From ef87a2b7d7f74afe5dd797df58fd58606f0362ab Mon Sep 17 00:00:00 2001
From: barisusakli <barisusakli@gmail.com>
Date: Sat, 19 Nov 2016 16:56:37 +0300
Subject: [PATCH] closes #5219

---
 src/meta/dependencies.js      |  3 ++-
 src/socket.io/user/profile.js | 36 +++++++++++++++++------------------
 2 files changed, 19 insertions(+), 20 deletions(-)

diff --git a/src/meta/dependencies.js b/src/meta/dependencies.js
index f115ff6bfc..6c5be29e99 100644
--- a/src/meta/dependencies.js
+++ b/src/meta/dependencies.js
@@ -5,6 +5,7 @@ var fs = require('fs');
 var async = require('async');
 var semver = require('semver');
 var winston = require('winston');
+var colors = require('colors');
 
 var pkg = require('../../package.json');
 
@@ -15,7 +16,7 @@ module.exports = function (Meta) {
 		var modules = Object.keys(pkg.dependencies);
 		var depsOutdated = false;
 		var depsMissing = false;
-		
+
 		winston.verbose('Checking dependencies for outdated modules');
 
 		async.every(modules, function (module, next) {
diff --git a/src/socket.io/user/profile.js b/src/socket.io/user/profile.js
index 89d49f59c3..8a59fbbff2 100644
--- a/src/socket.io/user/profile.js
+++ b/src/socket.io/user/profile.js
@@ -28,18 +28,14 @@ module.exports = function (SocketUser) {
 		if (!socket.uid) {
 			return callback(new Error('[[error:no-privileges]]'));
 		}
-
-		user.isAdministrator(socket.uid, function (err, isAdmin) {
-			if (err) {
-				return callback(err);
-			}
-
-			if (!isAdmin && data.uid !== socket.uid) {
-				return callback(new Error('[[error:no-privileges]]'));
+		async.waterfall([
+			function (next) {
+				user.isAdminOrSelf(socket.uid, data.uid, next);
+			},
+			function (next) {
+				user.updateCoverPicture(data, next);
 			}
-
-			user.updateCoverPicture(data, callback);
-		});
+		], callback);
 	};
 
 	SocketUser.removeCover = function (socket, data, callback) {
@@ -47,12 +43,14 @@ module.exports = function (SocketUser) {
 			return callback(new Error('[[error:no-privileges]]'));
 		}
 
-		user.isAdminOrSelf(socket.uid, data.uid, function (err) {
-			if (err) {
-				return callback(err);
+		async.waterfall([
+			function (next) {
+				user.isAdminOrSelf(socket.uid, data.uid, next);
+			},
+			function (next) {
+				user.removeCoverPicture(data, next);
 			}
-			user.removeCoverPicture(data, callback);
-		});
+		], callback);
 	};
 
 	function isAdminOrSelfAndPasswordMatch(uid, data, callback) {
@@ -70,13 +68,13 @@ module.exports = function (SocketUser) {
 			if (err) {
 				return callback(err);
 			}
-			var self = parseInt(uid, 10) === parseInt(data.uid, 10);
+			var isSelf = parseInt(uid, 10) === parseInt(data.uid, 10);
 
-			if (!results.isAdmin && !self) {
+			if (!results.isAdmin && !isSelf) {
 				return callback(new Error('[[error:no-privileges]]'));
 			}
 
-			if (self && results.hasPassword && !results.passwordMatch) {
+			if (isSelf && results.hasPassword && !results.passwordMatch) {
 				return callback(new Error('[[error:invalid-password]]'));
 			}