hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

privileges style changes

Browse Source
v1.18.x
Barış Soner Uşaklı 8 years ago
parent 02dee48329
commit 8db193ff55
6 changed files with 384 additions and 403 deletions
Show Stats Download Patch File Download Diff File

2
src/groups/membership.js
Unescape Escape View File

@ -323,7 +323,7 @@ module.exports = function (Groups) {
}); });
Groups.isMember = function (uid, groupName, callback) { Groups.isMember = function (uid, groupName, callback) {
if (!uid || parseInt(uid, 10) <= 0) { if (!uid || parseInt(uid, 10) <= 0 || !groupName) {
return setImmediate(callback, null, false); return setImmediate(callback, null, false);
} }

63
src/privileges/categories.js
Unescape Escape View File

@ -31,6 +31,8 @@ module.exports = function (privileges) {
{ name: 'Moderate' }, { name: 'Moderate' },
]; ];
async.waterfall([
function (next) {
async.parallel({ async.parallel({
labels: function (next) { labels: function (next) {
async.parallel({ async.parallel({
@ -40,6 +42,7 @@ module.exports = function (privileges) {
}, },
users: function (next) { users: function (next) {
var userPrivileges; var userPrivileges;
var memberSets;
async.waterfall([ async.waterfall([
async.apply(plugins.fireHook, 'filter:privileges.list', privileges.userPrivilegeList), async.apply(plugins.fireHook, 'filter:privileges.list', privileges.userPrivilegeList),
function (_privs, next) { function (_privs, next) {
@ -48,8 +51,8 @@ module.exports = function (privileges) {
return 'cid:' + cid + ':privileges:' + privilege; return 'cid:' + cid + ':privileges:' + privilege;
}), next); }), next);
}, },
function (memberSets, next) { function (_memberSets, next) {
memberSets = memberSets.map(function (set) { memberSets = _memberSets.map(function (set) {
return set.map(function (uid) { return set.map(function (uid) {
return parseInt(uid, 10); return parseInt(uid, 10);
}); });
@ -57,11 +60,9 @@ module.exports = function (privileges) {
var members = _.unique(_.flatten(memberSets)); var members = _.unique(_.flatten(memberSets));
user.getUsersFields(members, ['picture', 'username'], function (err, memberData) { user.getUsersFields(members, ['picture', 'username'], next);
if (err) { },
return next(err); function (memberData, next) {
}
memberData.forEach(function (member) { memberData.forEach(function (member) {
member.privileges = {}; member.privileges = {};
for (var x = 0, numPrivs = userPrivileges.length; x < numPrivs; x += 1) { for (var x = 0, numPrivs = userPrivileges.length; x < numPrivs; x += 1) {
@ -70,7 +71,6 @@ module.exports = function (privileges) {
}); });
next(null, memberData); next(null, memberData);
});
}, },
], next); ], next);
}, },
@ -80,19 +80,22 @@ module.exports = function (privileges) {
async.apply(plugins.fireHook, 'filter:privileges.groups.list', privileges.groupPrivilegeList), async.apply(plugins.fireHook, 'filter:privileges.groups.list', privileges.groupPrivilegeList),
function (_privs, next) { function (_privs, next) {
groupPrivileges = _privs; groupPrivileges = _privs;
async.parallel({
memberSets: function (next) {
groups.getMembersOfGroups(groupPrivileges.map(function (privilege) { groups.getMembersOfGroups(groupPrivileges.map(function (privilege) {
return 'cid:' + cid + ':privileges:' + privilege; return 'cid:' + cid + ':privileges:' + privilege;
}), next); }), next);
}, },
function (memberSets, next) { groupNames: function (next) {
groups.getGroups('groups:createtime', 0, -1, next);
},
}, next);
},
function (results, next) {
var memberSets = results.memberSets;
var uniqueGroups = _.unique(_.flatten(memberSets)); var uniqueGroups = _.unique(_.flatten(memberSets));
groups.getGroups('groups:createtime', 0, -1, function (err, groupNames) { var groupNames = results.groupNames.filter(function (groupName) {
if (err) {
return next(err);
}
groupNames = groupNames.filter(function (groupName) {
return groupName.indexOf(':privileges:') === -1 && uniqueGroups.indexOf(groupName) !== -1; return groupName.indexOf(':privileges:') === -1 && uniqueGroups.indexOf(groupName) !== -1;
}); });
@ -124,33 +127,31 @@ module.exports = function (privileges) {
}); });
next(null, memberData); next(null, memberData);
});
}, },
function (memberData, next) { function (memberData, next) {
// Grab privacy info for the groups as well // Grab privacy info for the groups as well
async.map(memberData, function (member, next) { async.map(memberData, function (member, next) {
groups.isPrivate(member.name, function (err, isPrivate) { async.waterfall([
if (err) { function (next) {
return next(err); groups.isPrivate(member.name, next);
} },
function (isPrivate, next) {
member.isPrivate = isPrivate; member.isPrivate = isPrivate;
next(null, member); next();
}); },
], next);
}, next); }, next);
}, },
], next); ], next);
}, },
}, function (err, payload) { }, next);
if (err) { },
return callback(err); function (payload, next) {
}
// This is a hack because I can't do {labels.users.length} to echo the count in templates.js // This is a hack because I can't do {labels.users.length} to echo the count in templates.js
payload.columnCount = payload.labels.users.length + 2; payload.columnCount = payload.labels.users.length + 2;
next(null, payload);
callback(null, payload); },
}); ], callback);
}; };
privileges.categories.get = function (cid, uid, callback) { privileges.categories.get = function (cid, uid, callback) {

101
src/privileges/helpers.js
Unescape Escape View File

@ -4,7 +4,7 @@
var async = require('async'); var async = require('async');
var groups = require('../groups'); var groups = require('../groups');
var helpers = {}; var helpers = module.exports;
helpers.some = function (tasks, callback) { helpers.some = function (tasks, callback) {
async.some(tasks, function (task, next) { async.some(tasks, function (task, next) {
@ -29,30 +29,12 @@ function isUserAllowedToCids(privilege, uid, cids, callback) {
var userKeys = []; var userKeys = [];
var groupKeys = []; var groupKeys = [];
for (var i = 0; i < cids.length; i += 1) { cids.forEach(function (cid) {
userKeys.push('cid:' + cids[i] + ':privileges:' + privilege); userKeys.push('cid:' + cid + ':privileges:' + privilege);
groupKeys.push('cid:' + cids[i] + ':privileges:groups:' + privilege); groupKeys.push('cid:' + cid + ':privileges:groups:' + privilege);
}
async.parallel({
hasUserPrivilege: function (next) {
groups.isMemberOfGroups(uid, userKeys, next);
},
hasGroupPrivilege: function (next) {
groups.isMemberOfGroupsList(uid, groupKeys, next);
},
}, function (err, results) {
if (err) {
return callback(err);
}
var result = [];
for (var i = 0; i < cids.length; i += 1) {
result.push(results.hasUserPrivilege[i] || results.hasGroupPrivilege[i]);
}
callback(null, result);
}); });
checkIfAllowed(uid, userKeys, groupKeys, callback);
} }
function isUserAllowedToPrivileges(privileges, uid, cid, callback) { function isUserAllowedToPrivileges(privileges, uid, cid, callback) {
@ -62,11 +44,17 @@ function isUserAllowedToPrivileges(privileges, uid, cid, callback) {
var userKeys = []; var userKeys = [];
var groupKeys = []; var groupKeys = [];
for (var i = 0; i < privileges.length; i += 1) { privileges.forEach(function (privilege) {
userKeys.push('cid:' + cid + ':privileges:' + privileges[i]); userKeys.push('cid:' + cid + ':privileges:' + privilege);
groupKeys.push('cid:' + cid + ':privileges:groups:' + privileges[i]); groupKeys.push('cid:' + cid + ':privileges:groups:' + privilege);
});
checkIfAllowed(uid, userKeys, groupKeys, callback);
} }
function checkIfAllowed(uid, userKeys, groupKeys, callback) {
async.waterfall([
function (next) {
async.parallel({ async.parallel({
hasUserPrivilege: function (next) { hasUserPrivilege: function (next) {
groups.isMemberOfGroups(uid, userKeys, next); groups.isMemberOfGroups(uid, userKeys, next);
@ -74,22 +62,21 @@ function isUserAllowedToPrivileges(privileges, uid, cid, callback) {
hasGroupPrivilege: function (next) { hasGroupPrivilege: function (next) {
groups.isMemberOfGroupsList(uid, groupKeys, next); groups.isMemberOfGroupsList(uid, groupKeys, next);
}, },
}, function (err, results) { }, next);
if (err) { },
return callback(err); function (results, next) {
} var result = userKeys.map(function (key, index) {
return results.hasUserPrivilege[index] || results.hasGroupPrivilege[index];
var result = [];
for (var i = 0; i < privileges.length; i += 1) {
result.push(results.hasUserPrivilege[i] || results.hasGroupPrivilege[i]);
}
callback(null, result);
}); });
}
next(null, result);
},
], callback);
}
helpers.isUsersAllowedTo = function (privilege, uids, cid, callback) { helpers.isUsersAllowedTo = function (privilege, uids, cid, callback) {
async.waterfall([
function (next) {
async.parallel({ async.parallel({
hasUserPrivilege: function (next) { hasUserPrivilege: function (next) {
groups.isMembers(uids, 'cid:' + cid + ':privileges:' + privilege, next); groups.isMembers(uids, 'cid:' + cid + ':privileges:' + privilege, next);
@ -97,36 +84,30 @@ helpers.isUsersAllowedTo = function (privilege, uids, cid, callback) {
hasGroupPrivilege: function (next) { hasGroupPrivilege: function (next) {
groups.isMembersOfGroupList(uids, 'cid:' + cid + ':privileges:groups:' + privilege, next); groups.isMembersOfGroupList(uids, 'cid:' + cid + ':privileges:groups:' + privilege, next);
}, },
}, function (err, results) { }, next);
if (err) { },
return callback(err); function (results, next) {
} var result = uids.map(function (uid, index) {
return results.hasUserPrivilege[index] || results.hasGroupPrivilege[index];
var result = [];
for (var i = 0; i < uids.length; i += 1) {
result.push(results.hasUserPrivilege[i] || results.hasGroupPrivilege[i]);
}
callback(null, result);
}); });
next(null, result);
},
], callback);
}; };
function isGuestAllowedToCids(privilege, cids, callback) { function isGuestAllowedToCids(privilege, cids, callback) {
var groupKeys = []; var groupKeys = cids.map(function (cid) {
for (var i = 0; i < cids.length; i += 1) { return 'cid:' + cid + ':privileges:groups:' + privilege;
groupKeys.push('cid:' + cids[i] + ':privileges:groups:' + privilege); });
}
groups.isMemberOfGroups('guests', groupKeys, callback); groups.isMemberOfGroups('guests', groupKeys, callback);
} }
function isGuestAllowedToPrivileges(privileges, cid, callback) { function isGuestAllowedToPrivileges(privileges, cid, callback) {
var groupKeys = []; var groupKeys = privileges.map(function (privilege) {
for (var i = 0; i < privileges.length; i += 1) { return 'cid:' + cid + ':privileges:groups:' + privilege;
groupKeys.push('cid:' + cid + ':privileges:groups:' + privileges[i]); });
}
groups.isMemberOfGroups('guests', groupKeys, callback); groups.isMemberOfGroups('guests', groupKeys, callback);
} }
module.exports = helpers;

97
src/privileges/posts.js
Unescape Escape View File

@ -32,39 +32,35 @@ module.exports = function (privileges) {
'posts:edit': async.apply(helpers.isUserAllowedTo, 'posts:edit', uid, cids), 'posts:edit': async.apply(helpers.isUserAllowedTo, 'posts:edit', uid, cids),
}, next); }, next);
}, },
], function (err, results) { function (results, next) {
if (err) { var privileges = pids.map(function (pid, i) {
return callback(err);
}
var privileges = [];
for (var i = 0; i < pids.length; i += 1) {
var isAdminOrMod = results.isAdmin || results.isModerator[i]; var isAdminOrMod = results.isAdmin || results.isModerator[i];
var editable = isAdminOrMod || (results.isOwner[i] && results['posts:edit'][i]); var editable = isAdminOrMod || (results.isOwner[i] && results['posts:edit'][i]);
privileges.push({ return {
editable: editable, editable: editable,
view_deleted: editable, view_deleted: editable,
move: isAdminOrMod, move: isAdminOrMod,
isAdminOrMod: isAdminOrMod, isAdminOrMod: isAdminOrMod,
'topics:read': results['topics:read'][i] || isAdminOrMod, 'topics:read': results['topics:read'][i] || isAdminOrMod,
read: results.read[i] || isAdminOrMod, read: results.read[i] || isAdminOrMod,
};
}); });
}
callback(null, privileges); next(null, privileges);
}); },
], callback);
}; };
privileges.posts.can = function (privilege, pid, uid, callback) { privileges.posts.can = function (privilege, pid, uid, callback) {
posts.getCidByPid(pid, function (err, cid) { async.waterfall([
if (err) { function (next) {
return callback(err); posts.getCidByPid(pid, next);
} },
function (cid, next) {
privileges.categories.can(privilege, cid, uid, callback); privileges.categories.can(privilege, cid, uid, next);
}); },
], callback);
}; };
privileges.posts.filter = function (privilege, pids, uid, callback) { privileges.posts.filter = function (privilege, pids, uid, callback) {
@ -136,19 +132,21 @@ module.exports = function (privileges) {
}; };
privileges.posts.canEdit = function (pid, uid, callback) { privileges.posts.canEdit = function (pid, uid, callback) {
async.waterfall([
function (next) {
async.parallel({ async.parallel({
isEditable: async.apply(isPostEditable, pid, uid), isEditable: async.apply(isPostEditable, pid, uid),
isAdminOrMod: async.apply(isAdminOrMod, pid, uid), isAdminOrMod: async.apply(isAdminOrMod, pid, uid),
}, function (err, results) { }, next);
if (err) { },
return callback(err); function (results, next) {
}
if (results.isAdminOrMod) { if (results.isAdminOrMod) {
return callback(null, { flag: true }); return next(null, { flag: true });
} }
callback(null, results.isEditable); next(null, results.isEditable);
}); },
], callback);
}; };
privileges.posts.canDelete = function (pid, uid, callback) { privileges.posts.canDelete = function (pid, uid, callback) {
@ -166,40 +164,42 @@ module.exports = function (privileges) {
'posts:delete': async.apply(privileges.posts.can, 'posts:delete', pid, uid), 'posts:delete': async.apply(privileges.posts.can, 'posts:delete', pid, uid),
}, next); }, next);
}, },
], function (err, results) { function (results, next) {
if (err) {
return callback(err);
}
if (results.isAdminOrMod) { if (results.isAdminOrMod) {
return callback(null, { flag: true }); return next(null, { flag: true });
} }
if (results.isLocked) { if (results.isLocked) {
return callback(null, { flag: false, message: '[[error:topic-locked]]' }); return next(null, { flag: false, message: '[[error:topic-locked]]' });
} }
if (!results['posts:delete']) { if (!results['posts:delete']) {
return callback(null, { flag: false, message: '[[error:no-privileges]]' }); return next(null, { flag: false, message: '[[error:no-privileges]]' });
} }
var postDeleteDuration = parseInt(meta.config.postDeleteDuration, 10); var postDeleteDuration = parseInt(meta.config.postDeleteDuration, 10);
if (postDeleteDuration && (Date.now() - parseInt(postData.timestamp, 10) > postDeleteDuration * 1000)) { if (postDeleteDuration && (Date.now() - parseInt(postData.timestamp, 10) > postDeleteDuration * 1000)) {
return callback(null, { flag: false, message: '[[error:post-delete-duration-expired, ' + meta.config.postDeleteDuration + ']]' }); return next(null, { flag: false, message: '[[error:post-delete-duration-expired, ' + meta.config.postDeleteDuration + ']]' });
} }
var deleterUid = parseInt(postData.deleterUid, 10) || 0; var deleterUid = parseInt(postData.deleterUid, 10) || 0;
var flag = results.isOwner && (deleterUid === 0 || deleterUid === parseInt(postData.uid, 10)); var flag = results.isOwner && (deleterUid === 0 || deleterUid === parseInt(postData.uid, 10));
callback(null, { flag: flag, message: '[[error:no-privileges]]' }); next(null, { flag: flag, message: '[[error:no-privileges]]' });
}); },
], callback);
}; };
privileges.posts.canMove = function (pid, uid, callback) { privileges.posts.canMove = function (pid, uid, callback) {
posts.isMain(pid, function (err, isMain) { async.waterfall([
if (err || isMain) { function (next) {
return callback(err || new Error('[[error:cant-move-mainpost]]')); posts.isMain(pid, next);
},
function (isMain, next) {
if (isMain) {
return next(new Error('[[error:cant-move-mainpost]]'));
} }
isAdminOrMod(pid, uid, callback); isAdminOrMod(pid, uid, next);
}); },
], callback);
}; };
privileges.posts.canPurge = function (pid, uid, callback) { privileges.posts.canPurge = function (pid, uid, callback) {
@ -251,13 +251,14 @@ module.exports = function (privileges) {
function isAdminOrMod(pid, uid, callback) { function isAdminOrMod(pid, uid, callback) {
helpers.some([ helpers.some([
function (next) { function (next) {
posts.getCidByPid(pid, function (err, cid) { async.waterfall([
if (err || !cid) { function (next) {
return next(err, false); posts.getCidByPid(pid, next);
} },
function (cid, next) {
user.isModerator(uid, cid, next); user.isModerator(uid, cid, next);
}); },
], next);
}, },
function (next) { function (next) {
user.isAdministrator(uid, next); user.isAdministrator(uid, next);

41
src/privileges/topics.js
Unescape Escape View File

@ -28,11 +28,7 @@ module.exports = function (privileges) {
disabled: async.apply(categories.getCategoryField, topic.cid, 'disabled'), disabled: async.apply(categories.getCategoryField, topic.cid, 'disabled'),
}, next); }, next);
}, },
], function (err, results) { function (results, next) {
if (err) {
return callback(err);
}
var privData = _.object(privs, results.privileges); var privData = _.object(privs, results.privileges);
var disabled = parseInt(results.disabled, 10) === 1; var disabled = parseInt(results.disabled, 10) === 1;
var locked = parseInt(topic.locked, 10) === 1; var locked = parseInt(topic.locked, 10) === 1;
@ -57,8 +53,9 @@ module.exports = function (privileges) {
disabled: disabled, disabled: disabled,
tid: tid, tid: tid,
uid: uid, uid: uid,
}, callback); }, next);
}); },
], callback);
}; };
privileges.topics.can = function (privilege, tid, uid, callback) { privileges.topics.can = function (privilege, tid, uid, callback) {
@ -194,13 +191,9 @@ module.exports = function (privileges) {
'topics:delete': async.apply(helpers.isUserAllowedTo, 'topics:delete', uid, [topicData.cid]), 'topics:delete': async.apply(helpers.isUserAllowedTo, 'topics:delete', uid, [topicData.cid]),
}, next); }, next);
}, },
], function (err, results) { function (results, next) {
if (err) {
return callback(err);
}
if (results.isModerator || results.isAdministrator) { if (results.isModerator || results.isAdministrator) {
return callback(null, true); return next(null, true);
} }
var preventTopicDeleteAfterReplies = parseInt(meta.config.preventTopicDeleteAfterReplies, 10) || 0; var preventTopicDeleteAfterReplies = parseInt(meta.config.preventTopicDeleteAfterReplies, 10) || 0;
@ -208,15 +201,16 @@ module.exports = function (privileges) {
var langKey = preventTopicDeleteAfterReplies > 1 ? var langKey = preventTopicDeleteAfterReplies > 1 ?
'[[error:cant-delete-topic-has-replies, ' + meta.config.preventTopicDeleteAfterReplies + ']]' : '[[error:cant-delete-topic-has-replies, ' + meta.config.preventTopicDeleteAfterReplies + ']]' :
'[[error:cant-delete-topic-has-reply]]'; '[[error:cant-delete-topic-has-reply]]';
return callback(new Error(langKey)); return next(new Error(langKey));
} }
if (!results['topics:delete'][0]) { if (!results['topics:delete'][0]) {
return callback(null, false); return next(null, false);
} }
callback(null, results.isOwner); next(null, results.isOwner);
}); },
], callback);
}; };
privileges.topics.canEdit = function (tid, uid, callback) { privileges.topics.canEdit = function (tid, uid, callback) {
@ -234,16 +228,17 @@ module.exports = function (privileges) {
], callback); ], callback);
}; };
privileges.topics.isAdminOrMod = function (tid, uid, callback) { privileges.topics.isAdminOrMod = function (tid, uid, callback) {
helpers.some([ helpers.some([
function (next) { function (next) {
topics.getTopicField(tid, 'cid', function (err, cid) { async.waterfall([
if (err) { function (next) {
return next(err); topics.getTopicField(tid, 'cid', next);
} },
function (cid, next) {
user.isModerator(uid, cid, next); user.isModerator(uid, cid, next);
}); },
], next);
}, },
function (next) { function (next) {
user.isAdministrator(uid, next); user.isAdministrator(uid, next);

87
src/privileges/users.js
Unescape Escape View File

@ -40,17 +40,17 @@ module.exports = function (privileges) {
if (!parseInt(uid, 10)) { if (!parseInt(uid, 10)) {
return filterIsModerator(cids, uid, cids.map(function () { return false; }), callback); return filterIsModerator(cids, uid, cids.map(function () { return false; }), callback);
} }
var uniqueCids;
privileges.users.isGlobalModerator(uid, function (err, isGlobalModerator) { async.waterfall([
if (err) { function (next) {
return callback(err); privileges.users.isGlobalModerator(uid, next);
} },
function (isGlobalModerator, next) {
if (isGlobalModerator) { if (isGlobalModerator) {
return filterIsModerator(cids, uid, cids.map(function () { return true; }), callback); return filterIsModerator(cids, uid, cids.map(function () { return true; }), callback);
} }
uniqueCids = cids.filter(function (cid, index, array) {
var uniqueCids = cids.filter(function (cid, index, array) {
return array.indexOf(cid) === index; return array.indexOf(cid) === index;
}); });
@ -65,11 +65,9 @@ module.exports = function (privileges) {
async.parallel({ async.parallel({
user: async.apply(groups.isMemberOfGroups, uid, groupNames), user: async.apply(groups.isMemberOfGroups, uid, groupNames),
group: async.apply(groups.isMemberOfGroupsList, uid, groupListNames), group: async.apply(groups.isMemberOfGroupsList, uid, groupListNames),
}, function (err, checks) { }, next);
if (err) { },
return callback(err); function (checks, next) {
}
var isMembers = checks.user.map(function (isMember, idx) { var isMembers = checks.user.map(function (isMember, idx) {
return isMember || checks.group[idx]; return isMember || checks.group[idx];
}); });
@ -83,62 +81,67 @@ module.exports = function (privileges) {
return map[cid]; return map[cid];
}); });
filterIsModerator(cids, uid, isModerator, callback); filterIsModerator(cids, uid, isModerator, next);
}); },
}); ], callback);
} }
function isModeratorsOfCategory(cid, uids, callback) { function isModeratorsOfCategory(cid, uids, callback) {
async.waterfall([
function (next) {
async.parallel([ async.parallel([
async.apply(privileges.users.isGlobalModerator, uids), async.apply(privileges.users.isGlobalModerator, uids),
async.apply(groups.isMembers, uids, 'cid:' + cid + ':privileges:mods'), async.apply(groups.isMembers, uids, 'cid:' + cid + ':privileges:mods'),
async.apply(groups.isMembersOfGroupList, uids, 'cid:' + cid + ':privileges:groups:moderate'), async.apply(groups.isMembersOfGroupList, uids, 'cid:' + cid + ':privileges:groups:moderate'),
], function (err, checks) { ], next);
if (err) { },
return callback(err); function (checks, next) {
}
var isModerator = checks[0].map(function (isMember, idx) { var isModerator = checks[0].map(function (isMember, idx) {
return isMember || checks[1][idx] || checks[2][idx]; return isMember || checks[1][idx] || checks[2][idx];
}); });
filterIsModerator(cid, uids, isModerator, callback); filterIsModerator(cid, uids, isModerator, next);
}); },
], callback);
} }
function isModeratorOfCategory(cid, uid, callback) { function isModeratorOfCategory(cid, uid, callback) {
async.waterfall([
function (next) {
async.parallel([ async.parallel([
async.apply(privileges.users.isGlobalModerator, uid), async.apply(privileges.users.isGlobalModerator, uid),
async.apply(groups.isMember, uid, 'cid:' + cid + ':privileges:mods'), async.apply(groups.isMember, uid, 'cid:' + cid + ':privileges:mods'),
async.apply(groups.isMemberOfGroupList, uid, 'cid:' + cid + ':privileges:groups:moderate'), async.apply(groups.isMemberOfGroupList, uid, 'cid:' + cid + ':privileges:groups:moderate'),
], function (err, checks) { ], next);
if (err) { },
return callback(err); function (checks, next) {
}
var isModerator = checks[0] || checks[1] || checks[2]; var isModerator = checks[0] || checks[1] || checks[2];
filterIsModerator(cid, uid, isModerator, callback); filterIsModerator(cid, uid, isModerator, next);
}); },
], callback);
} }
function filterIsModerator(cid, uid, isModerator, callback) { function filterIsModerator(cid, uid, isModerator, callback) {
plugins.fireHook('filter:user.isModerator', { uid: uid, cid: cid, isModerator: isModerator }, function (err, data) { async.waterfall([
if (err) { function (next) {
return callback(err); plugins.fireHook('filter:user.isModerator', { uid: uid, cid: cid, isModerator: isModerator }, next);
} },
function (data, next) {
if ((Array.isArray(uid) || Array.isArray(cid)) && !Array.isArray(data.isModerator)) { if ((Array.isArray(uid) || Array.isArray(cid)) && !Array.isArray(data.isModerator)) {
return callback(new Error('filter:user.isModerator - i/o mismatch')); return callback(new Error('filter:user.isModerator - i/o mismatch'));
} }
callback(null, data.isModerator); next(null, data.isModerator);
}); },
], callback);
} }
privileges.users.canEdit = function (callerUid, uid, callback) { privileges.users.canEdit = function (callerUid, uid, callback) {
if (parseInt(callerUid, 10) === parseInt(uid, 10)) { if (parseInt(callerUid, 10) === parseInt(uid, 10)) {
return process.nextTick(callback, null, true); return process.nextTick(callback, null, true);
} }
async.waterfall([
function (next) {
async.parallel({ async.parallel({
isAdmin: function (next) { isAdmin: function (next) {
privileges.users.isAdministrator(callerUid, next); privileges.users.isAdministrator(callerUid, next);
@ -149,14 +152,14 @@ module.exports = function (privileges) {
isTargetAdmin: function (next) { isTargetAdmin: function (next) {
privileges.users.isAdministrator(uid, next); privileges.users.isAdministrator(uid, next);
}, },
}, function (err, results) { }, next);
if (err) { },
return callback(err); function (results, next) {
}
var canEdit = results.isAdmin || (results.isGlobalMod && !results.isTargetAdmin); var canEdit = results.isAdmin || (results.isGlobalMod && !results.isTargetAdmin);
callback(null, canEdit); next(null, canEdit);
}); },
], callback);
}; };
privileges.users.canBanUser = function (callerUid, uid, callback) { privileges.users.canBanUser = function (callerUid, uid, callback) {

Write Preview
Loading…
Cancel
Save