From 1a6e576483c1e9939d4e699fcfcc853c28fe9ad7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bar=C4=B1=C5=9F=20Soner=20U=C5=9Fakl=C4=B1?=
 <baris@nodebb.org>
Date: Sun, 23 Aug 2015 22:16:48 -0700
Subject: [PATCH] async

---
 src/middleware/middleware.js | 35 ++++++++++++++++-------------------
 1 file changed, 16 insertions(+), 19 deletions(-)

diff --git a/src/middleware/middleware.js b/src/middleware/middleware.js
index a1f0e31486..7a3bc192b6 100644
--- a/src/middleware/middleware.js
+++ b/src/middleware/middleware.js
@@ -126,32 +126,29 @@ middleware.checkGlobalPrivacySettings = function(req, res, next) {
 
 middleware.checkAccountPermissions = function(req, res, next) {
 	// This middleware ensures that only the requested user and admins can pass
-	middleware.authenticate(req, res, function(err) {
-		if (err) {
-			return next(err);
-		}
-
-		user.getUidByUserslug(req.params.userslug, function (err, uid) {
-			if (err) {
-				return next(err);
-			}
-
+	async.waterfall([
+		function (next) {
+			middleware.authenticate(req, res, next);
+		},
+		function (next) {
+			user.getUidByUserslug(req.params.userslug, next);
+		},
+		function (uid, next) {
 			if (!uid) {
 				return controllers.helpers.notFound(req, res);
 			}
 
 			if (parseInt(uid, 10) === req.uid) {
-				return next();
+				return next(null, true);
 			}
 
-			user.isAdministrator(req.uid, function(err, isAdmin) {
-				if (err || isAdmin) {
-					return next(err);
-				}
-
-				controllers.helpers.notAllowed(req, res);
-			});
-		});
+			user.isAdministrator(req.uid, next);
+		}	
+	], function (err, allowed) {
+		if (err || allowed) {
+			return next(err);
+		}
+		controllers.helpers.notAllowed(req, res);	
 	});
 };