diff options
| author | Jules Laplace <julescarbon@gmail.com> | 2017-12-11 09:52:40 +0100 |
|---|---|---|
| committer | Jules Laplace <julescarbon@gmail.com> | 2017-12-11 09:52:40 +0100 |
| commit | c06f440e4a41853fc30ff5b231c68bd766ba96fa (patch) | |
| tree | 2f1972dbdde80ff05cac339576a0d5cd63f4254d | |
| parent | 2be058bfd57790616a9d3282260a89dc1ccf65ab (diff) | |
remove comments
| -rw-r--r-- | bucky/app/bucky.js | 40 | ||||
| -rw-r--r-- | bucky/app/router.js | 16 | ||||
| -rw-r--r-- | bucky/db/index.js | 13 | ||||
| -rw-r--r-- | public/assets/js/lib/views/details/comments.js | 2 | ||||
| -rw-r--r-- | public/assets/js/util/format.js | 3 |
5 files changed, 66 insertions, 8 deletions
diff --git a/bucky/app/bucky.js b/bucky/app/bucky.js index 49ad8e0..ce02b24 100644 --- a/bucky/app/bucky.js +++ b/bucky/app/bucky.js @@ -184,6 +184,27 @@ var bucky = module.exports = { /* COMMENTS */ + ensureComment: function (req, res, next){ + var id = req.params.id.replace(/\D/g, "") + if (! id) { + return res.sendStatus(404) + } + db.getCommentById(id).then(function(comment){ + if (comment) { + res.comment = comment + next() + } + else { + res.sendStatus(404) + } + }) + }, + checkCommentPrivacy: function(req, res, next) { + if (req.user.get('ulevel') !== 3 && req.user.get('username') !== res.comment.get('username')) { + return res.sendStatus(500) + } + next() + }, createOptionalComment: function(req, res, next){ if (! req.body.comment || ! req.body.comment.length) { return next() @@ -207,7 +228,24 @@ var bucky = module.exports = { next() }) }, - + updateComment: function(req, res, next){ + if (! req.body.comment || ! req.body.comment.length) { + return res.sendStatus(500) + } + res.comment.set('comment', req.body.comment) + res.comment.set('date', util.now()) + res.comment.save().then(next).catch(err => { + res.sendStatus(500) + }) + }, + destroyComment: function(req, res, next){ + res.comment.destroy().then(() => { + next() + }).catch(err => { + res.send(500) + }) + }, + /* FILES */ createOptionalFiles: function(req, res, next){ diff --git a/bucky/app/router.js b/bucky/app/router.js index eada09b..e5890ca 100644 --- a/bucky/app/router.js +++ b/bucky/app/router.js @@ -118,18 +118,30 @@ module.exports = function(app){ }) app.delete("/api/thread/:id", middleware.ensureAuthenticated, + bucky.ensureThread, +// bucky.destroyThread, function(req, res){ // delete a thread + res.send(200) }) + // edit a comment app.put("/api/comment/:id", middleware.ensureAuthenticated, + bucky.ensureComment, + bucky.checkCommentPrivacy, + bucky.updateComment, function(req, res){ - // edit a comment + res.send(200) }) + // delete a comment app.delete("/api/comment/:id", middleware.ensureAuthenticated, + bucky.ensureComment, + bucky.checkCommentPrivacy, + bucky.destroyComment, function(req, res){ - // delete a comment + console.log("BUAHLAHA") + res.send(200) }) app.get("/search/", diff --git a/bucky/db/index.js b/bucky/db/index.js index 3e88fb7..0ce6e5f 100644 --- a/bucky/db/index.js +++ b/bucky/db/index.js @@ -81,7 +81,7 @@ db.createThread = function(data){ } db.updateThread = function(data){ } -db.removeThread = function(id){ +db.destroyThread = function(id){ } /* FILES */ @@ -101,7 +101,7 @@ db.getFilesById = function(ids){ db.createFile = function(data){ return new db.File(data).save() } -db.removeFile = function(id){ +db.destroyFile = function(id){ } /* COMMENTS */ @@ -123,6 +123,9 @@ db.getCommentsForThread = function (id, limit, offset, order){ return comments }) } +db.getCommentById = function(id){ + return (new Comment({'id': id})).fetch() +} db.getCommentsById = function(ids){ return Comment.where("id", "in", ids).fetchAll() } @@ -134,7 +137,7 @@ db.createComment = function(data){ } db.updateComment = function(data){ } -db.removeComment = function(id){ +db.destroyComment = function(id){ } @@ -154,7 +157,7 @@ db.createKeyword = function(data){ } db.updateKeyword = function(data){ } -db.removeKeyword = function(id){ +db.destroyKeyword = function(id){ } @@ -195,5 +198,5 @@ db.createMessage = function(data){ } db.updateMessage = function(data){ } -db.removeMessage = function(id){ +db.destroyMessage = function(id){ } diff --git a/public/assets/js/lib/views/details/comments.js b/public/assets/js/lib/views/details/comments.js index 202ae72..c679d22 100644 --- a/public/assets/js/lib/views/details/comments.js +++ b/public/assets/js/lib/views/details/comments.js @@ -62,6 +62,8 @@ var CommentsView = FormView.extend({ $.ajax({ method: "DELETE", url: "/api/comment/" + id, + headers: { "csrf-token": $("[name=_csrf]").attr("value") }, + data: { csrf: csrf() }, success: function(){ window.location.reload() }, diff --git a/public/assets/js/util/format.js b/public/assets/js/util/format.js index bfabfc3..3256ce5 100644 --- a/public/assets/js/util/format.js +++ b/public/assets/js/util/format.js @@ -5,6 +5,9 @@ var is_mobile = is_iphone || is_ipad || is_android var is_desktop = ! is_mobile; document.body.classList.add(is_desktop ? 'desktop' : 'mobile'); +function csrf() { + return $("[name=_csrf]").attr("value") +} function commatize (n) { var nums = [], i, counter = 0, r = Math.floor if (n > 1024) { |