hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

closes #1864

Browse Source 
doing andrew's //todo's since 1991
v1.18.x
barisusakli 11 years ago
parent 04c6ca2ebb
commit ef8bbdd359
5 changed files with 40 additions and 18 deletions
Show Stats Download Patch File Download Diff File

6
public/src/forum/account/header.js
Unescape Escape View File

@ -10,10 +10,6 @@ define('forum/account/header', function() {
var yourid = ajaxify.variables.get('yourid'), var yourid = ajaxify.variables.get('yourid'),
theirid = ajaxify.variables.get('theirid'); theirid = ajaxify.variables.get('theirid');
var editLink = $('#editLink'),
settingsLink = $('#settingsLink'),
favouritesLink = $('#favouritesLink');
if (parseInt(yourid, 10) !== 0 && parseInt(yourid, 10) === parseInt(theirid, 10)) { if (parseInt(yourid, 10) !== 0 && parseInt(yourid, 10) === parseInt(theirid, 10)) {
$('#editLink, #settingsLink, #favouritesLink').removeClass('hide'); $('#editLink, #settingsLink, #favouritesLink').removeClass('hide');
} else { } else {
@ -24,7 +20,7 @@ define('forum/account/header', function() {
} }
if (app.isAdmin) { if (app.isAdmin) {
editLink.removeClass('hide'); $('#editLink, #settingsLink').removeClass('hide');
} }
} }

6
public/src/forum/account/settings.js
Unescape Escape View File

@ -26,20 +26,22 @@ define('forum/account/settings', ['forum/account/header'], function(header) {
} }
}); });
socket.emit('user.saveSettings', settings, function(err) { socket.emit('user.saveSettings', {uid: ajaxify.variables.get('theirid'), settings: settings}, function(err) {
if (err) { if (err) {
return app.alertError(err.message); return app.alertError(err.message);
} }
app.alertSuccess('[[success:settings-saved]]'); app.alertSuccess('[[success:settings-saved]]');
app.loadConfig(); app.loadConfig();
if (parseInt(app.uid, 10) === parseInt(ajaxify.variables.get('theirid'), 10)) {
ajaxify.refresh(); ajaxify.refresh();
}
}); });
return false; return false;
}); });
socket.emit('user.getSettings', function(err, settings) { socket.emit('user.getSettings', {uid: ajaxify.variables.get('theirid')}, function(err, settings) {
var inputs = $('.account').find('input, textarea, select'); var inputs = $('.account').find('input, textarea, select');
inputs.each(function(index, input) { inputs.each(function(index, input) {

4
src/controllers/accounts.js
Unescape Escape View File

@ -346,10 +346,6 @@ accountsController.accountSettings = function(req, res, next) {
return userNotFound(res); return userNotFound(res);
} }
if (parseInt(userData.uid, 10) !== callerUID) {
return userNotAllowed(res);
}
async.parallel({ async.parallel({
settings: function(next) { settings: function(next) {
plugins.fireHook('filter:user.settings', [], next); plugins.fireHook('filter:user.settings', [], next);

1
src/routes/index.js
Unescape Escape View File

@ -112,7 +112,6 @@ function accountRoutes(app, middleware, controllers) {
app.get('/user/:userslug/edit', middleware.buildHeader, middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.accountEdit); app.get('/user/:userslug/edit', middleware.buildHeader, middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.accountEdit);
app.get('/api/user/:userslug/edit', middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.accountEdit); app.get('/api/user/:userslug/edit', middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.accountEdit);
// todo: admin recently gained access to this page, pls check if it actually works
app.get('/user/:userslug/settings', middleware.buildHeader, middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.accountSettings); app.get('/user/:userslug/settings', middleware.buildHeader, middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.accountSettings);
app.get('/api/user/:userslug/settings', middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.accountSettings); app.get('/api/user/:userslug/settings', middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.accountSettings);

37
src/socket.io/user.js
Unescape Escape View File

@ -140,7 +140,6 @@ SocketUser.changePicture = function(socket, data, callback) {
if(err) { if(err) {
return callback(err); return callback(err);
} }
}); });
return; return;
} }
@ -172,14 +171,44 @@ SocketUser.unfollow = function(socket, data, callback) {
SocketUser.getSettings = function(socket, data, callback) { SocketUser.getSettings = function(socket, data, callback) {
if (socket.uid) { if (socket.uid) {
user.getSettings(socket.uid, callback); if (socket.uid === parseInt(data.uid, 10)) {
return user.getSettings(socket.uid, callback);
}
user.isAdministrator(socket.uid, function(err, isAdmin) {
if (err) {
return callback(err);
}
if (!isAdmin) {
return callback(new Error('[[error:no-privileges]]'));
}
user.getSettings(data.uid, callback);
});
} }
}; };
SocketUser.saveSettings = function(socket, data, callback) { SocketUser.saveSettings = function(socket, data, callback) {
if (socket.uid && data) { if (!socket.uid || !data) {
user.saveSettings(socket.uid, data, callback); return callback(new Error('[[error:invalid-data]]'));
}
if (socket.uid === parseInt(data.uid, 10)) {
return user.saveSettings(socket.uid, data.settings, callback);
} }
user.isAdministrator(socket.uid, function(err, isAdmin) {
if (err) {
return callback(err);
}
if (!isAdmin) {
return callback(new Error('[[error:no-privileges]]'));
}
user.saveSettings(data.uid, data.settings, callback);
});
}; };
SocketUser.setTopicSort = function(socket, sort, callback) { SocketUser.setTopicSort = function(socket, sort, callback) {

Write Preview
Loading…
Cancel
Save