From fe9d4efa984f603b5bea8b474de53a260a0a6095 Mon Sep 17 00:00:00 2001
From: psychobunny <psycho.bunny@hotmail.com>
Date: Mon, 3 Mar 2014 00:12:25 -0500
Subject: [PATCH] moved api-only routes into routes/api.js, cleanup & linting

---
 src/routes/api.js            | 469 +++++++++++++----------------------
 src/routes/authentication.js |  18 --
 src/routes/index.js          |  90 ++++---
 3 files changed, 224 insertions(+), 353 deletions(-)

diff --git a/src/routes/api.js b/src/routes/api.js
index 7e48f5bac9..3368423731 100644
--- a/src/routes/api.js
+++ b/src/routes/api.js
@@ -1,357 +1,224 @@
+"use strict";
+
 var path = require('path'),
-	nconf = require('nconf'),
 	async = require('async'),
 	fs = require('fs'),
 
 	db = require('../database'),
 	user = require('../user'),
-	groups = require('../groups'),
-	auth = require('./authentication'),
 	topics = require('../topics'),
-	ThreadTools = require('../threadTools'),
 	posts = require('../posts'),
 	categories = require('../categories'),
-	categoryTools = require('../categoryTools'),
 	meta = require('../meta'),
-	Plugins = require('../plugins'),
+	plugins = require('../plugins'),
 	utils = require('../../public/src/utils'),
-	translator = require('../../public/src/translator'),
 	pkg = require('../../package.json');
 
 
-(function (Api) {
-	Api.createRoutes = function (app) {
-
-		app.namespace('/api', function () {
-			app.all('*', function(req, res, next) {
-				if(req.user) {
-					user.updateLastOnlineTime(req.user.uid);
-				}
-
-				db.sortedSetAdd('ip:recent', Date.now(), req.ip || 'Unknown');
-				res.locals.isAPI = true;
+module.exports =  function(app, middleware, controllers) {
+	app.namespace('/api', function () {
+		app.all('*', function(req, res, next) {
+			if(req.user) {
+				user.updateLastOnlineTime(req.user.uid);
+			}
 
-				next();
-			});
+			db.sortedSetAdd('ip:recent', Date.now(), req.ip || 'Unknown');
+			res.locals.isAPI = true;
 
-			app.get('/get_templates_listing', function (req, res) {
-				utils.walk(path.join(__dirname, '../../', 'public/templates'), function (err, data) {
-					res.json(data.concat(app.get_custom_templates()).filter(function(value, index, self) {
-						return self.indexOf(value) === index;
-					}));
-				});
-			});
-
-			app.get('/config', function (req, res, next) {
-				var config = require('../../public/config.json');
-
-				config.version = pkg.version;
-				config.postDelay = meta.config.postDelay;
-				config.minimumTitleLength = meta.config.minimumTitleLength;
-				config.maximumTitleLength = meta.config.maximumTitleLength;
-				config.minimumPostLength = meta.config.minimumPostLength;
-				config.hasImageUploadPlugin = Plugins.hasListeners('filter:uploadImage');
-				config.maximumProfileImageSize = meta.config.maximumProfileImageSize;
-				config.minimumUsernameLength = meta.config.minimumUsernameLength;
-				config.maximumUsernameLength = meta.config.maximumUsernameLength;
-				config.minimumPasswordLength = meta.config.minimumPasswordLength;
-				config.maximumSignatureLength = meta.config.maximumSignatureLength;
-				config.useOutgoingLinksPage = parseInt(meta.config.useOutgoingLinksPage, 10) === 1;
-				config.allowGuestPosting = parseInt(meta.config.allowGuestPosting, 10) === 1;
-				config.allowFileUploads = parseInt(meta.config.allowFileUploads, 10) === 1;
-				config.allowTopicsThumbnail = parseInt(meta.config.allowTopicsThumbnail, 10) === 1;
-				config.usePagination = parseInt(meta.config.usePagination, 10) === 1;
-				config.disableSocialButtons = parseInt(meta.config.disableSocialButtons, 10) === 1;
-				config.topicsPerPage = meta.config.topicsPerPage || 20;
-				config.postsPerPage = meta.config.postsPerPage || 20;
-				config.maximumFileSize = meta.config.maximumFileSize;
-				config.defaultLang = meta.config.defaultLang || 'en_GB';
-				config.environment = process.env.NODE_ENV;
-
-				if (!req.user) {
-					return res.json(200, config);
-				}
+			next();
+		});
 
-				if(req.user) {
-					user.getSettings(req.user.uid, function(err, settings) {
-						if(err) {
-							return next(err);
-						}
+		app.get('/user/uid/:uid', middleware.checkGlobalPrivacySettings, controllers.accounts.getUserByUID);
 
-						config.usePagination = settings.usePagination;
-						config.topicsPerPage = settings.topicsPerPage;
-						config.postsPerPage = settings.postsPerPage;
-						res.json(200, config);
-					});
-				}
+		app.get('/get_templates_listing', function (req, res) {
+			utils.walk(path.join(__dirname, '../../', 'public/templates'), function (err, data) {
+				res.json(data.concat(app.get_custom_templates()).filter(function(value, index, self) {
+					return self.indexOf(value) === index;
+				}));
 			});
+		});
 
-			app.get('/topic/:id/:slug?', function (req, res, next) {
-				var uid = req.user? parseInt(req.user.uid, 10) : 0;
-				var tid = req.params.id;
-				var page = 1;
-				if(req.query && req.query.page) {
-					page = req.query.page;
-				}
-
-				if(!utils.isNumber(page) || parseInt(page, 10) < 1) {
-					return res.send(404);
-				}
+		app.get('/config', function (req, res, next) {
+			var config = require('../../public/config.json');
+
+			config.version = pkg.version;
+			config.postDelay = meta.config.postDelay;
+			config.minimumTitleLength = meta.config.minimumTitleLength;
+			config.maximumTitleLength = meta.config.maximumTitleLength;
+			config.minimumPostLength = meta.config.minimumPostLength;
+			config.hasImageUploadPlugin = plugins.hasListeners('filter:uploadImage');
+			config.maximumProfileImageSize = meta.config.maximumProfileImageSize;
+			config.minimumUsernameLength = meta.config.minimumUsernameLength;
+			config.maximumUsernameLength = meta.config.maximumUsernameLength;
+			config.minimumPasswordLength = meta.config.minimumPasswordLength;
+			config.maximumSignatureLength = meta.config.maximumSignatureLength;
+			config.useOutgoingLinksPage = parseInt(meta.config.useOutgoingLinksPage, 10) === 1;
+			config.allowGuestPosting = parseInt(meta.config.allowGuestPosting, 10) === 1;
+			config.allowFileUploads = parseInt(meta.config.allowFileUploads, 10) === 1;
+			config.allowTopicsThumbnail = parseInt(meta.config.allowTopicsThumbnail, 10) === 1;
+			config.usePagination = parseInt(meta.config.usePagination, 10) === 1;
+			config.disableSocialButtons = parseInt(meta.config.disableSocialButtons, 10) === 1;
+			config.topicsPerPage = meta.config.topicsPerPage || 20;
+			config.postsPerPage = meta.config.postsPerPage || 20;
+			config.maximumFileSize = meta.config.maximumFileSize;
+			config.defaultLang = meta.config.defaultLang || 'en_GB';
+			config.environment = process.env.NODE_ENV;
+
+			if (!req.user) {
+				return res.json(200, config);
+			}
 
-				user.getSettings(uid, function(err, settings) {
+			if(req.user) {
+				user.getSettings(req.user.uid, function(err, settings) {
 					if(err) {
 						return next(err);
 					}
 
-					var start = (page - 1) * settings.postsPerPage;
-					var end = start + settings.postsPerPage - 1;
-
-					ThreadTools.privileges(tid, uid, function(err, privileges) {
-						if(err) {
-							return next(err);
-						}
-
-						if(!privileges.read) {
-							res.send(403);
-						}
-
-						topics.getTopicWithPosts(tid, uid, start, end, function (err, data) {
-							if(err) {
-								return next(err);
-							}
-
-							if(page > data.pageCount) {
-								return res.send(404);
-							}
-
-							if (parseInt(data.deleted, 10) === 1 && parseInt(data.expose_tools, 10) === 0) {
-								return res.json(404, {});
-							}
-
-							data.currentPage = page;
-							data.privileges = privileges;
-
-							if (uid) {
-								topics.markAsRead(tid, uid, function(err) {
-									topics.pushUnreadCount(uid);
-								});
-							}
-
-							topics.increaseViewCount(tid);
+					config.usePagination = settings.usePagination;
+					config.topicsPerPage = settings.topicsPerPage;
+					config.postsPerPage = settings.postsPerPage;
+					res.json(200, config);
+				});
+			}
+		});
 
-							res.json(data);
-						});
+		app.get('/notifications', function(req, res) {
+			if (req.user && req.user.uid) {
+				user.notifications.getAll(req.user.uid, null, null, function(err, notifications) {
+					res.json({
+						notifications: notifications
 					});
 				});
-			});
-
-			app.get('/category/:id/:slug?', function (req, res, next) {
-				var uid = (req.user) ? req.user.uid : 0;
-				var page = 1;
-				if(req.query && req.query.page) {
-					page = req.query.page;
-				}
+			} else {
+				res.send(403);
+			}
+		});			
 
-				if(!utils.isNumber(page) || parseInt(page, 10) < 1) {
-					return res.send(404);
-				}
+		app.get('/search/:term', function (req, res, next) {
+			if (!plugins.hasListeners('filter:search.query')) {
+				return res.redirect('/404');
+			}
 
-				user.getSettings(uid, function(err, settings) {
-					if(err) {
-						return next(err);
+			function searchPosts(callback) {
+				plugins.fireHook('filter:search.query', {
+					index: 'post',
+					query: req.params.term
+				}, function(err, pids) {
+					if (err) {
+						return callback(err);
 					}
 
-					var start = (page - 1) * settings.topicsPerPage,
-						end = start + settings.topicsPerPage - 1;
+					posts.getPostSummaryByPids(pids, false, callback);
+				});
+			}
 
-					categoryTools.privileges(req.params.id, uid, function(err, privileges) {
-						if (err) {
-							return next(err);
-						}
+			function searchTopics(callback) {
+				plugins.fireHook('filter:search.query', {
+					index: 'topic',
+					query: req.params.term
+				}, function(err, tids) {
+					if (err) {
+						return callback(err);
+					}
 
-						if (!privileges.read) {
-							return res.send(403);
-						}
+					topics.getTopicsByTids(tids, 0, callback);
+				});
+			}
 
-						categories.getCategoryById(req.params.id, start, end, uid, function (err, data) {
-							if(err) {
-								return next(err);
-							}
+			if ((req.user && req.user.uid) || meta.config.allowGuestSearching === '1') {
+				async.parallel([searchPosts, searchTopics], function (err, results) {
+					if (err) {
+						return next(err);
+					}
 
-							data.currentPage = page;
-							data.privileges = privileges;
+					if(!results) {
+						results = [];
+						results[0] = results[1] = [];
+					}
 
-							if (data && !data.disabled) {
-								res.json(data);
-							} else {
-								next();
-							}
-						});
+					return res.json({
+						show_no_topics: results[1].length ? 'hide' : '',
+						show_no_posts: results[0].length ? 'hide' : '',
+						show_results: '',
+						search_query: req.params.term,
+						posts: results[0],
+						topics: results[1],
+						post_matches : results[0].length,
+						topic_matches : results[1].length
 					});
 				});
-			});
-
-			app.get('/notifications', function(req, res) {
-				if (req.user && req.user.uid) {
-					user.notifications.getAll(req.user.uid, null, null, function(err, notifications) {
-						res.json({
-							notifications: notifications
-						});
-					});
-				} else {
-					res.send(403);
-				}
-			});			
+			} else {
+				res.send(403);
+			}
+		});
 
-			app.get('/search', function (req, res) {
-				if ((req.user && req.user.uid) || meta.config.allowGuestSearching === '1') {
-					return res.json({
-						show_no_topics: 'hide',
-						show_no_posts: 'hide',
-						show_results: 'hide',
-						search_query: '',
-						posts: [],
-						topics: []
-					});
-				} else {
-					res.send(403);
-				}
-			});
+		function upload(req, res, filesIterator, next) {
+			if(!req.user) {
+				return res.json(403, {message:'not allowed'});
+			}
+			var files = req.files.files;
 
-			app.get('/search/:term', function (req, res, next) {
-				if (!Plugins.hasListeners('filter:search.query')) {
-					return res.redirect('/404');
-				}
+			if(!Array.isArray(files)) {
+				return res.json(500, {message: 'invalid files'});
+			}
 
-				function searchPosts(callback) {
-					Plugins.fireHook('filter:search.query', {
-						index: 'post',
-						query: req.params.term
-					}, function(err, pids) {
-						if (err) {
-							return callback(err);
-						}
+			// multiple files
+			if(Array.isArray(files[0])) {
+				files = files[0];
+			}
 
-						posts.getPostSummaryByPids(pids, false, callback);
-					});
+			function deleteTempFiles() {
+				for(var i=0; i<files.length; ++i) {
+					fs.unlink(files[i].path);
 				}
+			}
 
-				function searchTopics(callback) {
-					Plugins.fireHook('filter:search.query', {
-						index: 'topic',
-						query: req.params.term
-					}, function(err, tids) {
-						if (err) {
-							return callback(err);
-						}
-
-						topics.getTopicsByTids(tids, 0, callback);
-					});
-				}
+			async.map(files, filesIterator, function(err, images) {
+				deleteTempFiles();
 
-				if ((req.user && req.user.uid) || meta.config.allowGuestSearching === '1') {
-					async.parallel([searchPosts, searchTopics], function (err, results) {
-						if (err) {
-							return next(err);
-						}
-
-						if(!results) {
-							results = [];
-							results[0] = results[1] = [];
-						}
-
-						return res.json({
-							show_no_topics: results[1].length ? 'hide' : '',
-							show_no_posts: results[0].length ? 'hide' : '',
-							show_results: '',
-							search_query: req.params.term,
-							posts: results[0],
-							topics: results[1],
-							post_matches : results[0].length,
-							topic_matches : results[1].length
-						});
-					});
-				} else {
-					res.send(403);
+				if(err) {
+					return res.send(500, err.message);
 				}
-			});
 
-			function upload(req, res, filesIterator, next) {
-				if(!req.user) {
-					return res.json(403, {message:'not allowed'});
-				}
-				var files = req.files.files;
+				// if this was not a XMLHttpRequest (hence the req.xhr check http://expressjs.com/api.html#req.xhr)
+				// then most likely it's submit via the iFrame workaround, via the jquery.form plugin's ajaxSubmit()
+				// we need to send it as text/html so IE8 won't trigger a file download for the json response
+				// malsup.com/jquery/form/#file-upload
 
-				if(!Array.isArray(files)) {
-					return res.json(500, {message: 'invalid files'});
-				}
+				// Also, req.send is safe for both types, if the response was an object, res.send will automatically submit as application/json
+				// expressjs.com/api.html#res.send
+				res.send(200, req.xhr ? images : JSON.stringify(images));
+			});
+		}
 
-				// multiple files
-				if(Array.isArray(files[0])) {
-					files = files[0];
+		app.post('/post/upload', function(req, res, next) {
+			upload(req, res, function(file, next) {
+				if(file.type.match(/image./)) {
+					posts.uploadPostImage(file, next);
+				} else {
+					posts.uploadPostFile(file, next);
 				}
+			}, next);
+		});
 
-				function deleteTempFiles() {
-					for(var i=0; i<files.length; ++i) {
-						fs.unlink(files[i].path);
-					}
+		app.post('/topic/thumb/upload', function(req, res, next) {
+			upload(req, res, function(file, next) {
+				if(file.type.match(/image./)) {
+					topics.uploadTopicThumb(file, next);
+				} else {
+					res.json(500, {message: 'Invalid File'});
 				}
+			}, next);
+		});
 
-				async.map(files, filesIterator, function(err, images) {
-					deleteTempFiles();
-
-					if(err) {
-						return res.send(500, err.message);
-					}
-
-					// if this was not a XMLHttpRequest (hence the req.xhr check http://expressjs.com/api.html#req.xhr)
-					// then most likely it's submit via the iFrame workaround, via the jquery.form plugin's ajaxSubmit()
-					// we need to send it as text/html so IE8 won't trigger a file download for the json response
-					// malsup.com/jquery/form/#file-upload
-
-					// Also, req.send is safe for both types, if the response was an object, res.send will automatically submit as application/json
-					// expressjs.com/api.html#res.send
-					res.send(200, req.xhr ? images : JSON.stringify(images));
-				});
-			}
-
-			app.post('/post/upload', function(req, res, next) {
-				upload(req, res, function(file, next) {
-					if(file.type.match(/image./)) {
-						posts.uploadPostImage(file, next);
-					} else {
-						posts.uploadPostFile(file, next);
-					}
-				}, next)
-			});
-
-			app.post('/topic/thumb/upload', function(req, res, next) {
-				upload(req, res, function(file, next) {
-					if(file.type.match(/image./)) {
-						topics.uploadTopicThumb(file, next);
-					} else {
-		            	res.json(500, {message: 'Invalid File'});
-					}
-				}, next);
-			});
-
-			app.get('/reset', function (req, res) {
-				res.json({});
-			});
-
-			app.get('/reset/:code', function (req, res) {
-				res.json({
-					reset_code: req.params.code
-				});
-			});
-
-			app.namespace('/categories', function() {
-				app.get(':cid/moderators', function(req, res) {
-					categories.getModerators(req.params.cid, function(err, moderators) {
-						res.json({moderators: moderators});
-					})
-				});
+		app.get('/categories/:cid/moderators', function(req, res) {
+			categories.getModerators(req.params.cid, function(err, moderators) {
+				res.json({moderators: moderators});
 			});
 		});
-	}
-}(exports));
+	});
+
+	// this should have been in the API namespace
+	// also, perhaps pass in :userslug so we can use checkAccountPermissions middleware - in future will allow admins to upload a picture for a user
+	app.post('/user/uploadpicture', middleware.checkGlobalPrivacySettings, /*middleware.checkAccountPermissions,*/ controllers.accounts.uploadPicture);
+};
\ No newline at end of file
diff --git a/src/routes/authentication.js b/src/routes/authentication.js
index 6fba7c3b92..f453acbf02 100644
--- a/src/routes/authentication.js
+++ b/src/routes/authentication.js
@@ -68,24 +68,6 @@
 				}
 			}
 
-			app.get('/reset/:code', function(req, res) {
-				app.build_header({
-					req: req,
-					res: res
-				}, function(err, header) {
-					res.send(header + app.create_route('reset/' + req.params.code) + templates.footer);
-				});
-			});
-
-			app.get('/reset', function(req, res) {
-				app.build_header({
-					req: req,
-					res: res
-				}, function(err, header) {
-					res.send(header + app.create_route('reset') + templates.footer);
-				});
-			});
-
 			app.post('/login', function(req, res, next) {
 				passport.authenticate('local', function(err, userData, info) {
 					if (err) {
diff --git a/src/routes/index.js b/src/routes/index.js
index f44135c06d..8023344449 100644
--- a/src/routes/index.js
+++ b/src/routes/index.js
@@ -3,9 +3,7 @@
 var nconf = require('nconf'),
 	controllers = require('./../controllers'),
 	meta = require('./../meta'),
-	middleware = {},
 	
-	/*temp*/
 	plugins = require('./../plugins'),
 	metaRoute = require('./meta'),
 	apiRoute = require('./api'),
@@ -18,30 +16,14 @@ module.exports = function(app, middleware) {
 		//temp
 		metaRoute.createRoutes(app);
 		admin.createRoutes(app);
-		apiRoute.createRoutes(app);
 		feedsRoute.createRoutes(app);
 
-		// Basic Routes (entirely client-side parsed, goal is to move the rest of the crap in this file into this one section)
-		/*(function () {
-			var routes = [],
-				loginRequired = ['notifications'];
-
-			async.each(routes.concat(loginRequired), function(route, next) {
-				app.get('/' + route, function (req, res) {
-					if (loginRequired.indexOf(route) !== -1 && !req.user) {
-						return res.redirect('/403');
-					}
-
-					app.build_header({
-						req: req,
-						res: res
-					}, function (err, header) {
-						res.send((isNaN(parseInt(route, 10)) ? 200 : parseInt(route, 10)), header + app.create_route(route) + templates.footer);
-					});
-				});
-			});
-		}());*/
-
+		apiRoute(app, middleware, controllers);
+		
+		/**
+		* Every view has an associated API route.
+		*
+		*/
 		/* Main */
 		app.get('/', middleware.buildHeader, controllers.home);
 		app.get('/api/home', controllers.home);
@@ -55,9 +37,6 @@ module.exports = function(app, middleware) {
 		app.get('/confirm/:code', middleware.buildHeader, controllers.confirmEmail);
 		app.get('/api/confirm/:code', controllers.confirmEmail);
 
-		app.get('/sitemap.xml', controllers.sitemap);
-		app.get('/robots.txt', controllers.robots);
-
 		app.get('/outgoing', middleware.buildHeader, controllers.outgoing);
 		app.get('/api/outgoing', controllers.outgoing);
 
@@ -114,12 +93,6 @@ module.exports = function(app, middleware) {
 		app.get('/user/:userslug/settings', middleware.buildHeader, middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.accountSettings);
 		app.get('/api/user/:userslug/settings', middleware.checkGlobalPrivacySettings, middleware.checkAccountPermissions, controllers.accounts.accountSettings);
 
-		app.get('/api/user/uid/:uid', middleware.checkGlobalPrivacySettings, controllers.accounts.getUserByUID);
-
-		// this should have been in the API namespace
-		// also, perhaps pass in :userslug so we can use checkAccountPermissions middleware, in future will allow admins to upload a picture for a user
-		app.post('/user/uploadpicture', middleware.checkGlobalPrivacySettings, /*middleware.checkAccountPermissions,*/ controllers.accounts.uploadPicture);
-
 		/* Users */
 		app.get('/users', middleware.buildHeader, middleware.checkGlobalPrivacySettings, controllers.users.getOnlineUsers);
 		app.get('/api/users', middleware.checkGlobalPrivacySettings, controllers.users.getOnlineUsers);
@@ -140,8 +113,26 @@ module.exports = function(app, middleware) {
 		app.get('/users/search', middleware.buildHeader, middleware.checkGlobalPrivacySettings, controllers.users.getUsersForSearch);
 		app.get('/api/users/search', middleware.checkGlobalPrivacySettings, controllers.users.getUsersForSearch);
 
+		/* Misc */
+		app.get('/sitemap.xml', controllers.sitemap);
+		app.get('/robots.txt', controllers.robots);
 
-
+		//todo notifications
+
+		app.get('api/search/:term?', function (req, res) {
+			if ((req.user && req.user.uid) || meta.config.allowGuestSearching === '1') {
+				return res.json({
+					show_no_topics: 'hide',
+					show_no_posts: 'hide',
+					show_results: 'hide',
+					search_query: '',
+					posts: [],
+					topics: []
+				});
+			} else {
+				res.send(403);
+			}
+		});
 
 		app.get('/search/:term?', function (req, res) {
 
@@ -159,6 +150,36 @@ module.exports = function(app, middleware) {
 			});
 		});
 
+
+		app.get('/reset/:code', function(req, res) {
+			app.build_header({
+				req: req,
+				res: res
+			}, function(err, header) {
+				res.send(header + app.create_route('reset/' + req.params.code) + templates.footer);
+			});
+		});
+
+		app.get('api/reset/:code', function (req, res) {
+			res.json({
+				reset_code: req.params.code
+			});
+		});
+
+		app.get('/reset', function(req, res) {
+			app.build_header({
+				req: req,
+				res: res
+			}, function(err, header) {
+				res.send(header + app.create_route('reset') + templates.footer);
+			});
+		});
+
+		app.get('api/reset', function (req, res) {
+			res.json({});
+		});
+
+		
 		// Other routes
 		require('./plugins')(app);
 
@@ -179,6 +200,7 @@ module.exports = function(app, middleware) {
 			});
 		};
 
+
 		plugins.ready(function() {
 			plugins.fireHook('filter:server.create_routes', custom_routes, function(err, custom_routes) {
 				var route,