diff --git a/src/controllers/index.js b/src/controllers/index.js index 9c5ea79d06..257d77a061 100644 --- a/src/controllers/index.js +++ b/src/controllers/index.js @@ -1,5 +1,6 @@ var topicsController = require('./topics'), categoriesController = require('./categories'), + staticController = require('./static'), async = require('async'), nconf = require('nconf'), auth = require('./../routes/authentication'), @@ -12,13 +13,14 @@ var topicsController = require('./topics'), Controllers = { topics: topicsController, - categories: categoriesController + categories: categoriesController, + static: staticController }; Controllers.home = function(req, res, next) { async.parallel({ - "header": function (next) { + header: function (next) { /*app.build_header({ req: req, res: res, @@ -39,7 +41,7 @@ Controllers.home = function(req, res, next) { next(null); }, - "categories": function (next) { + categories: function (next) { var uid = (req.user) ? req.user.uid : 0; categories.getAllCategories(uid, function (err, data) { data.categories = data.categories.filter(function (category) { @@ -186,4 +188,23 @@ Controllers.robots = function (req, res) { } }; +Controllers.outgoing = function(req, res, next) { + var url = req.query.url, + data = { + url: url, + title: meta.config.title + }; + + if (url) { + if (res.locals.isAPI) { + res.json(data); + } else { + res.render('outgoing', data); + } + } else { + res.status(404); + res.redirect(nconf.get('relative_path') + '/404'); + } +}; + module.exports = Controllers; \ No newline at end of file diff --git a/src/controllers/static.js b/src/controllers/static.js new file mode 100644 index 0000000000..3f32801ad3 --- /dev/null +++ b/src/controllers/static.js @@ -0,0 +1,27 @@ +var staticController = {}; + +staticController['404'] = function(req, res, next) { + if (res.locals.isAPI) { + res.json({}); + } else { + res.render('404', {}); + } +}; + +staticController['403'] = function(req, res, next) { + if (res.locals.isAPI) { + res.json({}); + } else { + res.render('403', {}); + } +}; + +staticController['500'] = function(req, res, next) { + if (res.locals.isAPI) { + res.json({}); + } else { + res.render('500', {}); + } +}; + +module.exports = staticController; \ No newline at end of file diff --git a/src/controllers/users.js b/src/controllers/users.js new file mode 100644 index 0000000000..3f905cba74 --- /dev/null +++ b/src/controllers/users.js @@ -0,0 +1,277 @@ +var usersController = {}, + user = require('./../user'), + posts = require('./../posts'); + + +function userNotFound(res) { + if (res.locals.isAPI) { + return res.json(404, { + error: 'User not found!' + }); + } else { + return res.render('404', { + error: 'User not found!' + }); + } +} + +function userNotAllowed(res) { + if (res.locals.isAPI) { + return res.json(403, { + error: 'Not allowed.' + }); + } else { + return res.render('403', { + error: 'Not allowed.' + }); + } +} + +usersController.getAccount = function(req, res, next) { + var callerUID = req.user ? parseInt(req.user.uid, 10) : 0; + + getUserDataByUserSlug(req.params.userslug, callerUID, function (err, userData) { + if(err) { + return next(err); + } + + if(!userData) { + return res.json(404, { + error: 'User not found!' + }); + } + + user.isFollowing(callerUID, userData.theirid, function (isFollowing) { + posts.getPostsByUid(callerUID, userData.theirid, 0, 9, function (err, userPosts) { + if(err) { + return next(err); + } + + userData.posts = userPosts.posts.filter(function (p) { + return p && parseInt(p.deleted, 10) !== 1; + }); + + userData.isFollowing = isFollowing; + + if (!userData.profileviews) { + userData.profileviews = 1; + } + + if (callerUID !== parseInt(userData.uid, 10) && callerUID) { + user.incrementUserFieldBy(userData.uid, 'profileviews', 1); + } + + postTools.parse(userData.signature, function (err, signature) { + userData.signature = signature; + + if (res.locals.isAPI) { + res.json({}); + } else { + res.render('account', {}); + }; + }); + }); + }); + }); +}; + +usersController.getFollowing = function(req, res, next) { + var callerUID = req.user ? parseInt(req.user.uid, 10) : 0; + + getUserDataByUserSlug(req.params.userslug, callerUID, function (err, userData) { + if(err) { + return next(err); + } + + if (userData) { + user.getFollowing(userData.uid, function (err, followingData) { + if(err) { + return next(err); + } + userData.following = followingData; + userData.followingCount = followingData.length; + + if (res.locals.isAPI) { + res.json(userData); + } else { + res.render('following', userData); + } + }); + + } else { + return userNotFound(); + } + }); +}; + +usersController.getFollowers = function(req, res, next) { + var callerUID = req.user ? parseInt(req.user.uid, 10) : 0; + + getUserDataByUserSlug(req.params.userslug, callerUID, function (err, userData) { + if(err) { + return next(err); + } + + if (userData) { + user.getFollowers(userData.uid, function (err, followersData) { + if(err) { + return next(err); + } + userData.followers = followersData; + userData.followersCount = followersData.length; + + if (res.locals.isAPI) { + res.json(userData); + } else { + res.render('followers', userData); + } + }); + } else { + return userNotFound(); + } + }); +}; + +usersController.getFavourites = function(req, res, next) { + var callerUID = req.user ? parseInt(req.user.uid, 10) : 0; + + user.getUidByUserslug(req.params.userslug, function (err, uid) { + if (!uid) { + return userNotFound(); + } + + if (parseInt(uid, 10) !== callerUID) { + return userNotAllowed(); + } + + user.getUserFields(uid, ['username', 'userslug'], function (err, userData) { + if (err) { + return next(err); + } + + if (!userData) { + return userNotFound(); + } + + posts.getFavourites(uid, 0, 9, function (err, favourites) { + if (err) { + return next(err); + } + + userData.theirid = uid; + userData.yourid = callerUID; + userData.posts = favourites.posts; + userData.nextStart = favourites.nextStart; + + if (res.locals.isAPI) { + res.json(userData); + } else { + res.render('favourites', userData); + } + }); + }); + }); +}; + +usersController.getPosts = function(req, res, next) { + var callerUID = req.user ? parseInt(req.user.uid, 10) : 0; + + user.getUidByUserslug(req.params.userslug, function (err, uid) { + if (!uid) { + return userNotFound(); + } + + user.getUserFields(uid, ['username', 'userslug'], function (err, userData) { + if (err) { + return next(err); + } + + if (!userData) { + return userNotFound(); + } + + posts.getPostsByUid(callerUID, uid, 0, 19, function (err, userPosts) { + if (err) { + return next(err); + } + userData.uid = uid; + userData.theirid = uid; + userData.yourid = callerUID; + userData.posts = userPosts.posts; + userData.nextStart = userPosts.nextStart; + + if (res.locals.isAPI) { + res.json(userData); + } else { + res.render('accountposts', userData); + } + }); + }); + }); +}; + +usersController.accountEdit = function(req, res, next) { + var callerUID = req.user ? parseInt(req.user.uid, 10) : 0; + + getUserDataByUserSlug(req.params.userslug, callerUID, function (err, userData) { + if(err) { + return next(err); + } + + if (res.locals.isAPI) { + res.json(userData); + } else { + res.render('accountedit', userData); + } + }); +}; + +usersController.accountSettings = function(req, res, next) { + var callerUID = req.user ? parseInt(req.user.uid, 10) : 0; + + user.getUidByUserslug(req.params.userslug, function(err, uid) { + if (err) { + return next(err); + } + + if (!uid) { + return userNotFound(); + } + + if (parseInt(uid, 10) !== callerUID) { + return userNotAllowed(); + } + + plugins.fireHook('filter:user.settings', [], function(err, settings) { + if (err) { + return next(err); + } + + user.getUserFields(uid, ['username', 'userslug'], function(err, userData) { + if (err) { + return next(err); + } + + if(!userData) { + return userNotFound(); + } + userData.yourid = req.user.uid; + userData.theirid = uid; + userData.settings = settings; + + if (res.locals.isAPI) { + res.json(userData); + } else { + res.render('accountsettings', userData); + } + }); + }); + + }); + + +}; + + + +module.exports = usersController; \ No newline at end of file diff --git a/src/routes/api.js b/src/routes/api.js index f64737cd81..a57f17d2b1 100644 --- a/src/routes/api.js +++ b/src/routes/api.js @@ -200,21 +200,7 @@ var path = require('path'), } else { res.send(403); } - }); - - app.get('/outgoing', function (req, res) { - var url = req.query.url; - - if (url) { - res.json({ - url: url, - title: meta.config.title - }); - } else { - res.status(404); - res.redirect(nconf.get('relative_path') + '/404'); - } - }); + }); app.get('/search', function (req, res) { if ((req.user && req.user.uid) || meta.config.allowGuestSearching === '1') { @@ -360,18 +346,6 @@ var path = require('path'), }); }); - app.get('/404', function (req, res) { - res.json({}); - }); - - app.get('/403', function (req, res) { - res.json({}); - }); - - app.get('/500', function(req, res) { - res.json({errorMessage: 'testing'}); - }); - app.namespace('/categories', function() { app.get(':cid/moderators', function(req, res) { categories.getModerators(req.params.cid, function(err, moderators) { diff --git a/src/routes/user.js b/src/routes/user.js index 136473ce1b..1fccb0f47c 100644 --- a/src/routes/user.js +++ b/src/routes/user.js @@ -100,13 +100,7 @@ var fs = require('fs'), }); } - createRoute('/:userslug', '', 'account'); - createRoute('/:userslug/following', '/following', 'following'); - createRoute('/:userslug/followers', '/followers', 'followers'); - createRoute('/:userslug/favourites', '/favourites', 'favourites'); - createRoute('/:userslug/posts', '/posts', 'accountposts'); - createRoute('/:userslug/edit', '/edit', 'accountedit'); - createRoute('/:userslug/settings', '/settings', 'accountsettings'); + app.post('/uploadpicture', function (req, res) { if (!req.user) { @@ -216,20 +210,17 @@ var fs = require('fs'), }); function isAllowed(req, res, next) { - if(!req.user && !!parseInt(meta.config.privateUserInfo, 10)) { - return res.json(403, 'not-allowed'); - } - next(); + } - app.get('/api/user/:userslug/following', isAllowed, getUserFollowing); - app.get('/api/user/:userslug/followers', isAllowed, getUserFollowers); - app.get('/api/user/:userslug/edit', isAllowed, getUserEdit); - app.get('/api/user/:userslug/settings', isAllowed, getUserSettings); - app.get('/api/user/:userslug/favourites', isAllowed, getUserFavourites); - app.get('/api/user/:userslug/posts', isAllowed, getUserPosts); + //app.get('/api/user/:userslug/following', isAllowed, getUserFollowing); + //app.get('/api/user/:userslug/followers', isAllowed, getUserFollowers); + //app.get('/api/user/:userslug/edit', isAllowed, getUserEdit); + //app.get('/api/user/:userslug/settings', isAllowed, getUserSettings); + //app.get('/api/user/:userslug/favourites', isAllowed, getUserFavourites); + //app.get('/api/user/:userslug/posts', isAllowed, getUserPosts); app.get('/api/user/uid/:uid', isAllowed, getUserData); - app.get('/api/user/:userslug', isAllowed, getUserProfile); + //app.get('/api/user/:userslug', isAllowed, getUserProfile); app.get('/api/users', isAllowed, getOnlineUsers); app.get('/api/users/sort-posts', isAllowed, getUsersSortedByPosts); @@ -240,48 +231,7 @@ var fs = require('fs'), function getUserProfile(req, res, next) { - var callerUID = req.user ? parseInt(req.user.uid, 10) : 0; - - getUserDataByUserSlug(req.params.userslug, callerUID, function (err, userData) { - if(err) { - return next(err); - } - - if(!userData) { - return res.json(404, { - error: 'User not found!' - }); - } - - user.isFollowing(callerUID, userData.theirid, function (isFollowing) { - - posts.getPostsByUid(callerUID, userData.theirid, 0, 9, function (err, userPosts) { - - if(err) { - return next(err); - } - - userData.posts = userPosts.posts.filter(function (p) { - return p && parseInt(p.deleted, 10) !== 1; - }); - - userData.isFollowing = isFollowing; - - if (!userData.profileviews) { - userData.profileviews = 1; - } - - if (callerUID !== parseInt(userData.uid, 10) && callerUID) { - user.incrementUserFieldBy(userData.uid, 'profileviews', 1); - } - - postTools.parse(userData.signature, function (err, signature) { - userData.signature = signature; - res.json(userData); - }); - }); - }); - }); + } function getUserData(req, res, next) { @@ -293,190 +243,27 @@ var fs = require('fs'), } function getUserPosts(req, res, next) { - var callerUID = req.user ? parseInt(req.user.uid, 10) : 0; - user.getUidByUserslug(req.params.userslug, function (err, uid) { - if (!uid) { - return res.json(404, { - error: 'User not found!' - }); - } - - user.getUserFields(uid, ['username', 'userslug'], function (err, userData) { - if (err) { - return next(err); - } - - if (!userData) { - return res.json(404, { - error: 'User not found!' - }); - } - - posts.getPostsByUid(callerUID, uid, 0, 19, function (err, userPosts) { - if (err) { - return next(err); - } - userData.uid = uid; - userData.theirid = uid; - userData.yourid = callerUID; - userData.posts = userPosts.posts; - userData.nextStart = userPosts.nextStart; - - res.json(userData); - }); - }); - }); } function getUserFavourites(req, res, next) { - var callerUID = req.user ? parseInt(req.user.uid, 10) : 0; - - user.getUidByUserslug(req.params.userslug, function (err, uid) { - if (!uid) { - return res.json(404, { - error: 'User not found!' - }); - } - - if (parseInt(uid, 10) !== callerUID) { - return res.json(403, { - error: 'Not allowed!' - }); - } - - user.getUserFields(uid, ['username', 'userslug'], function (err, userData) { - if (err) { - return next(err); - } - - if (!userData) { - return res.json(404, { - error: 'User not found!' - }); - } - - posts.getFavourites(uid, 0, 9, function (err, favourites) { - if (err) { - return next(err); - } - - userData.theirid = uid; - userData.yourid = callerUID; - userData.posts = favourites.posts; - userData.nextStart = favourites.nextStart; - - res.json(userData); - }); - }); - }); + } function getUserSettings(req, res, next) { - var callerUID = req.user ? parseInt(req.user.uid, 10) : 0; - - user.getUidByUserslug(req.params.userslug, function(err, uid) { - if (err) { - return next(err); - } - - if (!uid) { - return res.json(404, { - error: 'User not found!' - }); - } - - if (parseInt(uid, 10) !== callerUID) { - return res.json(403, { - error: 'Not allowed!' - }); - } - - plugins.fireHook('filter:user.settings', [], function(err, settings) { - if (err) { - return next(err); - } - - user.getUserFields(uid, ['username', 'userslug'], function(err, userData) { - if (err) { - return next(err); - } - - if(!userData) { - return res.json(404, { - error: 'User not found!' - }); - } - userData.yourid = req.user.uid; - userData.theirid = uid; - userData.settings = settings; - res.json(userData); - }); - }); - - }); + } - function getUserEdit(req, res, next) { - var callerUID = req.user ? parseInt(req.user.uid, 10) : 0; - - getUserDataByUserSlug(req.params.userslug, callerUID, function (err, userData) { - if(err) { - return next(err); - } - res.json(userData); - }); + //function getUserEdit(req, res, next) { + // } function getUserFollowers(req, res, next) { - var callerUID = req.user ? parseInt(req.user.uid, 10) : 0; - - getUserDataByUserSlug(req.params.userslug, callerUID, function (err, userData) { - if(err) { - return next(err); - } - - if (userData) { - user.getFollowers(userData.uid, function (err, followersData) { - if(err) { - return next(err); - } - userData.followers = followersData; - userData.followersCount = followersData.length; - res.json(userData); - }); - } else { - res.json(404, { - error: 'User not found!' - }); - } - }); + } function getUserFollowing(req, res, next) { - var callerUID = req.user ? parseInt(req.user.uid, 10) : 0; - - getUserDataByUserSlug(req.params.userslug, callerUID, function (err, userData) { - if(err) { - return next(err); - } - - if (userData) { - user.getFollowing(userData.uid, function (err, followingData) { - if(err) { - return next(err); - } - userData.following = followingData; - userData.followingCount = followingData.length; - res.json(userData); - }); - - } else { - res.json(404, { - error: 'User not found!' - }); - } - }); + } function getUsersSortedByJoinDate(req, res) { diff --git a/src/webserver.js b/src/webserver.js index 29ab11efa5..68725e1240 100644 --- a/src/webserver.js +++ b/src/webserver.js @@ -109,6 +109,18 @@ process.on('uncaughtException', function(err) { } }; + app.checkGlobalPrivacySettings = function(req, res, next) { + if(!req.user && !!parseInt(meta.config.privateUserInfo, 10)) { + if (res.locals.isAPI) { + return res.json(403, 'not-allowed'); + } else { + return res.redirect('403'); + } + } + + next(); + }; + app.buildHeader = function(req, res, next) { async.parallel([ function(next) { @@ -589,7 +601,7 @@ process.on('uncaughtException', function(err) { // Basic Routes (entirely client-side parsed, goal is to move the rest of the crap in this file into this one section) (function () { - var routes = ['register', 'account', '403', '404', '500'], + var routes = ['account'], loginRequired = ['notifications']; async.each(routes.concat(loginRequired), function(route, next) { @@ -630,9 +642,21 @@ process.on('uncaughtException', function(err) { app.get('/api/confirm/:code', app.prepareAPI, controllers.confirmEmail); app.get('/sitemap.xml', controllers.sitemap); - app.get('/robots.txt', controllers.robots); + app.get('/outgoing', app.buildHeader, controllers.outgoing); + app.get('/api/outgoing', app.prepareAPI, controllers.outgoing); + + app.get('/404', app.buildHeader, controllers.static['404']); + app.get('/api/404', app.prepareAPI, controllers.static['404']); + + app.get('/403', app.buildHeader, controllers.static['403']); + app.get('/api/403', app.prepareAPI, controllers.static['403']); + + app.get('/500', app.buildHeader, controllers.static['500']); + app.get('/api/500', app.prepareAPI, controllers.static['500']); + + /* Topics */ app.get('/topic/:topic_id/:slug?', app.buildHeader, controllers.topics.get); app.get('/api/topic/:topic_id/:slug?', app.prepareAPI, controllers.topics.get); @@ -653,20 +677,31 @@ process.on('uncaughtException', function(err) { app.get('/category/:category_id/:slug?', app.buildHeader, controllers.categories.get); app.get('/api/category/:category_id/:slug?', app.prepareAPI, controllers.categories.get); - + /* Users */ + app.get'/user/:userslug', app.buildHeader, app.checkGlobalPrivacySettings, controllers.users.getAccount); + app.get'/api/user/:userslug', app.prepareAPI, app.checkGlobalPrivacySettings controllers.users.getAccount); + + app.get'/user/:userslug/following', app.buildHeader, app.checkGlobalPrivacySettings, controllers.users.getFollowing); + app.get'/api/user/:userslug/following', app.prepareAPI, app.checkGlobalPrivacySettings controllers.users.getFollowing); + + app.get'/user/:userslug/followers', app.buildHeader, app.checkGlobalPrivacySettings, controllers.users.getFollowers); + app.get'/api/user/:userslug/followers', app.prepareAPI, app.checkGlobalPrivacySettings controllers.users.getFollowers); + + app.get'/user/:userslug/favourites', app.buildHeader, app.checkGlobalPrivacySettings, controllers.users.getFavourites); + app.get'/api/user/:userslug/favourites', app.prepareAPI, app.checkGlobalPrivacySettings controllers.users.getFavourites); + + app.get'/user/:userslug/posts', app.buildHeader, app.checkGlobalPrivacySettings, controllers.users.getPosts); + app.get'/api/user/:userslug/posts', app.prepareAPI, app.checkGlobalPrivacySettings controllers.users.getPosts); + + app.get'/user/:userslug/edit', app.buildHeader, app.checkGlobalPrivacySettings, controllers.users.accountEdit); + app.get'/api/user/:userslug/edit', app.prepareAPI, app.checkGlobalPrivacySettings controllers.users.accountEdit); + + app.get'/user/:userslug/settings', app.buildHeader, app.checkGlobalPrivacySettings, controllers.users.accountSettings); + app.get'/api/user/:userslug/settings', app.prepareAPI, app.checkGlobalPrivacySettings controllers.users.accountSettings); + + - app.get('/outgoing', function (req, res) { - if (!req.query.url) { - return res.redirect('/404'); - } - app.build_header({ - req: req, - res: res - }, function (err, header) { - res.send(header + app.create_route('outgoing?url=' + encodeURIComponent(req.query.url)) + templates.footer); - }); - }); app.get('/search/:term?', function (req, res) {