From b35bfb81ce1d8279cbad4d144d89647a2a9de314 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bar=C4=B1=C5=9F=20Soner=20U=C5=9Fakl=C4=B1?= Date: Mon, 9 Apr 2018 20:03:33 -0400 Subject: [PATCH] ability to delete uploads from account page #6431 --- public/src/client/account/uploads.js | 24 ++++++++++++++++++++++ src/file.js | 7 +++++++ src/socket.io/user.js | 7 +++++++ src/user.js | 1 + src/user/delete.js | 6 ++---- src/user/uploads.js | 30 ++++++++++++++++++++++++++++ 6 files changed, 71 insertions(+), 4 deletions(-) create mode 100644 public/src/client/account/uploads.js create mode 100644 src/user/uploads.js diff --git a/public/src/client/account/uploads.js b/public/src/client/account/uploads.js new file mode 100644 index 0000000000..cc8bdd43f2 --- /dev/null +++ b/public/src/client/account/uploads.js @@ -0,0 +1,24 @@ +'use strict'; + +define('forum/account/uploads', ['forum/account/header'], function (header) { + var AccountUploads = {}; + + AccountUploads.init = function () { + header.init(); + + $('[data-action="delete"]').on('click', function () { + var el = $(this).parents('[data-url]'); + var url = el.attr('data-url'); + + socket.emit('user.deleteUpload', url, function (err) { + if (err) { + return app.alertError(err.message); + } + el.remove(); + }); + return false; + }); + }; + + return AccountUploads; +}); diff --git a/src/file.js b/src/file.js index 2fbd15dbdf..2c3f8d71ab 100644 --- a/src/file.js +++ b/src/file.js @@ -88,6 +88,13 @@ file.saveFileToLocal = function (filename, folder, tempPath, callback) { }); }; +file.uploadUrlToPath = function (url) { + if (typeof url !== 'string') { + return ''; + } + return path.join(nconf.get('upload_path'), url.replace(nconf.get('upload_url'), '')); +}; + file.base64ToLocal = function (imageData, uploadPath, callback) { var buffer = Buffer.from(imageData.slice(imageData.indexOf('base64') + 7), 'base64'); uploadPath = path.join(nconf.get('upload_path'), uploadPath); diff --git a/src/socket.io/user.js b/src/socket.io/user.js index 60846491ae..4f2acde057 100644 --- a/src/socket.io/user.js +++ b/src/socket.io/user.js @@ -341,6 +341,13 @@ SocketUser.setModerationNote = function (socket, data, callback) { ], callback); }; +SocketUser.deleteUpload = function (socket, url, callback) { + if (!url) { + return callback(new Error('[[error:invalid-data]]')); + } + user.deleteUpload(socket.uid, url, callback); +}; + SocketUser.gdpr = {}; SocketUser.gdpr.consent = function (socket, data, callback) { diff --git a/src/user.js b/src/user.js index f81c08f280..8ab4d1c441 100644 --- a/src/user.js +++ b/src/user.js @@ -36,6 +36,7 @@ require('./user/invite')(User); require('./user/password')(User); require('./user/info')(User); require('./user/online')(User); +require('./user/uploads')(User); User.getUidsFromSet = function (set, start, stop, callback) { if (set === 'users:online') { diff --git a/src/user/delete.js b/src/user/delete.js index dd8e617903..d56c9749ac 100644 --- a/src/user/delete.js +++ b/src/user/delete.js @@ -2,8 +2,7 @@ var async = require('async'); var _ = require('lodash'); -var path = require('path'); -var nconf = require('nconf'); + var db = require('../database'); var posts = require('../posts'); @@ -57,8 +56,7 @@ module.exports = function (User) { async.waterfall([ function (next) { async.each(urls, function (url, next) { - var filePath = path.join(nconf.get('upload_path'), url.replace(nconf.get('upload_url'), '')); - file.delete(filePath, next); + file.delete(file.uploadUrlToPath(url), next); }, next); }, function (next) { diff --git a/src/user/uploads.js b/src/user/uploads.js new file mode 100644 index 0000000000..60a84d8fe8 --- /dev/null +++ b/src/user/uploads.js @@ -0,0 +1,30 @@ +'use strict'; + +var async = require('async'); + +var db = require('../database'); +var file = require('../file'); + +module.exports = function (User) { + User.deleteUpload = function (uid, url, callback) { + async.waterfall([ + function (next) { + async.parallel({ + isUsersUpload: function (next) { + db.isSortedSetMember('uid:' + uid + ':uploads', url, next); + }, + isAdminOrGlobalMod: function (next) { + User.isAdminOrGlobalMod(uid, next); + }, + }, next); + }, + function (results, next) { + if (!results.isAdminOrGlobalMod && !results.isUsersUpload) { + return next(new Error('[[error:no-privileges]]')); + } + + file.delete(file.uploadUrlToPath(url), next); + }, + ], callback); + }; +};