1 files changed, 12 insertions, 11 deletions

diff --git a/bucky/app/api.js b/bucky/app/api.js
index e72298e..245e45e 100644
--- a/bucky/app/api.js
+++ b/bucky/app/api.js
@@ -6,6 +6,7 @@ var util = require('../util/util')
 
 var db = require('../db')
 var bucky = require('./bucky')
+var privacy =  require('./privacy')
 var search = require('../search/middleware')
 var fortune = require('../db/fortune')
 
@@ -24,7 +25,7 @@ function route (app){
   app.post("/api/user/:username",
     middleware.ensureAuthenticated,
     bucky.ensureUser,
-    bucky.checkUserPrivacy,
+    privacy.checkUserPrivacy,
     multer.single("avatar"),
     bucky.updateProfile,
     auth.changePassword,
@@ -108,7 +109,7 @@ function route (app){
   app.get("/api/thread/:id",
     middleware.ensureAuthenticated,
     bucky.ensureThread,
-    bucky.checkThreadPrivacy,
+    privacy.checkThreadPrivacy,
     bucky.bumpViewCount,
     bucky.ensureKeywordForThread,
     bucky.ensureCommentsForThread,
@@ -137,7 +138,7 @@ function route (app){
   app.put("/api/thread/:id",
     middleware.ensureAuthenticated,
     bucky.ensureThread,
-    bucky.checkThreadPrivacy,
+    privacy.checkThreadPrivacy,
     bucky.updateThreadSettings,
     function(req, res){
       res.json({ status: 'ok' })
@@ -145,7 +146,7 @@ function route (app){
   app.delete("/api/thread/:id",
     middleware.ensureAuthenticated,
     bucky.ensureThread,
-    bucky.checkThreadPrivacy,
+    privacy.checkThreadPrivacy,
     bucky.ensureCommentsForThread,
     bucky.ensureFilesForThread,
     bucky.destroyThread,
@@ -159,7 +160,7 @@ function route (app){
   app.post("/api/thread/:id/comment",
     middleware.ensureAuthenticated,
     bucky.ensureThread,
-    bucky.checkThreadPrivacy,
+    privacy.checkThreadPrivacy,
     multer.array("files"),
     bucky.verifyFilesOrComment,
     bucky.createOptionalFiles,
@@ -180,7 +181,7 @@ function route (app){
   app.put("/api/comment/:id",
     middleware.ensureAuthenticated,
     bucky.ensureComment,
-    bucky.checkCommentPrivacy,
+    privacy.checkCommentPrivacy,
     bucky.ensureCommentThread,
     bucky.updateComment,
     bucky.bumpThreadRevisions,
@@ -190,7 +191,7 @@ function route (app){
   // move a file to another thread
   app.get("/api/file/:id/move/:thread_id",
     middleware.ensureAuthenticated,
-    bucky.checkIsAdmin,
+    privacy.checkIsAdmin,
     bucky.ensureFile,
     bucky.ensureThreadById,
     bucky.moveFile,
@@ -200,7 +201,7 @@ function route (app){
   // move a comment to another thread
   app.get("/api/comment/:id/move/:thread_id",
     middleware.ensureAuthenticated,
-    bucky.checkIsAdmin,
+    privacy.checkIsAdmin,
     bucky.ensureComment,
     bucky.ensureThreadById,
     bucky.moveComment,
@@ -211,7 +212,7 @@ function route (app){
   app.delete("/api/comment/:id",
     middleware.ensureAuthenticated,
     bucky.ensureComment,
-    bucky.checkCommentPrivacy,
+    privacy.checkCommentPrivacy,
     bucky.destroyComment,
     function(req, res){
       res.send({ status: 'ok' })
@@ -220,7 +221,7 @@ function route (app){
   app.delete("/api/file/:id",
     middleware.ensureAuthenticated,
     bucky.ensureFile,
-    bucky.checkFilePrivacy,
+    privacy.checkFilePrivacy,
     bucky.destroyFile,
     function(req, res){
       res.send({ status: 'ok' })
@@ -239,7 +240,7 @@ function route (app){
   )
   app.get("/api/search/build",
     middleware.ensureAuthenticated,
-    bucky.checkIsAdmin,
+    privacy.checkIsAdmin,
     search.rebuild
   )