diff options
| author | Jules Laplace <julescarbon@gmail.com> | 2018-05-14 17:22:35 +0200 |
|---|---|---|
| committer | Jules Laplace <julescarbon@gmail.com> | 2018-05-14 17:22:35 +0200 |
| commit | e5181209e7103eaa0f95108d10947487ad31c938 (patch) | |
| tree | 69859679d832a37d10dab1687dd244f2cd30057e /bucky/app/bucky.js | |
| parent | cf9546033f16be59b97cd383d3694fc5844528ba (diff) | |
adminz and split out privacy
Diffstat (limited to 'bucky/app/bucky.js')
| -rw-r--r-- | bucky/app/bucky.js | 50 |
1 files changed, 3 insertions, 47 deletions
diff --git a/bucky/app/bucky.js b/bucky/app/bucky.js index f8ea00b..f00c296 100644 --- a/bucky/app/bucky.js +++ b/bucky/app/bucky.js @@ -206,6 +206,8 @@ var bucky = module.exports = { try { settings = JSON.stringify(req.body.settings) } catch(e) { + console.error("JSON error in thread settings!!!!") + return res.sendStatus(500) } } if (! settings) { @@ -294,7 +296,7 @@ var bucky = module.exports = { next() }) }, - ensureThreadGroups: function (res, res, next){ + ensureThreadGroups: function (req, res, next){ db.getThreadGroups().then(function(threadGroups){ res.threadGroups = threadGroups next() @@ -581,52 +583,6 @@ var bucky = module.exports = { res.user.save().then( () => next() ) }, - /* PRIVACY */ - - checkIsAdmin: function(req, res, next){ - if (req.user.get('ulevel') !== 3) { - return res.sendStatus(500) - } - next() - }, - checkUserPrivacy: function(req, res, next) { - if (req.user.get('username') !== res.user.get('username')) { - return res.sendStatus(500) - } - next() - }, - checkThreadPrivacy: function(req, res, next) { - if (res.thread.get('id') !== 1 && ! res.thread.checkPrivacy(req.user)) { - return res.sendStatus(500) - } - next() - }, - checkCommentPrivacy: function(req, res, next) { - if (req.user.get('ulevel') !== 3 && req.user.get('username') !== res.comment.get('username')) { - return res.sendStatus(500) - } - next() - }, - checkFilePrivacy: function(req, res, next) { - if (req.user.get('ulevel') !== 3 && req.user.get('username') !== res.file.get('username')) { - return res.sendStatus(500) - } - next() - }, - checkMessagePrivacy: function(req, res, next) { - var username = req.user.get('username') - if (username !== res.message.get('sender') && username !== res.message.get('recipient')) { - return res.sendStatus(500) - } - next() - }, - filterPrivateThreads: function(req, res, next) { - res.threads = res.threads.filter(thread => { - return thread.checkPrivacy(req.user) - }) - next() - }, - /* MAIL */ ensureMailboxes: function (req, res, next){ |