hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

closes #942

Browse Source
v1.18.x
Baris Soner Usakli 11 years ago
parent dedf4add53
commit dc592853fc
1 changed files with 44 additions and 26 deletions
Show Stats Download Patch File Download Diff File

26
src/webserver.js
Unescape Escape View File

@ -514,7 +514,7 @@ module.exports.server = server;
}); });
}); });
app.get('/topic/:topic_id/:slug?', function (req, res) { app.get('/topic/:topic_id/:slug?', function (req, res, next) {
var tid = req.params.topic_id; var tid = req.params.topic_id;
if (tid.match(/^\d+\.rss$/)) { if (tid.match(/^\d+\.rss$/)) {
@ -531,6 +531,15 @@ module.exports.server = server;
}; };
ThreadTools.privileges(tid, ((req.user) ? req.user.uid || 0 : 0), function(err, privileges) {
if(err) {
return next(err);
}
if(!privileges.read) {
return res.redirect('403');
}
if (!fs.existsSync(rssPath)) { if (!fs.existsSync(rssPath)) {
feed.updateTopic(tid, function (err) { feed.updateTopic(tid, function (err) {
if (err) { if (err) {
@ -542,13 +551,13 @@ module.exports.server = server;
} else { } else {
loadFeed(); loadFeed();
} }
});
return; return;
} }
async.waterfall([ async.waterfall([
function(next) { function(next) {
// Check whether this user is allowed to access this topic
ThreadTools.privileges(tid, ((req.user) ? req.user.uid || 0 : 0), function(err, privileges) { ThreadTools.privileges(tid, ((req.user) ? req.user.uid || 0 : 0), function(err, privileges) {
if (!err) { if (!err) {
if (!privileges.read) { if (!privileges.read) {
@ -687,7 +696,7 @@ module.exports.server = server;
}); });
}); });
app.get('/category/:category_id/:slug?', function (req, res) { app.get('/category/:category_id/:slug?', function (req, res, next) {
var cid = req.params.category_id; var cid = req.params.category_id;
if (cid.match(/^\d+\.rss$/)) { if (cid.match(/^\d+\.rss$/)) {
@ -704,6 +713,15 @@ module.exports.server = server;
}; };
CategoryTools.privileges(cid, ((req.user) ? req.user.uid || 0 : 0), function(err, privileges) {
if(err) {
return next(err);
}
if(!privileges.read) {
return res.redirect('403');
}
if (!fs.existsSync(rssPath)) { if (!fs.existsSync(rssPath)) {
feed.updateCategory(cid, function (err) { feed.updateCategory(cid, function (err) {
if (err) { if (err) {
@ -715,13 +733,13 @@ module.exports.server = server;
} else { } else {
loadFeed(); loadFeed();
} }
});
return; return;
} }
async.waterfall([ async.waterfall([
function(next) { function(next) {
// Check whether this user is allowed to access this category
CategoryTools.privileges(cid, ((req.user) ? req.user.uid || 0 : 0), function(err, privileges) { CategoryTools.privileges(cid, ((req.user) ? req.user.uid || 0 : 0), function(err, privileges) {
if (!err) { if (!err) {
if (!privileges.read) { if (!privileges.read) {

Write Preview
Loading…
Cancel
Save