updated the way privileges were handled in the .get() category controller

src/controllers/categories.js

@@ -63,8 +63,7 @@ categoriesController.unreadTotal = function(req, res, next) {
 categoriesController.get = function(req, res, next) {
 	var cid = req.params.category_id,
 		page = req.query.page || 1,
-		uid = req.user ? req.user.uid : 0,
+		uid = req.user ? req.user.uid : 0;
-		privileges = null;
 
 	async.waterfall([
 		function(next) {
@@ -73,15 +72,14 @@ categoriesController.get = function(req, res, next) {
 					if (!categoryPrivileges.read) {
 						next(new Error('not-enough-privileges'));
 					} else {
-						privileges = categoryPrivileges;
+						next(null, categoryPrivileges);
-						next();
 					}
 				} else {
 					next(err);
 				}
 			});
 		},
-		function (next) {
+		function (privileges, next) {
 			user.getSettings(uid, function(err, settings) {
 				if (err) {
 					return next(err);
@@ -97,6 +95,7 @@ categoriesController.get = function(req, res, next) {
 						}
 					}
 
+					categoryData.privileges = privileges;
 					next(err, categoryData);
 				});
 			});
@@ -154,7 +153,6 @@ categoriesController.get = function(req, res, next) {
 			category_url += '?' + queryString;
 		}
 
-		data.privileges = privileges;
 		data.currentPage = page;
 
 		// Paginator for noscript