nodebb/src/controllers/api.js

"use strict";

var async = require('async');
var validator = require('validator');
var nconf = require('nconf');

var meta = require('../meta');
var user = require('../user');
var posts = require('../posts');
var topics = require('../topics');
var categories = require('../categories');
var privileges = require('../privileges');
var plugins = require('../plugins');
var widgets = require('../widgets');

var apiController = {};

apiController.getConfig = function(req, res, next) {
	var config = {};
	config.environment = process.env.NODE_ENV;
	config.relative_path = nconf.get('relative_path');
	config.version = nconf.get('version');
	config.siteTitle = validator.escape(meta.config.title || meta.config.browserTitle || 'NodeBB');
	config.browserTitle = validator.escape(meta.config.browserTitle || meta.config.title || 'NodeBB');
	config.titleLayout = (meta.config.titleLayout || '{pageTitle} | {browserTitle}').replace(/{/g, '&#123;').replace(/}/g, '&#125;');
	config.showSiteTitle = parseInt(meta.config.showSiteTitle, 10) === 1;
	config.minimumTitleLength = meta.config.minimumTitleLength;
	config.maximumTitleLength = meta.config.maximumTitleLength;
	config.minimumPostLength = meta.config.minimumPostLength;
	config.maximumPostLength = meta.config.maximumPostLength;
	config.minimumTagsPerTopic = meta.config.minimumTagsPerTopic || 0;
	config.maximumTagsPerTopic = meta.config.maximumTagsPerTopic || 5;
	config.minimumTagLength = meta.config.minimumTagLength || 3;
	config.maximumTagLength = meta.config.maximumTagLength || 15;
	config.hasImageUploadPlugin = plugins.hasListeners('filter:uploadImage');
	config.useOutgoingLinksPage = parseInt(meta.config.useOutgoingLinksPage, 10) === 1;
	config.allowGuestSearching = parseInt(meta.config.allowGuestSearching, 10) === 1;
	config.allowGuestUserSearching = parseInt(meta.config.allowGuestUserSearching, 10) === 1;
	config.allowGuestHandles = parseInt(meta.config.allowGuestHandles, 10) === 1;
	config.allowFileUploads = parseInt(meta.config.allowFileUploads, 10) === 1;
	config.allowTopicsThumbnail = parseInt(meta.config.allowTopicsThumbnail, 10) === 1;
	config.usePagination = parseInt(meta.config.usePagination, 10) === 1;
	config.disableChat = parseInt(meta.config.disableChat, 10) === 1;
	config.socketioTransports = nconf.get('socket.io:transports') || ['polling', 'websocket'];
	config.websocketAddress = nconf.get('socket.io:address') || '';
	config.maxReconnectionAttempts = meta.config.maxReconnectionAttempts || 5;
	config.reconnectionDelay = meta.config.reconnectionDelay || 1500;
	config.topicsPerPage = meta.config.topicsPerPage || 20;
	config.postsPerPage = meta.config.postsPerPage || 20;
	config.maximumFileSize = meta.config.maximumFileSize;
	config['theme:id'] = meta.config['theme:id'];
	config['theme:src'] = meta.config['theme:src'];
	config.defaultLang = meta.config.defaultLang || 'en_GB';
	config.userLang = req.query.lang || config.defaultLang;
	config.loggedIn = !!req.user;
	config['cache-buster'] = meta.config['cache-buster'] || '';
	config.requireEmailConfirmation = parseInt(meta.config.requireEmailConfirmation, 10) === 1;
	config.topicPostSort = meta.config.topicPostSort || 'oldest_to_newest';
	config.categoryTopicSort = meta.config.categoryTopicSort || 'newest_to_oldest';
	config.csrf_token = req.csrfToken();
	config.searchEnabled = plugins.hasListeners('filter:search.query');
	config.bootswatchSkin = 'default';

	async.waterfall([
		function (next) {
			if (!req.user) {
				return next(null, config);
			}
			user.getSettings(req.uid, function(err, settings) {
				if (err) {
					return next(err);
				}
				config.usePagination = settings.usePagination;
				config.topicsPerPage = settings.topicsPerPage;
				config.postsPerPage = settings.postsPerPage;
				config.notificationSounds = settings.notificationSounds;
				config.userLang = req.query.lang || settings.userLang || config.defaultLang;
				config.openOutgoingLinksInNewTab = settings.openOutgoingLinksInNewTab;
				config.topicPostSort = settings.topicPostSort || config.topicPostSort;
				config.categoryTopicSort = settings.categoryTopicSort || config.categoryTopicSort;
				config.topicSearchEnabled = settings.topicSearchEnabled || false;
				config.delayImageLoading = settings.delayImageLoading !== undefined ? settings.delayImageLoading : true;
				config.bootswatchSkin = settings.bootswatchSkin || config.bootswatchSkin;
				next(null, config);
			});
		},
		function (config, next) {
			plugins.fireHook('filter:config.get', config, next);
		}
	], function(err, config) {
		if (err) {
			return next(err);
		}

		if (res.locals.isAPI) {
			res.json(config);
		} else {
			next(null, config);
		}
	});
};


apiController.renderWidgets = function(req, res, next) {
	var areas = {
		template: req.query.template,
		locations: req.query.locations,
		url: req.query.url
	};

	if (!areas.template || !areas.locations) {
		return res.status(200).json({});
	}

	widgets.render(req.uid,
		{
			template: areas.template,
			url: areas.url,
			locations: areas.locations,
		},
		req,
		res,
		function(err, widgets) {
		if (err) {
			return next(err);
		}
		res.status(200).json(widgets);
	});
};

apiController.getObject = function(req, res, next) {
	apiController.getObjectByType(req.uid, req.params.type, req.params.id, function(err, results) {
		if (err) {
			return next(err);
		}

		res.json(results);
	});
};

apiController.getObjectByType = function(uid, type, id, callback) {
	var methods = {
		post: {
			canRead: privileges.posts.can,
			data: posts.getPostData
		},
		topic: {
			canRead: privileges.topics.can,
			data: topics.getTopicData
		},
		category: {
			canRead: privileges.categories.can,
			data: categories.getCategoryData
		}
	};

	if (!methods[type]) {
		return callback();
	}

	async.waterfall([
		function (next) {
			methods[type].canRead('read', id, uid, next);
		},
		function (canRead, next) {
			if (!canRead) {
				return next(new Error('[[error:no-privileges]]'));
			}
			methods[type].data(id, next);
		}
	], callback);
};

apiController.getUserByUID = function(req, res, next) {
	byType('uid', req, res, next);
};

apiController.getUserByUsername = function(req, res, next) {
	byType('username', req, res, next);
};

apiController.getUserByEmail = function(req, res, next) {
	byType('email', req, res, next);
};

function byType(type, req, res, next) {
	apiController.getUserDataByField(req.uid, type, req.params[type], function(err, data) {
		if (err || !data) {
			return next(err);
		}
		res.json(data);
	});
}

apiController.getUserDataByField = function(callerUid, field, fieldValue, callback) {
	async.waterfall([
		function (next) {
			if (field === 'uid') {
				next(null, fieldValue);
			} else if (field === 'username') {
				user.getUidByUsername(fieldValue, next);
			} else if (field === 'email') {
				user.getUidByEmail(fieldValue, next);
			} else {
				next();
			}
		},
		function (uid, next) {
			if (!uid) {
				return next();
			}
			apiController.getUserDataByUID(callerUid, uid, next);
		}
	], callback);
};

apiController.getUserDataByUID = function(callerUid, uid, callback) {
	if (!parseInt(callerUid, 10) && parseInt(meta.config.privateUserInfo, 10) === 1) {
		return callback(new Error('[[error:no-privileges]]'));
	}

	if (!parseInt(uid, 10)) {
		return callback(new Error('[[error:no-user]]'));
	}

	async.parallel({
		userData: async.apply(user.getUserData, uid),
		settings: async.apply(user.getSettings, uid)
	}, function(err, results) {
		if (err || !results.userData) {
			return callback(err || new Error('[[error:no-user]]'));
		}

		results.userData.email = results.settings.showemail ? results.userData.email : undefined;
		results.userData.fullname = results.settings.showfullname ? results.userData.fullname : undefined;

		callback(null, results.userData);
	});
};

apiController.getModerators = function(req, res, next) {
	categories.getModerators(req.params.cid, function(err, moderators) {
		if (err) {
			return next(err);
		}
		res.json({moderators: moderators});
	});
};


apiController.getRecentPosts = function(req, res, next) {
	posts.getRecentPosts(req.uid, 0, 19, req.params.term, function (err, data) {
		if (err) {
			return next(err);
		}

		res.json(data);
	});
};

module.exports = apiController;
started moving out api functionality out of the route file into controllers/api.js 11 years ago			`"use strict";`

added socket methods 9 years ago			`var async = require('async');`
			`var validator = require('validator');`
			`var nconf = require('nconf');`

			`var meta = require('../meta');`
			`var user = require('../user');`
			`var posts = require('../posts');`
			`var topics = require('../topics');`
			`var categories = require('../categories');`
			`var privileges = require('../privileges');`
			`var plugins = require('../plugins');`
			`var widgets = require('../widgets');`
started moving out api functionality out of the route file into controllers/api.js 11 years ago
			`var apiController = {};`

deprecating use of templates.setGlobal on server side in favour of passing in api.config into res.locals (still needs work) 11 years ago			`apiController.getConfig = function(req, res, next) {`
fixed require to missing public config.json 11 years ago			`var config = {};`
remove more from config 9 years ago			`config.environment = process.env.NODE_ENV;`
final pass, #1984 10 years ago			`config.relative_path = nconf.get('relative_path');`
Allow NodeBB version to be set via config to package.json version can be incremented when needed. 10 years ago			`config.version = nconf.get('version');`
closed #2571 10 years ago			`config.siteTitle = validator.escape(meta.config.title \|\| meta.config.browserTitle \|\| 'NodeBB');`
remove meta/title.js and meta.title.build #3481 10 years ago			`config.browserTitle = validator.escape(meta.config.browserTitle \|\| meta.config.title \|\| 'NodeBB');`
fix title in acp removed extra \| 10 years ago			`config.titleLayout = (meta.config.titleLayout \|\| '{pageTitle} \| {browserTitle}').replace(/{/g, '{').replace(/}/g, '}');`
parseInt show title 10 years ago			`config.showSiteTitle = parseInt(meta.config.showSiteTitle, 10) === 1;`
started moving out api functionality out of the route file into controllers/api.js 11 years ago			`config.minimumTitleLength = meta.config.minimumTitleLength;`
			`config.maximumTitleLength = meta.config.maximumTitleLength;`
			`config.minimumPostLength = meta.config.minimumPostLength;`
#2685 fix copy paste fail :frowning: 10 years ago			`config.maximumPostLength = meta.config.maximumPostLength;`
remove more from config 9 years ago			`config.minimumTagsPerTopic = meta.config.minimumTagsPerTopic \|\| 0;`
			`config.maximumTagsPerTopic = meta.config.maximumTagsPerTopic \|\| 5;`
			`config.minimumTagLength = meta.config.minimumTagLength \|\| 3;`
			`config.maximumTagLength = meta.config.maximumTagLength \|\| 15;`
started moving out api functionality out of the route file into controllers/api.js 11 years ago			`config.hasImageUploadPlugin = plugins.hasListeners('filter:uploadImage');`
			`config.useOutgoingLinksPage = parseInt(meta.config.useOutgoingLinksPage, 10) === 1;`
removing allowGuestPosting logic in NodeBB 11 years ago			`config.allowGuestSearching = parseInt(meta.config.allowGuestSearching, 10) === 1;`
closes #3240 10 years ago			`config.allowGuestUserSearching = parseInt(meta.config.allowGuestUserSearching, 10) === 1;`
template in composer #2569 10 years ago			`config.allowGuestHandles = parseInt(meta.config.allowGuestHandles, 10) === 1;`
started moving out api functionality out of the route file into controllers/api.js 11 years ago			`config.allowFileUploads = parseInt(meta.config.allowFileUploads, 10) === 1;`
			`config.allowTopicsThumbnail = parseInt(meta.config.allowTopicsThumbnail, 10) === 1;`
			`config.usePagination = parseInt(meta.config.usePagination, 10) === 1;`
closes #1990 10 years ago			`config.disableChat = parseInt(meta.config.disableChat, 10) === 1;`
remove more from config 9 years ago			`config.socketioTransports = nconf.get('socket.io:transports') \|\| ['polling', 'websocket'];`
			`config.websocketAddress = nconf.get('socket.io:address') \|\| '';`
closes #1288 11 years ago			`config.maxReconnectionAttempts = meta.config.maxReconnectionAttempts \|\| 5;`
fixed issue where socket.io would no longer reconnect perpetually, new behaviour waits 10x the reconnect delay, and then starts over. Also upped the reconnection delay default to 1.5s. 10 years ago			`config.reconnectionDelay = meta.config.reconnectionDelay \|\| 1500;`
started moving out api functionality out of the route file into controllers/api.js 11 years ago			`config.topicsPerPage = meta.config.topicsPerPage \|\| 20;`
			`config.postsPerPage = meta.config.postsPerPage \|\| 20;`
			`config.maximumFileSize = meta.config.maximumFileSize;`
Merge remote-tracking branch 'origin/master' into webserver.js-refactor Conflicts: public/templates/admin/themes.tpl src/meta.js src/routes/api.js 11 years ago			`config['theme:id'] = meta.config['theme:id'];`
don't need to refresh to preview updated skin #3069 10 years ago			`config['theme:src'] = meta.config['theme:src'];`
started moving out api functionality out of the route file into controllers/api.js 11 years ago			`config.defaultLang = meta.config.defaultLang \|\| 'en_GB';`
closes #3352 10 years ago			`config.userLang = req.query.lang \|\| config.defaultLang;`
closes #1900 11 years ago			`config.loggedIn = !!req.user;`
added cache-buster to template xhr urls -- closed #1392 11 years ago			`config['cache-buster'] = meta.config['cache-buster'] \|\| '';`
closes #1635 if email isnt confirmed, show a warning in account/edit and let users resend confirm email 11 years ago			`config.requireEmailConfirmation = parseInt(meta.config.requireEmailConfirmation, 10) === 1;`
closes #450 backup database before upgrade! upgrade script will take the first post of each topic and set the `mainPid` property on the topic. then it will remove that pid from the sorted sets for that topic, this was done to make alternative sorting work. added a new sorted set called `tid:<id>:posts:votes` that is used to sort topic posts by vote count, the original sorted set `tid:<id>:posts` is used to sort by oldest first or newest first. the main post is added to the returned posts array on topic load and is always at the top. theme changes are minimal just a few new data properties on the posts and the sorting dropdown. hopefully didn't miss anything too critical. 11 years ago			`config.topicPostSort = meta.config.topicPostSort \|\| 'oldest_to_newest';`
closes #1917 10 years ago			`config.categoryTopicSort = meta.config.categoryTopicSort \|\| 'newest_to_oldest';`
closed #2424 10 years ago			`config.csrf_token = req.csrfToken();`
preventing ctrl-f hijacking if no search plugin is installed 10 years ago			`config.searchEnabled = plugins.hasListeners('filter:search.query');`
got rid of extra call to user.getSettings 9 years ago			`config.bootswatchSkin = 'default';`
started moving out api functionality out of the route file into controllers/api.js 11 years ago
added socket methods 9 years ago			`async.waterfall([`
			`function (next) {`
			`if (!req.user) {`
			`return next(null, config);`
			`}`
			`user.getSettings(req.uid, function(err, settings) {`
			`if (err) {`
			`return next(err);`
			`}`
			`config.usePagination = settings.usePagination;`
			`config.topicsPerPage = settings.topicsPerPage;`
			`config.postsPerPage = settings.postsPerPage;`
			`config.notificationSounds = settings.notificationSounds;`
			`config.userLang = req.query.lang \|\| settings.userLang \|\| config.defaultLang;`
			`config.openOutgoingLinksInNewTab = settings.openOutgoingLinksInNewTab;`
			`config.topicPostSort = settings.topicPostSort \|\| config.topicPostSort;`
			`config.categoryTopicSort = settings.categoryTopicSort \|\| config.categoryTopicSort;`
			`config.topicSearchEnabled = settings.topicSearchEnabled \|\| false;`
closes #4503, /cc @BenLubar 9 years ago			`config.delayImageLoading = settings.delayImageLoading !== undefined ? settings.delayImageLoading : true;`
added socket methods 9 years ago			`config.bootswatchSkin = settings.bootswatchSkin \|\| config.bootswatchSkin;`
			`next(null, config);`
			`});`
			`},`
			`function (config, next) {`
			`plugins.fireHook('filter:config.get', config, next);`
			`}`
			`], function(err, config) {`
removed some unused translator requires 11 years ago			`if (err) {`
			`return next(err);`
			`}`

added socket methods 9 years ago			`if (res.locals.isAPI) {`
			`res.json(config);`
			`} else {`
			`next(null, config);`
			`}`
added privateUserInfo and isLoggedIn for #1275 11 years ago			`});`
started moving out api functionality out of the route file into controllers/api.js 11 years ago			`};`


closes #1428 11 years ago			`apiController.renderWidgets = function(req, res, next) {`
jshint 9 years ago			`var areas = {`
			`template: req.query.template,`
			`locations: req.query.locations,`
			`url: req.query.url`
			`};`
closes #1428 11 years ago
refactored widgets api call to render all at once rather than one area at a time, closes https://github.com/NodeBB/NodeBB/issues/2062 11 years ago			`if (!areas.template \|\| !areas.locations) {`
closes #2231; see #2218 10 years ago			`return res.status(200).json({});`
optimized widget call by bundling all queries into one for #1428; fixes active users widget crash also fixes b3819fd0766bd3b2a83771fcbf7078635833a3ee properly 11 years ago			`}`

Added req and res objects to the widget rendering process before callback in src/controllers/api.js 10 years ago			`widgets.render(req.uid,`
			`{`
			`template: areas.template,`
			`url: areas.url,`
			`locations: areas.locations,`
fixed one tab character 10 years ago			`},`
Added req and res objects to the widget rendering process before callback in src/controllers/api.js 10 years ago			`req,`
			`res,`
			`function(err, widgets) {`
widget render change 11 years ago			`if (err) {`
			`return next(err);`
			`}`
closes #2231; see #2218 10 years ago			`res.status(200).json(widgets);`
closes #1428 11 years ago			`});`
			`};`

generic getObject 10 years ago			`apiController.getObject = function(req, res, next) {`
added socket methods 9 years ago			`apiController.getObjectByType(req.uid, req.params.type, req.params.id, function(err, results) {`
			`if (err) {`
			`return next(err);`
			`}`

			`res.json(results);`
			`});`
			`};`

			`apiController.getObjectByType = function(uid, type, id, callback) {`
generic getObject 10 years ago			`var methods = {`
			`post: {`
			`canRead: privileges.posts.can,`
			`data: posts.getPostData`
			`},`
			`topic: {`
			`canRead: privileges.topics.can,`
			`data: topics.getTopicData`
			`},`
			`category: {`
			`canRead: privileges.categories.can,`
			`data: categories.getCategoryData`
			`}`
			`};`

added socket methods 9 years ago			`if (!methods[type]) {`
			`return callback();`
generic getObject 10 years ago			`}`

added socket methods 9 years ago			`async.waterfall([`
			`function (next) {`
			`methods[type].canRead('read', id, uid, next);`
			`},`
			`function (canRead, next) {`
			`if (!canRead) {`
			`return next(new Error('[[error:no-privileges]]'));`
			`}`
			`methods[type].data(id, next);`
generic getObject 10 years ago			`}`
added socket methods 9 years ago			`], callback);`
generic getObject 10 years ago			`};`

accounts refactor #2 and various 404 fixes 10 years ago			`apiController.getUserByUID = function(req, res, next) {`
api controllers refactor 9 years ago			`byType('uid', req, res, next);`
accounts refactor #2 and various 404 fixes 10 years ago			`};`

fix waterfall Signed-off-by: Dustin Falgout <[email protected]> 9 years ago			`apiController.getUserByUsername = function(req, res, next) {`
api controllers refactor 9 years ago			`byType('username', req, res, next);`
added socket methods 9 years ago			`};`

			`apiController.getUserByEmail = function(req, res, next) {`
api controllers refactor 9 years ago			`byType('email', req, res, next);`
			`};`
added socket methods 9 years ago
api controllers refactor 9 years ago			`function byType(type, req, res, next) {`
			`apiController.getUserDataByField(req.uid, type, req.params[type], function(err, data) {`
			`if (err \|\| !data) {`
added socket methods 9 years ago			`return next(err);`
			`}`
			`res.json(data);`
			`});`
api controllers refactor 9 years ago			`}`
add api endpoints to get user by username and by email Signed-off-by: Dustin Falgout <[email protected]> 9 years ago
api controllers refactor 9 years ago			`apiController.getUserDataByField = function(callerUid, field, fieldValue, callback) {`
add api endpoints to get user by username and by email Signed-off-by: Dustin Falgout <[email protected]> 9 years ago			`async.waterfall([`
api controllers refactor 9 years ago			`function (next) {`
			`if (field === 'uid') {`
			`next(null, fieldValue);`
			`} else if (field === 'username') {`
			`user.getUidByUsername(fieldValue, next);`
			`} else if (field === 'email') {`
			`user.getUidByEmail(fieldValue, next);`
			`} else {`
			`next();`
			`}`
add api endpoints to get user by username and by email Signed-off-by: Dustin Falgout <[email protected]> 9 years ago			`},`
api controllers refactor 9 years ago			`function (uid, next) {`
			`if (!uid) {`
			`return next();`
			`}`
added socket methods 9 years ago			`apiController.getUserDataByUID(callerUid, uid, next);`
fix waterfall Signed-off-by: Dustin Falgout <[email protected]> 9 years ago			`}`
added socket methods 9 years ago			`], callback);`
add api endpoints to get user by username and by email Signed-off-by: Dustin Falgout <[email protected]> 9 years ago			`};`

added socket methods 9 years ago			`apiController.getUserDataByUID = function(callerUid, uid, callback) {`
			`if (!parseInt(callerUid, 10) && parseInt(meta.config.privateUserInfo, 10) === 1) {`
			`return callback(new Error('[[error:no-privileges]]'));`
			`}`

			`if (!parseInt(uid, 10)) {`
			`return callback(new Error('[[error:no-user]]'));`
			`}`

refactor get user by x 9 years ago			`async.parallel({`
			`userData: async.apply(user.getUserData, uid),`
			`settings: async.apply(user.getSettings, uid)`
			`}, function(err, results) {`
			`if (err \|\| !results.userData) {`
added socket methods 9 years ago			`return callback(err \|\| new Error('[[error:no-user]]'));`
refactor get user by x 9 years ago			`}`

			`results.userData.email = results.settings.showemail ? results.userData.email : undefined;`
			`results.userData.fullname = results.settings.showfullname ? results.userData.fullname : undefined;`

added socket methods 9 years ago			`callback(null, results.userData);`
refactor get user by x 9 years ago			`});`
added socket methods 9 years ago			`};`
refactor get user by x 9 years ago
accounts refactor #2 and various 404 fixes 10 years ago			`apiController.getModerators = function(req, res, next) {`
			`categories.getModerators(req.params.cid, function(err, moderators) {`
check err 10 years ago			`if (err) {`
			`return next(err);`
			`}`
accounts refactor #2 and various 404 fixes 10 years ago			`res.json({moderators: moderators});`
			`});`
			`};`


			`apiController.getRecentPosts = function(req, res, next) {`
			`posts.getRecentPosts(req.uid, 0, 19, req.params.term, function (err, data) {`
			`if (err) {`
			`return next(err);`
			`}`

			`res.json(data);`
			`});`
			`};`

Add missing new lines at end of files. 11 years ago			`module.exports = apiController;`