diff options
Diffstat (limited to 'bucky/app')
| -rw-r--r-- | bucky/app/bucky.js | 40 | ||||
| -rw-r--r-- | bucky/app/router.js | 16 |
2 files changed, 53 insertions, 3 deletions
diff --git a/bucky/app/bucky.js b/bucky/app/bucky.js index 49ad8e0..ce02b24 100644 --- a/bucky/app/bucky.js +++ b/bucky/app/bucky.js @@ -184,6 +184,27 @@ var bucky = module.exports = { /* COMMENTS */ + ensureComment: function (req, res, next){ + var id = req.params.id.replace(/\D/g, "") + if (! id) { + return res.sendStatus(404) + } + db.getCommentById(id).then(function(comment){ + if (comment) { + res.comment = comment + next() + } + else { + res.sendStatus(404) + } + }) + }, + checkCommentPrivacy: function(req, res, next) { + if (req.user.get('ulevel') !== 3 && req.user.get('username') !== res.comment.get('username')) { + return res.sendStatus(500) + } + next() + }, createOptionalComment: function(req, res, next){ if (! req.body.comment || ! req.body.comment.length) { return next() @@ -207,7 +228,24 @@ var bucky = module.exports = { next() }) }, - + updateComment: function(req, res, next){ + if (! req.body.comment || ! req.body.comment.length) { + return res.sendStatus(500) + } + res.comment.set('comment', req.body.comment) + res.comment.set('date', util.now()) + res.comment.save().then(next).catch(err => { + res.sendStatus(500) + }) + }, + destroyComment: function(req, res, next){ + res.comment.destroy().then(() => { + next() + }).catch(err => { + res.send(500) + }) + }, + /* FILES */ createOptionalFiles: function(req, res, next){ diff --git a/bucky/app/router.js b/bucky/app/router.js index eada09b..e5890ca 100644 --- a/bucky/app/router.js +++ b/bucky/app/router.js @@ -118,18 +118,30 @@ module.exports = function(app){ }) app.delete("/api/thread/:id", middleware.ensureAuthenticated, + bucky.ensureThread, +// bucky.destroyThread, function(req, res){ // delete a thread + res.send(200) }) + // edit a comment app.put("/api/comment/:id", middleware.ensureAuthenticated, + bucky.ensureComment, + bucky.checkCommentPrivacy, + bucky.updateComment, function(req, res){ - // edit a comment + res.send(200) }) + // delete a comment app.delete("/api/comment/:id", middleware.ensureAuthenticated, + bucky.ensureComment, + bucky.checkCommentPrivacy, + bucky.destroyComment, function(req, res){ - // delete a comment + console.log("BUAHLAHA") + res.send(200) }) app.get("/search/", |