('/get_templates_listing', getTemplatesListing);
		app.get('/categories/:cid/moderators', getModerators);
		app.get('/recent/posts/:term?', getRecentPosts);

		app.post('/post/upload', uploadPost);
		app.post('/topic/thumb/upload', uploadThumb);
	});

	// this should be in the API namespace
	// also, perhaps pass in :userslug so we can use checkAccountPermissions middleware - in future will allow admins to upload a picture for a user
	app.post('/user/uploadpicture', middleware.authenticate, middleware.checkGlobalPrivacySettings, /*middleware.checkAccountPermissions,*/ controllers.accounts.uploadPicture);
};
moved api-only routes into routes/api.js, cleanup & linting 11 years ago			`"use strict";`

cleaned up requires 11 years ago			`var path = require('path'),`
			`async = require('async'),`
upload changes, show progres in composer 11 years ago			`fs = require('fs'),`
template compiling init; changing themes now finally works on this branch 11 years ago			`nconf = require('nconf'),`
cleaned up requires 11 years ago
closes #1463 11 years ago			`user = require('../user'),`
			`topics = require('../topics'),`
			`posts = require('../posts'),`
			`categories = require('../categories'),`
			`meta = require('../meta'),`
			`plugins = require('../plugins'),`
			`utils = require('../../public/src/utils'),`
			`image = require('../image'),`
			`pkg = require('../../package.json');`
cleaned up webserver.js a bit, moved api routes to its own file, closes #54 12 years ago
user selectable pagination 11 years ago
more cleanup 11 years ago			`function deleteTempFiles(files) {`
			`for(var i=0; i<files.length; ++i) {`
			`fs.unlink(files[i].path);`
			`}`
			`}`
closes #175 12 years ago
one final push, cleanup + organize + lint; made feeds/meta/plugins routes follow same pattern as other route files 11 years ago			`function upload(req, res, filesIterator, next) {`
more cleanup 11 years ago			`var files = req.files.files;`

one final push, cleanup + organize + lint; made feeds/meta/plugins routes follow same pattern as other route files 11 years ago			`if(!req.user) {`
more cleanup 11 years ago			`deleteTempFiles(files);`
one final push, cleanup + organize + lint; made feeds/meta/plugins routes follow same pattern as other route files 11 years ago			`return res.json(403, {message:'not allowed'});`
			`}`

			`if(!Array.isArray(files)) {`
			`return res.json(500, {message: 'invalid files'});`
			`}`

			`if(Array.isArray(files[0])) {`
			`files = files[0];`
			`}`

			`async.map(files, filesIterator, function(err, images) {`
more cleanup 11 years ago			`deleteTempFiles(files);`
hiding search buttons and route when search is not configured 11 years ago
one final push, cleanup + organize + lint; made feeds/meta/plugins routes follow same pattern as other route files 11 years ago			`if(err) {`
			`return res.send(500, err.message);`
			`}`
express-namespaceing routes 12 years ago
one final push, cleanup + organize + lint; made feeds/meta/plugins routes follow same pattern as other route files 11 years ago			`// IE8 - send it as text/html so browser won't trigger a file download for the json response`
			`// malsup.com/jquery/form/#file-upload`
			`res.send(200, req.xhr ? images : JSON.stringify(images));`
			`});`
			`}`

			`function uploadPost(req, res, next) {`
			`upload(req, res, function(file, next) {`
			`if(file.type.match(/image./)) {`
more cleanup 11 years ago			`uploadImage(file, next);`
one final push, cleanup + organize + lint; made feeds/meta/plugins routes follow same pattern as other route files 11 years ago			`} else {`
more cleanup 11 years ago			`uploadFile(file, next);`
one final push, cleanup + organize + lint; made feeds/meta/plugins routes follow same pattern as other route files 11 years ago			`}`
			`}, next);`
			`}`

			`function uploadThumb(req, res, next) {`
more cleanup 11 years ago			`if (!meta.config.allowTopicsThumbnail) {`
			`deleteTempFiles(req.files.files);`
closes #1463 11 years ago			`return next(new Error('[[error:topic-thumbnails-are-disabled]]'));`
more cleanup 11 years ago			`}`

one final push, cleanup + organize + lint; made feeds/meta/plugins routes follow same pattern as other route files 11 years ago			`upload(req, res, function(file, next) {`
			`if(file.type.match(/image./)) {`
closes #1463 11 years ago			`var size = meta.config.topicThumbSize \|\| 120;`
			`image.resizeImage(file.path, path.extname(file.name), size, size, function(err) {`
			`if (err) {`
			`return next(err);`
			`}`
			`uploadImage(file, next);`
			`});`
one final push, cleanup + organize + lint; made feeds/meta/plugins routes follow same pattern as other route files 11 years ago			`} else {`
added lots of error keys 11 years ago			`next(new Error('[[error:invalid-file]]'));`
one final push, cleanup + organize + lint; made feeds/meta/plugins routes follow same pattern as other route files 11 years ago			`}`
			`}, next);`
			`}`
index topic titles too 12 years ago
more cleanup 11 years ago
			`function uploadImage(image, callback) {`
			`if(plugins.hasListeners('filter:uploadImage')) {`
			`plugins.fireHook('filter:uploadImage', image, callback);`
			`} else {`

			`if (meta.config.allowFileUploads) {`
fixing image uploads 11 years ago			`uploadFile(image, callback);`
more cleanup 11 years ago			`} else {`
added lots of error keys 11 years ago			`callback(new Error('[[error:uploads-are-disabled]]'));`
more cleanup 11 years ago			`}`
			`}`
			`}`

			`function uploadFile(file, callback) {`
			`if(plugins.hasListeners('filter:uploadFile')) {`
			`plugins.fireHook('filter:uploadFile', file, callback);`
			`} else {`

			`if(!meta.config.allowFileUploads) {`
added lots of error keys 11 years ago			`return callback(new Error('[[error:uploads-are-disabled]]'));`
more cleanup 11 years ago			`}`

			`if(!file) {`
added lots of error keys 11 years ago			`return callback(new Error('[[error:invalid-file]]'));`
more cleanup 11 years ago			`}`

			`if(file.size > parseInt(meta.config.maximumFileSize, 10) * 1024) {`
added lots of error keys 11 years ago			`return callback(new Error('[[error:file-too-big, ' + meta.config.maximumFileSize + ']]'));`
more cleanup 11 years ago			`}`

			`var filename = 'upload-' + utils.generateUUID() + path.extname(file.name);`
fixing image uploads 11 years ago			`require('../file').saveFileToLocal(filename, file.path, function(err, upload) {`
more cleanup 11 years ago			`if(err) {`
			`return callback(err);`
			`}`

			`callback(null, {`
			`url: upload.url,`
			`name: file.name`
			`});`
			`});`
			`}`
			`}`


one final push, cleanup + organize + lint; made feeds/meta/plugins routes follow same pattern as other route files 11 years ago			`function getModerators(req, res, next) {`
			`categories.getModerators(req.params.cid, function(err, moderators) {`
			`res.json({moderators: moderators});`
			`});`
			`}`

			`function getTemplatesListing(req, res, next) {`
filter:templates.get_virtual for ajaxifying to virtual templates 11 years ago			`var data = [];`

			`async.parallel({`
			`views: function(next) {`
			`utils.walk(nconf.get('views_dir'), function (err, views) {`
			`data = data.concat(`
			`views.filter(function(value, index, self) {`
			`return self.indexOf(value) === index;`
			`}).map(function(el) {`
			`return el.replace(nconf.get('views_dir') + '/', '');`
			`}));`

			`res.json(data);`
			`});`
			`},`
			`extended: function(next) {`
			`plugins.fireHook('filter:templates.get_virtual', [], function(err, virtual) {`
			`data = data.concat(virtual);`
			`});`
			`}`
			`}, function(err) {`
one final push, cleanup + organize + lint; made feeds/meta/plugins routes follow same pattern as other route files 11 years ago			`res.json(data);`
			`});`
			`}`
index topic titles too 12 years ago
Merge remote-tracking branch 'origin/master' into webserver.js-refactor Conflicts: src/routes/api.js 11 years ago			`function getRecentPosts(req, res, next) {`
			`var uid = (req.user) ? req.user.uid : 0;`
added topics thumbnails support 11 years ago
Merge remote-tracking branch 'origin/master' into webserver.js-refactor Conflicts: src/routes/api.js 11 years ago			`posts.getRecentPosts(uid, 0, 19, req.params.term, function (err, data) {`
			`if(err) {`
			`return next(err);`
			`}`
upload changes, show progres in composer 11 years ago
Merge remote-tracking branch 'origin/master' into webserver.js-refactor Conflicts: src/routes/api.js 11 years ago			`res.json(data);`
			`});`
			`}`
upload changes, show progres in composer 11 years ago
one final push, cleanup + organize + lint; made feeds/meta/plugins routes follow same pattern as other route files 11 years ago			`module.exports = function(app, middleware, controllers) {`
			`app.namespace('/api', function () {`
			`app.get('/config', controllers.api.getConfig);`
upload changes, show progres in composer 11 years ago
one final push, cleanup + organize + lint; made feeds/meta/plugins routes follow same pattern as other route files 11 years ago			`app.get('/user/uid/:uid', middleware.checkGlobalPrivacySettings, controllers.accounts.getUserByUID);`
			`app.get('/get_templates_listing', getTemplatesListing);`
			`app.get('/categories/:cid/moderators', getModerators);`
Merge remote-tracking branch 'origin/master' into webserver.js-refactor Conflicts: src/routes/api.js 11 years ago			`app.get('/recent/posts/:term?', getRecentPosts);`
upload changes, show progres in composer 11 years ago
one final push, cleanup + organize + lint; made feeds/meta/plugins routes follow same pattern as other route files 11 years ago			`app.post('/post/upload', uploadPost);`
			`app.post('/topic/thumb/upload', uploadThumb);`
moved api-only routes into routes/api.js, cleanup & linting 11 years ago			`});`

notifications route; added middleware.authenticate to user/uploadpicture api route 11 years ago			`// this should be in the API namespace`
moved api-only routes into routes/api.js, cleanup & linting 11 years ago			`// also, perhaps pass in :userslug so we can use checkAccountPermissions middleware - in future will allow admins to upload a picture for a user`
notifications route; added middleware.authenticate to user/uploadpicture api route 11 years ago			`app.post('/user/uploadpicture', middleware.authenticate, middleware.checkGlobalPrivacySettings, /middleware.checkAccountPermissions,/ controllers.accounts.uploadPicture);`
Merge remote-tracking branch 'origin/master' into webserver.js-refactor Conflicts: src/routes/api.js 11 years ago			`};`