diff options
| author | Jules Laplace <julescarbon@gmail.com> | 2017-12-12 08:46:28 +0100 |
|---|---|---|
| committer | Jules Laplace <julescarbon@gmail.com> | 2017-12-12 08:46:28 +0100 |
| commit | aefc83f729ab3f3c35d9371ec972fb6885b13125 (patch) | |
| tree | 526aab55889bc6714c377d53eaa8d9a43fe36001 /bucky/app | |
| parent | 5e053888b7bec0017f191c8b30c405abd085711f (diff) | |
mail qa
Diffstat (limited to 'bucky/app')
| -rw-r--r-- | bucky/app/bucky.js | 69 | ||||
| -rw-r--r-- | bucky/app/router.js | 37 |
2 files changed, 84 insertions, 22 deletions
diff --git a/bucky/app/bucky.js b/bucky/app/bucky.js index a31d50f..5fb58bf 100644 --- a/bucky/app/bucky.js +++ b/bucky/app/bucky.js @@ -400,6 +400,7 @@ var bucky = module.exports = { }, /* PRIVACY */ + checkThreadPrivacy: function(req, res, next) { if (req.user.get('ulevel') !== 3 && req.user.get('username') !== res.thread.get('username')) { return res.sendStatus(500) @@ -412,6 +413,13 @@ var bucky = module.exports = { } next() }, + checkMessagePrivacy: function(req, res, next) { + var username = req.user.get('username') + if (username !== res.message.get('sender') && username !== res.message.get('recipient')) { + return res.sendStatus(500) + } + next() + }, /* MAIL */ @@ -454,6 +462,9 @@ var bucky = module.exports = { }, ensureMessage: function(req, res, next){ db.getMessage(req.params.id).then(function(message){ + if (! message) { + return res.sendStatus(404) + } var username = req.user.get('username') if (username !== message.get('recipient') && username !== message.get('sender')) { res.sendStatus(404) @@ -462,5 +473,61 @@ var bucky = module.exports = { res.message = message next() }) - } + }, + markMessageUnread: function(req, res, next){ + if (res.message.get('unread')) { + res.message.set('unread', false) + res.message.save().then(() => next()) + } else { + next() + } + }, + ensureRecipient: function(req, res, next){ + db.getUserByUsername(util.sanitizeName(req.body.username)).then( (user) => { + if (! user) { + res.send({ error: "No such recipient" }) + return + } + next() + }) + }, + sendMessage: function(req, res, next){ + var recipient = util.sanitizeName(req.body.username) + var sender = req.user.get('username') + var subject = util.sanitize(req.body.subject) + var body = util.sanitize(req.body.body) + res.mail = { sender: sender, recipient: recipient } + var recipientMessage = { + mbox: recipient + ".inbox", + unread: true, + sender: sender, + recipient: recipient, + date: util.now(), + subject: subject, + body: body, + } + var senderMessage = { + mbox: sender + ".outbox", + unread: false, + sender: sender, + recipient: recipient, + date: util.now(), + subject: subject, + body: body, + } + Promise.all([ + db.createMessage(recipientMessage), + db.createMessage(senderMessage), + ]).then( () => next() ) + }, + deleteDraft: function(req, res, next){ + if (! req.body.draft_id) return next() + db.getMessage(req.body.draft_id).then( (message) => { + if (message.get('sender') === req.user.get('username')) { + return message.destroy().then( () => next() ) + } + // erroneous draft message?? + next() + }) + }, }
\ No newline at end of file diff --git a/bucky/app/router.js b/bucky/app/router.js index 4c94c19..8eb90e0 100644 --- a/bucky/app/router.js +++ b/bucky/app/router.js @@ -196,8 +196,7 @@ module.exports = function(app){ middleware.ensureAuthenticated, function(req, res){ res.render("pages/search", {title: "search" }) - } - ) + }) app.get("/api/search", middleware.ensureAuthenticated, search.search, @@ -215,8 +214,7 @@ module.exports = function(app){ res.json({ keywords: res.keywords, }) - } - ) + }) app.get("/api/keyword/:keyword", middleware.ensureAuthenticated, bucky.ensureKeyword, @@ -229,15 +227,13 @@ module.exports = function(app){ keyword: res.keyword, threads: res.threads, }) - } - ) + }) app.get("/mail/", middleware.ensureAuthenticated, function(req, res){ res.render("pages/mailbox", {title: "your inbox" }) - } - ) + }) app.get("/mail/compose", middleware.ensureAuthenticated, function(req, res){ @@ -245,14 +241,12 @@ module.exports = function(app){ title: "new message", subject: fortune("subjects"), }) - } - ) + }) app.get("/mail/:box", middleware.ensureAuthenticated, function(req, res){ res.render("pages/mailbox", { title: "your " + util.sanitize(req.params.box) }) - } - ) + }) app.get("/mail/compose/:username", middleware.ensureAuthenticated, function(req, res){ @@ -260,14 +254,12 @@ module.exports = function(app){ title: "new message", subject: fortune("subjects"), }) - } - ) + }) app.get("/mail/read/:id", middleware.ensureAuthenticated, function(req, res){ res.render("pages/message", { title: "read message" }) - } - ) + }) app.get("/api/mailbox/:box", middleware.ensureAuthenticated, bucky.ensureMailboxes, @@ -279,20 +271,23 @@ module.exports = function(app){ messages: res.messages, boxes: res.boxes, }) - } - ) + }) app.get("/api/message/:id", middleware.ensureAuthenticated, bucky.ensureMessage, + bucky.markMessageUnread, function(req, res){ res.json({ message: res.message, }) - }) - app.post("/mail/", + }) + app.post("/api/mail/send", middleware.ensureAuthenticated, + bucky.ensureRecipient, + bucky.sendMessage, + bucky.deleteDraft, function(req, res){ - // send new mail + res.sendStatus(200) } ) |