hyperzlib
/
nodebb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

make sure user is admin/mod before forking

Browse Source
v1.18.x
barisusakli 10 years ago
parent f9575efaf0
commit ffff8093ba
3 changed files with 41 additions and 34 deletions
Show Stats Download Patch File Download Diff File

4
src/socket.io/topics.js
Unescape Escape View File

@ -280,11 +280,11 @@ function emitToTopicAndCategory(event, data) {
} }
SocketTopics.createTopicFromPosts = function(socket, data, callback) { SocketTopics.createTopicFromPosts = function(socket, data, callback) {
if(!socket.uid) { if (!socket.uid) {
return callback(new Error('[[error:not-logged-in]]')); return callback(new Error('[[error:not-logged-in]]'));
} }
if(!data || !data.title || !data.pids || !Array.isArray(data.pids)) { if (!data || !data.title || !data.pids || !Array.isArray(data.pids)) {
return callback(new Error('[[error:invalid-data]]')); return callback(new Error('[[error:invalid-data]]'));
} }

67
src/topics/fork.js
Unescape Escape View File

@ -6,6 +6,7 @@ var async = require('async'),
db = require('../database'), db = require('../database'),
user = require('../user'),
posts = require('../posts'), posts = require('../posts'),
privileges = require('../privileges'), privileges = require('../privileges'),
postTools = require('../postTools'), postTools = require('../postTools'),
@ -32,37 +33,33 @@ module.exports = function(Topics) {
return a - b; return a - b;
}); });
var mainPid = pids[0]; var mainPid = pids[0];
var cid;
async.parallel({ var tid;
postData: function(callback) { async.waterfall([
posts.getPostData(mainPid, callback); function(next) {
posts.getCidByPid(mainPid, next);
}, },
cid: function(callback) { function(_cid, next) {
posts.getCidByPid(mainPid, callback); cid = _cid;
} async.parallel({
}, function(err, results) { postData: function(next) {
if (err) { posts.getPostData(mainPid, next);
return callback(err); },
} isAdmin: function(next) {
user.isAdministrator(uid, next);
Topics.create({uid: results.postData.uid, title: title, cid: results.cid}, function(err, tid) { },
if (err) { isModerator: function(next) {
return callback(err); user.isModerator(uid, cid, next);
}
async.eachSeries(pids, move, function(err) {
if (err) {
return callback(err);
} }
}, next);
Topics.updateTimestamp(tid, Date.now(), function(err) { },
if (err) { function(results, next) {
return callback(err); if (!results.isAdmin && !results.isModerator) {
} return next(new Error('[[error:no-privileges]]'));
Topics.getTopicData(tid, callback); }
}); Topics.create({uid: results.postData.uid, title: title, cid: cid}, next);
}); },
function(_tid, next) {
function move(pid, next) { function move(pid, next) {
privileges.posts.canEdit(pid, uid, function(err, canEdit) { privileges.posts.canEdit(pid, uid, function(err, canEdit) {
if(err || !canEdit) { if(err || !canEdit) {
@ -72,8 +69,16 @@ module.exports = function(Topics) {
Topics.movePostToTopic(pid, tid, next); Topics.movePostToTopic(pid, tid, next);
}); });
} }
}); tid = _tid;
}); async.eachSeries(pids, move, next);
},
function(next) {
Topics.updateTimestamp(tid, Date.now(), next);
},
function(next) {
Topics.getTopicData(tid, next);
}
], callback);
}; };
Topics.movePostToTopic = function(pid, tid, callback) { Topics.movePostToTopic = function(pid, tid, callback) {

4
src/topics/recent.js
Unescape Escape View File

@ -47,7 +47,9 @@ module.exports = function(Topics) {
function(next) { function(next) {
Topics.setTopicField(tid, 'lastposttime', timestamp, next); Topics.setTopicField(tid, 'lastposttime', timestamp, next);
} }
], callback); ], function(err, results) {
callback(err);
});
}; };
Topics.updateRecent = function(tid, timestamp, callback) { Topics.updateRecent = function(tid, timestamp, callback) {

Write Preview
Loading…
Cancel
Save