more cleanup to user routes

11 years ago · b82a5461ce
parent 905a99e638
commit b82a5461ce
1 changed files with 39 additions and 77 deletions
--- a/src/routes/user.js
+++ b/src/routes/user.js
@ -45,18 +45,17 @@ var fs = require('fs'),
 		app.namespace('/user', function () {
-			function createRoute(routeName, path, templateName) {
+			function createRoute(routeName, path, templateName, access) {
-				app.get(routeName, function(req, res, next) {
+
-					if (!req.params.userslug) {
+				function isAllowed(req, res, next) {
-						return next();
+					var callerUID = req.user ? parseInt(req.user.uid, 10) : 0;
 					}
-					if (!req.user && (path === '/favourites' || !!parseInt(meta.config.privateUserInfo, 10))) {
+					if (!callerUID && !!parseInt(meta.config.privateUserInfo, 10)) {
 						return res.redirect('/403');
 					}
 					user.getUidByUserslug(req.params.userslug, function (err, uid) {
-						if(err) {
+						if (err) {
 							return next(err);
 						}
@ -64,82 +63,50 @@ var fs = require('fs'),
 							return res.redirect('/404');
 						}
-						app.build_header({
+						if (parseInt(uid, 10) === callerUID) {
-							req: req,
+							return next();
-							res: res
+						}
 						}, function (err, header) {
 							if(err) {
 								return next(err);
 							}
 							res.send(header + app.create_route('user/' + req.params.userslug + path, templateName) + templates['footer']);
 						});
 					});
 				})
 			}
-			createRoute('/:userslug', '', 'account');
+						if (req.path.indexOf('/edit') !== -1) {
-			createRoute('/:userslug/following', '/following', 'following');
+							user.isAdministrator(callerUID, function(err, isAdmin) {
-			createRoute('/:userslug/followers', '/followers', 'followers');
+								if(err) {
-			createRoute('/:userslug/favourites', '/favourites', 'favourites');
+									return next(err);
-			createRoute('/:userslug/posts', '/posts', 'accountposts');
+								}
-			app.get('/:userslug/edit', function (req, res, next) {
+								if(!isAdmin) {
 									return res.redirect('/403');
 								}
-				if (!req.user) {
+								next();
-					return res.redirect('/403');
+							});
 						} else if (req.path.indexOf('/settings') !== -1 || req.path.indexOf('/favourites') !== -1) {
 							res.redirect('/403')
 						} else {
 							next();
 						}
 					});
 				}
-				user.getUserField(req.user.uid, 'userslug', function (err, userslug) {
+				app.get(routeName, isAllowed, function(req, res, next) {
-					function done() {
+					app.build_header({
-						app.build_header({
+						req: req,
-							req: req,
+						res: res
-							res: res
+					}, function (err, header) {
 						}, function (err, header) {
 							res.send(header + app.create_route('user/' + req.params.userslug + '/edit', 'accountedit') + templates['footer']);
 						});
 					}
 					if(err || !userslug) {
 						return next(err);
 					}
 					if (userslug === req.params.userslug) {
 						return done();
 					}
 					user.isAdministrator(req.user.uid, function(err, isAdmin) {
 						if(err) {
 							return next(err);
 						}
-
+						res.send(header + app.create_route('user/' + req.params.userslug + path, templateName) + templates['footer']);
 						if(!isAdmin) {
 							return res.redirect('/403');
 						}
 						done();
 					});
 				});
-			});
+			}
 			app.get('/:userslug/settings', function (req, res) {
 				if (!req.user) {
 					return res.redirect('/403');
 				}
-				user.getUserField(req.user.uid, 'userslug', function (err, userslug) {
+			createRoute('/:userslug', '', 'account');
-					if (req.params.userslug && userslug === req.params.userslug) {
+			createRoute('/:userslug/following', '/following', 'following');
-						app.build_header({
+			createRoute('/:userslug/followers', '/followers', 'followers');
-							req: req,
+			createRoute('/:userslug/favourites', '/favourites', 'favourites');
-							res: res
+			createRoute('/:userslug/posts', '/posts', 'accountposts');
-						}, function (err, header) {
+			createRoute('/:userslug/edit', '/edit', 'accountedit');
-							res.send(header + app.create_route('user/' + req.params.userslug + '/settings', 'accountsettings') + templates['footer']);
+			createRoute('/:userslug/settings', '/settings', 'accountsettings');
 						})
 					} else {
 						return res.redirect('/404');
 					}
 				});
 			});
 			app.post('/uploadpicture', function (req, res) {
 				if (!req.user) {
@ -313,7 +280,6 @@ var fs = require('fs'),
 						});
 					});
 				});
 			});
 		}
@ -512,8 +478,6 @@ var fs = require('fs'),
 			});
 		}
 		function getUsersSortedByJoinDate(req, res) {
 			user.getUsers('users:joindate', 0, 49, function (err, data) {
 				res.json({
@ -677,9 +641,7 @@ var fs = require('fs'),
 					callback(null, userData);
 				});
 			});
 		}
 	};
 }(exports));