hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

#2032

Browse Source
v1.18.x
barisusakli 11 years ago
parent 8f916ed066
commit 55cbaf6a19
2 changed files with 41 additions and 29 deletions
Show Stats Download Patch File Download Diff File

12
src/controllers/categories.js
Unescape Escape View File

@ -108,11 +108,11 @@ categoriesController.get = function(req, res, next) {
}, },
function(results, next) { function(results, next) {
if (!results.exists || parseInt(results.disabled, 10) === 1) { if (!results.exists || parseInt(results.disabled, 10) === 1) {
return notFound(req, res); return categoriesController.notFound(req, res);
} }
if (!results.privileges.read) { if (!results.privileges.read) {
return notAllowed(req, res); return categoriesController.notAllowed(req, res);
} }
var settings = results.userSettings; var settings = results.userSettings;
@ -215,11 +215,11 @@ categoriesController.get = function(req, res, next) {
}); });
}; };
function notFound(req, res) { categoriesController.notFound = function(req, res) {
res.locals.isAPI ? res.json(404, 'not-found') : res.redirect(nconf.get('relative_path') + '/404'); res.locals.isAPI ? res.json(404, 'not-found') : res.redirect(nconf.get('relative_path') + '/404');
} };
function notAllowed(req, res) { categoriesController.notAllowed = function(req, res) {
var uid = req.user ? req.user.uid : 0; var uid = req.user ? req.user.uid : 0;
if (uid) { if (uid) {
res.locals.isAPI ? res.json(403, 'not-allowed') : res.redirect(nconf.get('relative_path') + '/403'); res.locals.isAPI ? res.json(403, 'not-allowed') : res.redirect(nconf.get('relative_path') + '/403');
@ -231,6 +231,6 @@ function notAllowed(req, res) {
res.redirect(nconf.get('relative_path') + '/login'); res.redirect(nconf.get('relative_path') + '/login');
} }
} }
} };
module.exports = categoriesController; module.exports = categoriesController;

46
src/controllers/topics.js
Unescape Escape View File

@ -6,12 +6,13 @@ var topicsController = {},
validator = require('validator'), validator = require('validator'),
nconf = require('nconf'), nconf = require('nconf'),
qs = require('querystring'), qs = require('querystring'),
user = require('./../user'), user = require('../user'),
meta = require('./../meta'), meta = require('../meta'),
topics = require('./../topics'), topics = require('../topics'),
posts = require('../posts'), posts = require('../posts'),
privileges = require('../privileges'), privileges = require('../privileges'),
utils = require('./../../public/src/utils'); categoriesController = require('./categories'),
utils = require('../../public/src/utils');
topicsController.get = function(req, res, next) { topicsController.get = function(req, res, next) {
var tid = req.params.topic_id, var tid = req.params.topic_id,
@ -22,16 +23,10 @@ topicsController.get = function(req, res, next) {
async.waterfall([ async.waterfall([
function (next) { function (next) {
async.parallel({
privileges: function(next) {
privileges.topics.get(tid, uid, next); privileges.topics.get(tid, uid, next);
}, },
function (privileges, next) {
if (!privileges.read || privileges.disabled) {
return next(new Error('[[error:no-privileges]]'));
}
userPrivileges = privileges;
async.parallel({
postCount: function(next) { postCount: function(next) {
topics.getPostCount(tid, next); topics.getPostCount(tid, next);
}, },
@ -41,6 +36,16 @@ topicsController.get = function(req, res, next) {
}, next); }, next);
}, },
function (results, next) { function (results, next) {
userPrivileges = results.privileges;
if (userPrivileges.disabled) {
return categoriesController.notFound(req, res);
}
if (!userPrivileges.read) {
return categoriesController.notAllowed(req, res);
}
var settings = results.settings; var settings = results.settings;
var postCount = parseInt(results.postCount, 10) + 1; var postCount = parseInt(results.postCount, 10) + 1;
var set = 'tid:' + tid + ':posts', var set = 'tid:' + tid + ':posts',
@ -82,16 +87,22 @@ topicsController.get = function(req, res, next) {
end = start + settings.postsPerPage - 1; end = start + settings.postsPerPage - 1;
topics.getTopicWithPosts(tid, set, uid, start, end, reverse, function (err, topicData) { topics.getTopicWithPosts(tid, set, uid, start, end, reverse, function (err, topicData) {
if (topicData) { if (err && err.message === '[[error:no-topic]]' && !topicData) {
return categoriesController.notFound(req, res);
}
if (err && !topicData) {
return next(err);
}
if (topicData.deleted && !userPrivileges.view_deleted) { if (topicData.deleted && !userPrivileges.view_deleted) {
return next(new Error('[[error:no-topic]]')); return categoriesController.notAllowed(req, res);
} }
topicData.currentPage = page; topicData.currentPage = page;
if(page > 1) { if(page > 1) {
topicData.posts.splice(0, 1); topicData.posts.splice(0, 1);
} }
}
next(err, topicData); next(null, topicData);
}); });
}, },
function (topicData, next) { function (topicData, next) {
@ -191,7 +202,7 @@ topicsController.get = function(req, res, next) {
} }
], function (err, data) { ], function (err, data) {
if (err) { if (err) {
return res.locals.isAPI ? res.json(404, 'not-found') : res.redirect(nconf.get('relative_path') + '/404'); return next(err);
} }
data.privileges = userPrivileges; data.privileges = userPrivileges;
@ -214,6 +225,7 @@ topicsController.get = function(req, res, next) {
active: x === parseInt(page, 10) active: x === parseInt(page, 10)
}); });
} }
res.render('topic', data); res.render('topic', data);
}); });
}; };

Write Preview
Loading…
Cancel
Save