diff --git a/public/src/app.js b/public/src/app.js index 99b4b29615..7c78e6e26f 100644 --- a/public/src/app.js +++ b/public/src/app.js @@ -407,7 +407,7 @@ var socket, return; } - if (title.length > 0) { + if (title.length > 0 && !app.isFocused) { titleObj.titles[1] = title; if (titleObj.interval) { clearInterval(titleObj.interval); diff --git a/public/src/forum/topic.js b/public/src/forum/topic.js index 7bead051dd..90e5ea0cb0 100644 --- a/public/src/forum/topic.js +++ b/public/src/forum/topic.js @@ -503,6 +503,8 @@ define(['composer'], function(composer) { moveBtn.on('click', function() { socket.emit('topics.movePost', {pid: pid, tid: topicId.val()}, function(err) { if(err) { + $('#topicId').val(''); + moveModal.addClass('hide'); return app.alertError(err.message); } diff --git a/public/templates/topic.tpl b/public/templates/topic.tpl index a67e7b1b8c..16a8016e46 100644 --- a/public/templates/topic.tpl +++ b/public/templates/topic.tpl @@ -106,9 +106,9 @@ diff --git a/src/categoryTools.js b/src/categoryTools.js index bdce420460..853b9c049f 100644 --- a/src/categoryTools.js +++ b/src/categoryTools.js @@ -116,7 +116,9 @@ CategoryTools.privileges = function(cid, uid, callback) { privileges.admin ), editable: privileges.moderator || privileges.admin, - view_deleted: privileges.moderator || privileges.admin + view_deleted: privileges.moderator || privileges.admin, + moderator: privileges.moderator, + admin: privileges.moderator }); }); }; diff --git a/src/meta.js b/src/meta.js index 1fdf24bf5b..dd272bd796 100644 --- a/src/meta.js +++ b/src/meta.js @@ -44,6 +44,10 @@ var fs = require('fs'), db.getObjectFields('config', fields, callback); }, set: function (field, value, callback) { + if(!field) { + return callback(new Error('invalid config field')); + } + db.setObjectField('config', field, value, function(err, res) { if (callback) { if(!err && Meta.config) { diff --git a/src/postTools.js b/src/postTools.js index aca3214ded..13f7963f36 100644 --- a/src/postTools.js +++ b/src/postTools.js @@ -58,7 +58,8 @@ var winston = require('winston'), callback(null, { read: results.topicPrivs.read, editable: results.topicPrivs.editable || results.isOwner || results.hasEnoughRep, - view_deleted: results.topicPrivs.view_deleted || results.isOwner || results.hasEnoughRep + view_deleted: results.topicPrivs.view_deleted || results.isOwner || results.hasEnoughRep, + move: results.topicPrivs.admin || results.topicPrivs.moderator }); }); } diff --git a/src/socket.io/topics.js b/src/socket.io/topics.js index 4b8496287a..8dd19299ed 100644 --- a/src/socket.io/topics.js +++ b/src/socket.io/topics.js @@ -170,7 +170,17 @@ SocketTopics.movePost = function(socket, data, callback) { return callback(new Error('invalid data')); } - topics.movePostToTopic(data.pid, data.tid, callback); + threadTools.privileges(data.tid, socket.uid, function(err, privileges) { + if(err) { + return callback(err); + } + + if(!(privileges.admin || privileges.moderator)) { + return callback(new Error('not allowed')); + } + + topics.movePostToTopic(data.pid, data.tid, callback); + }); }; SocketTopics.move = function(socket, data, callback) { diff --git a/src/threadTools.js b/src/threadTools.js index dfcdb72fab..e7fa9a5854 100644 --- a/src/threadTools.js +++ b/src/threadTools.js @@ -50,7 +50,9 @@ var winston = require('winston'), read: results.categoryPrivs.read, write: results.categoryPrivs.write, editable: results.categoryPrivs.editable || results.hasEnoughRep, - view_deleted: results.categoryPrivs.view_deleted || results.hasEnoughRep + view_deleted: results.categoryPrivs.view_deleted || results.hasEnoughRep, + moderator: results.categoryPrivs.moderator, + admin: results.categoryPrivs.admin }); }); } diff --git a/src/topics.js b/src/topics.js index 9a57648702..131e1962e7 100644 --- a/src/topics.js +++ b/src/topics.js @@ -211,6 +211,7 @@ var async = require('async'), postData.favourited = false; postData.display_moderator_tools = true; + postData.display_move_tools = privileges.admin || privileges.moderator; postData.relativeTime = utils.toISOString(postData.timestamp); callback(null, postData); @@ -358,12 +359,11 @@ var async = require('async'), return parseInt(current_user, 10) !== 0 || parseInt(post.deleted, 10) === 0; }); - function getFavouritesData(next) { - var pids = []; - for (var i = 0; i < postData.length; ++i) { - pids.push(postData[i].pid); - } + pids = postData.map(function(post) { + return post.pid; + }); + function getFavouritesData(next) { favourites.getFavouritesByPostIDs(pids, current_user, function(fav_data) { next(null, fav_data); }); @@ -382,7 +382,20 @@ var async = require('async'), } function getPrivileges(next) { - postTools.privileges(tid, current_user, next); + var privs = {}; + async.each(pids, getPostPrivileges, function(err) { + next(err, privs); + }); + + function getPostPrivileges(pid, next) { + postTools.privileges(pid, current_user, function(err, postPrivileges) { + if(err) { + return next(err); + } + privs[pid] = postPrivileges; + next(); + }); + } } async.parallel([getFavouritesData, addUserInfoToPosts, getPrivileges], function(err, results) { @@ -394,8 +407,10 @@ var async = require('async'), privileges = results[2]; for (var i = 0; i < postData.length; ++i) { - postData[i].favourited = fav_data[postData[i].pid]; - postData[i].display_moderator_tools = ((current_user != 0) && (postData[i].uid == current_user || privileges.editable)); + var pid = postData[i].pid; + postData[i].favourited = fav_data[pid]; + postData[i].display_moderator_tools = (current_user != 0) && privileges[pid].editable; + postData[i].display_move_tools = privileges[pid].move; } callback(null, postData);