hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: #11735, crash when making guest reply

Browse Source 
to /api/compose route
isekai-main
Barış Soner Uşaklı 2 years ago
parent 090a792168
commit f2fe7c0686
2 changed files with 47 additions and 4 deletions
Show Stats Download Patch File Download Diff File

15
src/controllers/composer.js
Unescape Escape View File

@ -76,13 +76,20 @@ exports.post = async function (req, res) {
} else {
throw new Error('[[error:invalid-data]]');
}
if (!result) {
throw new Error('[[error:invalid-data]]');
}
if (result.queued) {
return res.redirect(`${nconf.get('relative_path') || '/'}?noScriptMessage=[[success:post-queued]]`);
}
const uid = result.uid ? result.uid : result.topicData.uid;
user.updateOnlineUsers(uid);
const path = result.pid ? `/post/${result.pid}` : `/topic/${result.topicData.slug}`;
res.redirect(nconf.get('relative_path') + path);
user.updateOnlineUsers(req.uid);
let path = nconf.get('relative_path');
if (result.pid) {
path += `/post/${result.pid}`;
} else if (result.topicData) {
path += `/topic/${result.topicData.slug}`;
}
res.redirect(path);
} catch (err) {
helpers.noScriptErrors(req, res, err.message, 400);
}

36
test/controllers.js
Unescape Escape View File

@ -2682,6 +2682,42 @@ describe('Controllers', () => {
});
});
});
it('should create a new topic and reply by composer route as a guest', async () => {
const jar = request.jar();
const csrf_token = await helpers.getCsrfToken(jar);
const data = {
cid: cid,
title: 'no js is good',
content: 'a topic with noscript',
handle: 'guest1',
};
await privileges.categories.give(['groups:topics:create', 'groups:topics:reply'], cid, 'guests');
const result = await helpers.request('post', `/compose`, {
form: data,
jar,
headers: {
'x-csrf-token': csrf_token,
},
});
assert.strictEqual(result.res.statusCode, 302);
const replyResult = await helpers.request('post', `/compose`, {
form: {
tid: tid,
content: 'a new reply',
handle: 'guest2',
},
jar,
headers: {
'x-csrf-token': csrf_token,
},
});
assert.equal(replyResult.res.statusCode, 302);
await privileges.categories.rescind(['groups:topics:post', 'groups:topics:reply'], cid, 'guests');
});
});
describe('test routes', () => {

Write Preview
Loading…
Cancel
Save