closes #4194

9 years ago · 88e4591f88
parent 82875de32d
commit 88e4591f88
8 changed files with 79 additions and 75 deletions
--- a/public/src/client/account/edit.js
+++ b/public/src/client/account/edit.js
@ -78,6 +78,7 @@ define('forum/account/edit', ['forum/account/header', 'uploader', 'translator'],
 				if (err) {
 					return app.alertError(err.message);
 				}
+			
 				templates.parse('partials/modals/change_picture_modal', {
 					pictures: pictures,
 					uploaded: !!ajaxify.data.uploadedpicture,
@ -191,7 +192,6 @@ define('forum/account/edit', ['forum/account/header', 'uploader', 'translator'],
 			$('#user-current-picture, img.avatar').attr('src', urlOnServer);
 			updateHeader(urlOnServer);
 			uploadedPicture = urlOnServer;
-			ajaxify.refresh();
 		}

 		function onRemoveComplete(urlOnServer) {
--- a/public/src/modules/uploader.js
+++ b/public/src/modules/uploader.js
@ -58,7 +58,7 @@ define('uploader', ['csrf', 'translator'], function(csrf, translator) {
 					},
 					error: function(xhr) {
 						xhr = maybeParse(xhr);
-						showAlert('error', xhr.responseJSON ? xhr.responseJSON.error : 'error uploading, code : ' + xhr.status);
+						showAlert('error', xhr.responseJSON ? (xhr.responseJSON.error || xhr.statusText) : 'error uploading, code : ' + xhr.status);
 					},

 					uploadProgress: function(event, position, total, percent) {
--- a/src/controllers/accounts/edit.js
+++ b/src/controllers/accounts/edit.js
@ -24,6 +24,7 @@ editController.get = function(req, res, callback) {
 		userData.maximumProfileImageSize = parseInt(meta.config.maximumProfileImageSize, 10);
 		userData.allowProfileImageUploads = parseInt(meta.config.allowProfileImageUploads) === 1;
 		userData.allowAccountDelete = parseInt(meta.config.allowAccountDelete, 10) === 1;
+		

 		userData.title = '[[pages:account/edit, ' + userData.username + ']]';
 		userData.breadcrumbs = helpers.buildBreadcrumbs([{text: userData.username, url: '/user/' + userData.userslug}, {text: '[[user:edit]]'}]);
@ -94,30 +95,25 @@ function getUserData(req, next, callback) {
 editController.uploadPicture = function (req, res, next) {
 	var userPhoto = req.files.files[0];

-	var updateUid = req.uid;
+	var updateUid;

 	async.waterfall([
 		function(next) {
 			user.getUidByUserslug(req.params.userslug, next);
 		},
 		function(uid, next) {
-			if (parseInt(updateUid, 10) === parseInt(uid, 10)) {
-				return next();
+			updateUid = uid;
+			if (parseInt(req.uid, 10) === parseInt(uid, 10)) {
+				return next(null, true);
 			}

-			user.isAdministrator(req.uid, function(err, isAdmin) {
-				if (err) {
-					return next(err);
-				}
-
-				if (!isAdmin) {
-					return helpers.notAllowed(req, res);
-				}
-				updateUid = uid;
-				next();
-			});
+			user.isAdminOrGlobalMod(req.uid, next);
 		},
-		function(next) {
+		function(isAllowed, next) {
+			if (!isAllowed) {
+				return helpers.notAllowed(req, res);
+			}
+			
 			user.uploadPicture(updateUid, userPhoto, next);
 		}
 	], function(err, image) {
--- a/src/controllers/accounts/helpers.js
+++ b/src/controllers/accounts/helpers.js
@ -57,23 +57,24 @@ helpers.getUserDataByUserSlug = function(userslug, callerUID, callback) {
 			var userData = results.userData;
 			var userSettings = results.userSettings;
 			var isAdmin = results.isAdmin;
+			var isGlobalModerator = results.isGlobalModerator;
 			var self = parseInt(callerUID, 10) === parseInt(userData.uid, 10);

 			userData.joindateISO = utils.toISOString(userData.joindate);
 			userData.lastonlineISO = utils.toISOString(userData.lastonline || userData.joindate);
 			userData.age = Math.max(0, userData.birthday ? Math.floor((new Date().getTime() - new Date(userData.birthday).getTime()) / 31536000000) : 0);

-			if (!(isAdmin || self || (userData.email && userSettings.showemail))) {
+			if (!(isAdmin || isGlobalModerator || self || (userData.email && userSettings.showemail))) {
 				userData.email = '';
 			}

 			userData.emailClass = (self && !userSettings.showemail) ? '' : 'hide';

-			if (!isAdmin && !self && !userSettings.showfullname) {
+			if (!isAdmin && !isGlobalModerator && !self && !userSettings.showfullname) {
 				userData.fullname = '';
 			}

-			if (isAdmin || self) {
+			if (isAdmin || isGlobalModerator || self) {
 				userData.ips = results.ips;
 			}

@ -81,10 +82,11 @@ helpers.getUserDataByUserSlug = function(userslug, callerUID, callback) {
 			userData.yourid = callerUID;
 			userData.theirid = userData.uid;
 			userData.isAdmin = isAdmin;
-			userData.isGlobalModerator = results.isGlobalModerator;
-			userData.canBan = isAdmin || results.isGlobalModerator;
+			userData.isGlobalModerator = isGlobalModerator;
+			userData.canBan = isAdmin || isGlobalModerator;
+			userData.canChangePassword = isAdmin || self;
 			userData.isSelf = self;
-			userData.showHidden = self || isAdmin;
+			userData.showHidden = self || isAdmin || isGlobalModerator;
 			userData.groups = Array.isArray(results.groups) && results.groups.length ? results.groups[0] : [];
 			userData.disableSignatures = meta.config.disableSignatures !== undefined && parseInt(meta.config.disableSignatures, 10) === 1;
 			userData['email:confirmed'] = !!parseInt(userData['email:confirmed'], 10);
@ -133,6 +135,9 @@ helpers.getBaseUser = function(userslug, callerUID, callback) {
 				isAdmin: function(next) {
 					user.isAdministrator(callerUID, next);
 				},
+				isGlobalModerator: function(next) {
+					user.isGlobalModerator(callerUID, next);
+				},
 				profile_links: function(next) {
 					plugins.fireHook('filter:user.profileLinks', [], next);
 				}
@ -147,7 +152,7 @@ helpers.getBaseUser = function(userslug, callerUID, callback) {
 			results.user.theirid = results.user.uid;
 			results.user.status = user.getStatus(results.user);
 			results.user.isSelf = parseInt(callerUID, 10) === parseInt(results.user.uid, 10);
-			results.user.showHidden = results.user.isSelf || results.isAdmin;
+			results.user.showHidden = results.user.isSelf || results.isAdmin || results.isGlobalModerator;
 			results.user.profile_links = filterLinks(results.profile_links, results.user.isSelf);

 			results.user['cover:url'] = results.user['cover:url'] || require('../../coverPhoto').getDefaultProfileCover(results.user.uid);
--- a/src/middleware/middleware.js
+++ b/src/middleware/middleware.js
@ -145,7 +145,7 @@ middleware.checkAccountPermissions = function(req, res, next) {
 				return next(null, true);
 			}

-			user.isAdministrator(req.uid, next);
+			user.isAdminOrGlobalMod(req.uid, next);
 		}
 	], function (err, allowed) {
 		if (err || allowed) {
--- a/src/socket.io/user.js
+++ b/src/socket.io/user.js
@ -188,12 +188,20 @@ SocketUser.saveSettings = function(socket, data, callback) {
 		return callback(new Error('[[error:invalid-data]]'));
 	}

-	user.isAdminOrSelf(socket.uid, data.uid, function(err) {
-		if (err) {
-			return callback(err);
+	async.waterfall([
+		function(next) {
+			if (socket.uid === parseInt(data.uid, 10)) {
+				return next(null, true);
+			}
+			user.isAdminOrGlobalMod(socket.uid, next);
+		}, 
+		function(allowed, next) {
+			if (!allowed) {
+				return next(new Error('[[error:no-privileges]]'));
+			}
+			user.saveSettings(data.uid, data.settings, next);
 		}
-		user.saveSettings(data.uid, data.settings, callback);
-	});
+	], callback);
 };

 SocketUser.setTopicSort = function(socket, sort, callback) {
--- a/src/socket.io/user/profile.js
+++ b/src/socket.io/user/profile.js
@ -122,18 +122,18 @@ module.exports = function(SocketUser) {
 					return next(new Error('[[error:invalid-data]]'));
 				}

-				user.isAdministrator(socket.uid, next);
+				user.isAdminOrGlobalMod(socket.uid, next);
 			},
-			function(isAdmin, next) {
-				if (!isAdmin && socket.uid !== parseInt(data.uid, 10)) {
+			function(isAdminOrGlobalMod, next) {
+				if (!isAdminOrGlobalMod && socket.uid !== parseInt(data.uid, 10)) {
 					return next(new Error('[[error:no-privileges]]'));
 				}

-				if (!isAdmin && parseInt(meta.config['username:disableEdit'], 10) === 1) {
+				if (!isAdminOrGlobalMod && parseInt(meta.config['username:disableEdit'], 10) === 1) {
 					data.username = oldUserData.username;
 				}

-				if (!isAdmin && parseInt(meta.config['email:disableEdit'], 10) === 1) {
+				if (!isAdminOrGlobalMod && parseInt(meta.config['email:disableEdit'], 10) === 1) {
 					data.email = oldUserData.email;
 				}

--- a/src/user/picture.js
+++ b/src/user/picture.js
@ -25,6 +25,7 @@ module.exports = function(User) {
 		var updateUid = uid;
 		var imageDimension = parseInt(meta.config.profileImageDimension, 10) || 128;
 		var convertToPNG = parseInt(meta.config['profile:convertProfileImageToPNG'], 10) === 1;
+		var uploadedImage;

 		async.waterfall([
 			function(next) {
@ -53,48 +54,42 @@ module.exports = function(User) {
 				} else {
 					next();
 				}
-			}
-		], function(err) {
-			function done(err, image) {
-				if (err) {
-					return callback(err);
+			},
+			function(next) {
+				if (plugins.hasListeners('filter:uploadImage')) {
+					return plugins.fireHook('filter:uploadImage', {image: picture, uid: updateUid}, next);
 				}

-				User.setUserFields(updateUid, {uploadedpicture: image.url, picture: image.url});
-
-				callback(null, image);
-			}
-
-			if (err) {
-				return callback(err);
-			}
-
-			if (plugins.hasListeners('filter:uploadImage')) {
-				return plugins.fireHook('filter:uploadImage', {image: picture, uid: updateUid}, done);
+				var filename = updateUid + '-profileimg' + (convertToPNG ? '.png' : extension);
+				
+				async.waterfall([
+					function(next) {
+						User.getUserField(updateUid, 'uploadedpicture', next);
+					},
+					function(oldpicture, next) {
+						if (!oldpicture) {
+							return file.saveFileToLocal(filename, 'profile', picture.path, next);
+						}		
+						var oldpicturePath = path.join(nconf.get('base_dir'), nconf.get('upload_path'), 'profile', path.basename(oldpicture));
+
+						fs.unlink(oldpicturePath, function (err) {
+							if (err) {
+								winston.error(err);
+							}
+
+							file.saveFileToLocal(filename, 'profile', picture.path, next);
+						});
+					},					
+				], next);
+			},
+			function(_image, next) {
+				uploadedImage = _image;
+				User.setUserFields(updateUid, {uploadedpicture: uploadedImage.url, picture: uploadedImage.url}, next);
+			},
+			function(next) {
+				next(null, uploadedImage);
 			}
-
-			var filename = updateUid + '-profileimg' + (convertToPNG ? '.png' : extension);
-
-			User.getUserField(updateUid, 'uploadedpicture', function (err, oldpicture) {
-				if (err) {
-					return callback(err);
-				}
-
-				if (!oldpicture) {
-					return file.saveFileToLocal(filename, 'profile', picture.path, done);
-				}
-
-				var absolutePath = path.join(nconf.get('base_dir'), nconf.get('upload_path'), 'profile', path.basename(oldpicture));
-
-				fs.unlink(absolutePath, function (err) {
-					if (err) {
-						winston.error(err);
-					}
-
-					file.saveFileToLocal(filename, 'profile', picture.path, done);
-				});
-			});
-		});
+		], callback);
 	};

 	User.uploadFromUrl = function(uid, url, callback) {
@ -135,7 +130,7 @@ module.exports = function(User) {
 	};

 	User.updateCoverPicture = function(data, callback) {
-		var tempPath, url, md5sum;
+		var url, md5sum;

 		if (!data.imageData && data.position) {
 			return User.updateCoverPosition(data.uid, data.position, callback);