From b2fb9aa99f6cafd83dce38e6cd39079a00c77df9 Mon Sep 17 00:00:00 2001 From: Julian Lam Date: Mon, 25 Nov 2013 17:20:44 -0500 Subject: [PATCH] refactored topic locking pinning and deleting (and its inverses) so that the privilege check is done not in the method, but in the socket call --- src/postTools.js | 12 +-- src/threadTools.js | 189 ++++++++++++++++++++------------------------- src/websockets.js | 58 ++++++++++---- 3 files changed, 129 insertions(+), 130 deletions(-) diff --git a/src/postTools.js b/src/postTools.js index aebd4bd691..dd70a38fc2 100644 --- a/src/postTools.js +++ b/src/postTools.js @@ -142,7 +142,7 @@ var RDB = require('./redis.js'), // Delete the thread if it is the last undeleted post threadTools.getLatestUndeletedPid(postData.tid, function(err, pid) { if (err && err.message === 'no-undeleted-pids-found') { - threadTools.delete(postData.tid, -1, function(err) { + threadTools.delete(postData.tid, function(err) { if (err) { winston.error('Could not delete topic (tid: ' + postData.tid + ')', err.stack); } @@ -163,14 +163,14 @@ var RDB = require('./redis.js'), posts.getPostField(pid, 'deleted', function(err, deleted) { if(deleted === '1') { - return callback(new Error('Post already deleted!')); + return callback(new Error('Post already deleted!')); } - + PostTools.privileges(pid, uid, function(privileges) { if (privileges.editable) { success(); } - }); + }); }); } @@ -210,8 +210,8 @@ var RDB = require('./redis.js'), posts.getPostField(pid, 'deleted', function(err, deleted) { if(deleted === '0') { return callback(new Error('Post already restored')); - } - + } + PostTools.privileges(pid, uid, function(privileges) { if (privileges.editable) { success(); diff --git a/src/threadTools.js b/src/threadTools.js index 6a2b81c146..3bce5d62a7 100644 --- a/src/threadTools.js +++ b/src/threadTools.js @@ -47,136 +47,111 @@ var RDB = require('./redis.js'), }); } - ThreadTools.lock = function(tid, uid, socket) { - ThreadTools.privileges(tid, uid, function(privileges) { - if (privileges.editable) { - topics.setTopicField(tid, 'locked', 1); - - if (socket) { - io.sockets. in ('topic_' + tid).emit('event:topic_locked', { - tid: tid, - status: 'ok' - }); + ThreadTools.lock = function(tid, socket) { + topics.setTopicField(tid, 'locked', 1); - socket.emit('api:topic.lock', { - status: 'ok', - tid: tid - }); - } - } - }); + if (socket) { + io.sockets.in('topic_' + tid).emit('event:topic_locked', { + tid: tid, + status: 'ok' + }); + + socket.emit('api:topic.lock', { + status: 'ok', + tid: tid + }); + } } - ThreadTools.unlock = function(tid, uid, socket) { - ThreadTools.privileges(tid, uid, function(privileges) { - if (privileges.editable) { - topics.setTopicField(tid, 'locked', 0); + ThreadTools.unlock = function(tid, socket) { + topics.setTopicField(tid, 'locked', 0); - if (socket) { - io.sockets. in ('topic_' + tid).emit('event:topic_unlocked', { - tid: tid, - status: 'ok' - }); + if (socket) { + io.sockets.in('topic_' + tid).emit('event:topic_unlocked', { + tid: tid, + status: 'ok' + }); - socket.emit('api:topic.unlock', { - status: 'ok', - tid: tid - }); - } - } - }); + socket.emit('api:topic.unlock', { + status: 'ok', + tid: tid + }); + } } - ThreadTools.delete = function(tid, uid, callback) { - ThreadTools.privileges(tid, uid, function(privileges) { - if (privileges.editable || uid === -1) { - - topics.delete(tid); + ThreadTools.delete = function(tid, callback) { + topics.delete(tid); - RDB.decr('totaltopiccount'); + RDB.decr('totaltopiccount'); - ThreadTools.lock(tid, uid); + ThreadTools.lock(tid); - topicSearch.remove(tid); - - io.sockets. in ('topic_' + tid).emit('event:topic_deleted', { - tid: tid, - status: 'ok' - }); + topicSearch.remove(tid); - callback(null); - } else callback(new Error('not-enough-privs')); + io.sockets.in('topic_' + tid).emit('event:topic_deleted', { + tid: tid, + status: 'ok' }); - } - - ThreadTools.restore = function(tid, uid, socket, callback) { - ThreadTools.privileges(tid, uid, function(privileges) { - if (privileges.editable) { - topics.restore(tid); - RDB.incr('totaltopiccount'); - ThreadTools.unlock(tid, uid); - - io.sockets. in ('topic_' + tid).emit('event:topic_restored', { - tid: tid, - status: 'ok' - }); + if (callback) { + callback(null); + } + } - topics.getTopicField(tid, 'title', function(err, title) { - topicSearch.index(title, tid); - }); + ThreadTools.restore = function(tid, socket, callback) { + topics.restore(tid); + RDB.incr('totaltopiccount'); + ThreadTools.unlock(tid); - if(callback) - callback(null); - } + io.sockets.in('topic_' + tid).emit('event:topic_restored', { + tid: tid, + status: 'ok' }); - } - - ThreadTools.pin = function(tid, uid, socket) { - ThreadTools.privileges(tid, uid, function(privileges) { - if (privileges.editable) { - topics.setTopicField(tid, 'pinned', 1); - topics.getTopicField(tid, 'cid', function(err, cid) { - RDB.zadd('categories:' + cid + ':tid', Math.pow(2, 53), tid); - }); + topics.getTopicField(tid, 'title', function(err, title) { + topicSearch.index(title, tid); + }); - if (socket) { - io.sockets. in ('topic_' + tid).emit('event:topic_pinned', { - tid: tid, - status: 'ok' - }); + if(callback) { + callback(null); + } + } - socket.emit('api:topic.pin', { - status: 'ok', - tid: tid - }); - } - } + ThreadTools.pin = function(tid, socket) { + topics.setTopicField(tid, 'pinned', 1); + topics.getTopicField(tid, 'cid', function(err, cid) { + RDB.zadd('categories:' + cid + ':tid', Math.pow(2, 53), tid); }); - } - ThreadTools.unpin = function(tid, uid, socket) { - ThreadTools.privileges(tid, uid, function(privileges) { - if (privileges.editable) { + if (socket) { + io.sockets.in('topic_' + tid).emit('event:topic_pinned', { + tid: tid, + status: 'ok' + }); - topics.setTopicField(tid, 'pinned', 0); - topics.getTopicFields(tid, ['cid', 'lastposttime'], function(err, topicData) { - RDB.zadd('categories:' + topicData.cid + ':tid', topicData.lastposttime, tid); - }); - if (socket) { - io.sockets. in ('topic_' + tid).emit('event:topic_unpinned', { - tid: tid, - status: 'ok' - }); + socket.emit('api:topic.pin', { + status: 'ok', + tid: tid + }); + } + } - socket.emit('api:topic.unpin', { - status: 'ok', - tid: tid - }); - } - } + ThreadTools.unpin = function(tid, socket) { + topics.setTopicField(tid, 'pinned', 0); + topics.getTopicFields(tid, ['cid', 'lastposttime'], function(err, topicData) { + RDB.zadd('categories:' + topicData.cid + ':tid', topicData.lastposttime, tid); }); + if (socket) { + io.sockets.in('topic_' + tid).emit('event:topic_unpinned', { + tid: tid, + status: 'ok' + }); + + socket.emit('api:topic.unpin', { + status: 'ok', + tid: tid + }); + } } ThreadTools.move = function(tid, cid, socket) { @@ -213,7 +188,7 @@ var RDB = require('./redis.js'), status: 'ok' }); - io.sockets. in ('topic_' + tid).emit('event:topic_moved', { + io.sockets.in('topic_' + tid).emit('event:topic_moved', { tid: tid }); } else { diff --git a/src/websockets.js b/src/websockets.js index cdc38a9c49..a8f42e976a 100644 --- a/src/websockets.js +++ b/src/websockets.js @@ -491,42 +491,66 @@ module.exports.init = function(io) { }); socket.on('api:topic.delete', function(data) { - threadTools.delete(data.tid, uid, function(err) { - if (!err) { - posts.getTopicPostStats(); - socket.emit('api:topic.delete', { - status: 'ok', - tid: data.tid + threadTools.privileges(data.tid, uid, function(privileges) { + if (privileges.editable) { + threadTools.delete(data.tid, function(err) { + if (!err) { + posts.getTopicPostStats(); + socket.emit('api:topic.delete', { + status: 'ok', + tid: data.tid + }); + } }); } }); }); socket.on('api:topic.restore', function(data) { - threadTools.restore(data.tid, uid, socket, function(err) { - posts.getTopicPostStats(); - - socket.emit('api:topic.restore', { - status: 'ok', - tid: data.tid - }); + threadTools.privileges(data.tid, uid, function(privileges) { + if (privileges.editable) { + threadTools.restore(data.tid, socket, function(err) { + posts.getTopicPostStats(); + + socket.emit('api:topic.restore', { + status: 'ok', + tid: data.tid + }); + }); + } }); }); socket.on('api:topic.lock', function(data) { - threadTools.lock(data.tid, uid, socket); + threadTools.privileges(data.tid, uid, function(privileges) { + if (privileges.editable) { + threadTools.lock(data.tid, socket); + } + }); }); socket.on('api:topic.unlock', function(data) { - threadTools.unlock(data.tid, uid, socket); + threadTools.privileges(data.tid, uid, function(privileges) { + if (privileges.editable) { + threadTools.unlock(data.tid, socket); + } + }); }); socket.on('api:topic.pin', function(data) { - threadTools.pin(data.tid, uid, socket); + threadTools.privileges(data.tid, uid, function(privileges) { + if (privileges.editable) { + threadTools.pin(data.tid, socket); + } + }); }); socket.on('api:topic.unpin', function(data) { - threadTools.unpin(data.tid, uid, socket); + threadTools.privileges(data.tid, uid, function(privileges) { + if (privileges.editable) { + threadTools.unpin(data.tid, socket); + } + }); }); socket.on('api:topic.move', function(data) {