diff options
Diffstat (limited to 'bucky')
| -rw-r--r-- | bucky/app/bucky.js | 40 | ||||
| -rw-r--r-- | bucky/app/router.js | 16 | ||||
| -rw-r--r-- | bucky/db/index.js | 13 |
3 files changed, 61 insertions, 8 deletions
diff --git a/bucky/app/bucky.js b/bucky/app/bucky.js index 49ad8e0..ce02b24 100644 --- a/bucky/app/bucky.js +++ b/bucky/app/bucky.js @@ -184,6 +184,27 @@ var bucky = module.exports = { /* COMMENTS */ + ensureComment: function (req, res, next){ + var id = req.params.id.replace(/\D/g, "") + if (! id) { + return res.sendStatus(404) + } + db.getCommentById(id).then(function(comment){ + if (comment) { + res.comment = comment + next() + } + else { + res.sendStatus(404) + } + }) + }, + checkCommentPrivacy: function(req, res, next) { + if (req.user.get('ulevel') !== 3 && req.user.get('username') !== res.comment.get('username')) { + return res.sendStatus(500) + } + next() + }, createOptionalComment: function(req, res, next){ if (! req.body.comment || ! req.body.comment.length) { return next() @@ -207,7 +228,24 @@ var bucky = module.exports = { next() }) }, - + updateComment: function(req, res, next){ + if (! req.body.comment || ! req.body.comment.length) { + return res.sendStatus(500) + } + res.comment.set('comment', req.body.comment) + res.comment.set('date', util.now()) + res.comment.save().then(next).catch(err => { + res.sendStatus(500) + }) + }, + destroyComment: function(req, res, next){ + res.comment.destroy().then(() => { + next() + }).catch(err => { + res.send(500) + }) + }, + /* FILES */ createOptionalFiles: function(req, res, next){ diff --git a/bucky/app/router.js b/bucky/app/router.js index eada09b..e5890ca 100644 --- a/bucky/app/router.js +++ b/bucky/app/router.js @@ -118,18 +118,30 @@ module.exports = function(app){ }) app.delete("/api/thread/:id", middleware.ensureAuthenticated, + bucky.ensureThread, +// bucky.destroyThread, function(req, res){ // delete a thread + res.send(200) }) + // edit a comment app.put("/api/comment/:id", middleware.ensureAuthenticated, + bucky.ensureComment, + bucky.checkCommentPrivacy, + bucky.updateComment, function(req, res){ - // edit a comment + res.send(200) }) + // delete a comment app.delete("/api/comment/:id", middleware.ensureAuthenticated, + bucky.ensureComment, + bucky.checkCommentPrivacy, + bucky.destroyComment, function(req, res){ - // delete a comment + console.log("BUAHLAHA") + res.send(200) }) app.get("/search/", diff --git a/bucky/db/index.js b/bucky/db/index.js index 3e88fb7..0ce6e5f 100644 --- a/bucky/db/index.js +++ b/bucky/db/index.js @@ -81,7 +81,7 @@ db.createThread = function(data){ } db.updateThread = function(data){ } -db.removeThread = function(id){ +db.destroyThread = function(id){ } /* FILES */ @@ -101,7 +101,7 @@ db.getFilesById = function(ids){ db.createFile = function(data){ return new db.File(data).save() } -db.removeFile = function(id){ +db.destroyFile = function(id){ } /* COMMENTS */ @@ -123,6 +123,9 @@ db.getCommentsForThread = function (id, limit, offset, order){ return comments }) } +db.getCommentById = function(id){ + return (new Comment({'id': id})).fetch() +} db.getCommentsById = function(ids){ return Comment.where("id", "in", ids).fetchAll() } @@ -134,7 +137,7 @@ db.createComment = function(data){ } db.updateComment = function(data){ } -db.removeComment = function(id){ +db.destroyComment = function(id){ } @@ -154,7 +157,7 @@ db.createKeyword = function(data){ } db.updateKeyword = function(data){ } -db.removeKeyword = function(id){ +db.destroyKeyword = function(id){ } @@ -195,5 +198,5 @@ db.createMessage = function(data){ } db.updateMessage = function(data){ } -db.removeMessage = function(id){ +db.destroyMessage = function(id){ } |