hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/designcreateplay/NodeBB

Browse Source
v1.18.x
Baris Soner Usakli 11 years ago
parent 825e4cca5a ab16b1184d
commit 6b8f7dba4f
3 changed files with 35 additions and 9 deletions
Show Stats Download Patch File Download Diff File

2
public/src/ajaxify.js
Unescape Escape View File

@ -49,7 +49,7 @@ var ajaxify = {};
// end // end
if ($('#content').hasClass('ajaxifying')) { if ($('#content').hasClass('ajaxifying')) {
return true; templates.cancelRequest();
} }
// Remove trailing slash // Remove trailing slash

15
public/src/templates.js
Unescape Escape View File

@ -4,7 +4,8 @@
templates, templates,
fs = null, fs = null,
available_templates = [], available_templates = [],
parsed_variables = {}; parsed_variables = {},
apiXHR;
module.exports = templates = { module.exports = templates = {
"globals": {} "globals": {}
@ -174,7 +175,7 @@
parse_template(); parse_template();
} }
jQuery.get(RELATIVE_PATH + '/api/' + api_url, function (data) { apiXHR = jQuery.get(RELATIVE_PATH + '/api/' + api_url, function (data) {
if (!data) { if (!data) {
ajaxify.go('404'); ajaxify.go('404');
@ -183,12 +184,12 @@
template_data = data; template_data = data;
parse_template(); parse_template();
}).fail(function (data) { }).fail(function (data, textStatus) {
if (data && data.status == 404) { if (data && data.status == 404) {
return ajaxify.go('404'); return ajaxify.go('404');
} else if (data && data.status === 403) { } else if (data && data.status === 403) {
return ajaxify.go('403'); return ajaxify.go('403');
} else { } else if (textStatus !== "abort") {
app.alertError(data.responseJSON.error); app.alertError(data.responseJSON.error);
} }
}); });
@ -232,6 +233,12 @@
} }
templates.cancelRequest = function() {
if (apiXHR) {
apiXHR.abort();
}
}
templates.flush = function () { templates.flush = function () {
parsed_variables = {}; parsed_variables = {};
} }

21
src/webserver.js
Unescape Escape View File

@ -16,6 +16,7 @@ var path = require('path'),
db = require('./database'), db = require('./database'),
user = require('./user'), user = require('./user'),
categories = require('./categories'), categories = require('./categories'),
CategoryTools = require('./categoryTools'),
posts = require('./posts'), posts = require('./posts'),
topics = require('./topics'), topics = require('./topics'),
ThreadTools = require('./threadTools'), ThreadTools = require('./threadTools'),
@ -511,7 +512,7 @@ if(nconf.get('ssl')) {
async.waterfall([ async.waterfall([
function(next) { function(next) {
// Check whether this user is allowed to access this topic // Check whether this user is allowed to access this topic
ThreadTools.privileges(tid, ((req.user) ? req.user.uid : 0), function(err, privileges) { ThreadTools.privileges(tid, ((req.user) ? req.user.uid || 0 : 0), function(err, privileges) {
if (!err) { if (!err) {
if (!privileges.read) { if (!privileges.read) {
next(new Error('not-enough-privileges')); next(new Error('not-enough-privileges'));
@ -671,6 +672,20 @@ if(nconf.get('ssl')) {
} }
async.waterfall([ async.waterfall([
function(next) {
// Check whether this user is allowed to access this category
CategoryTools.privileges(cid, ((req.user) ? req.user.uid || 0 : 0), function(err, privileges) {
if (!err) {
if (!privileges.read) {
next(new Error('not-enough-privileges'));
} else {
next();
}
} else {
next(err);
}
});
},
function (next) { function (next) {
categories.getCategoryById(cid, 0, function (err, categoryData) { categories.getCategoryById(cid, 0, function (err, categoryData) {
@ -717,8 +732,12 @@ if(nconf.get('ssl')) {
} }
], function (err, data) { ], function (err, data) {
if (err) { if (err) {
if (err.message === 'not-enough-privileges') {
return res.redirect('403');
} else {
return res.redirect('404'); return res.redirect('404');
} }
}
if(data.categories.link) { if(data.categories.link) {
return res.redirect(data.categories.link); return res.redirect(data.categories.link);

Write Preview
Loading…
Cancel
Save