Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2026-06-16 00:00:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

closes #2477

Browse Source
This commit is contained in:
barisusakli
2014-12-01 20:28:36 -05:00
parent 9023060008
commit be11577aa4
17 changed files with 174 additions and 185 deletions
Download Patch File Download Diff File Expand all files Collapse all files

89
public/src/ajaxify.js
View File

@@ -24,17 +24,18 @@ $(document).ready(function() {
function onAjaxError(err, url, callback, quiet) {
var data = err.data, textStatus = err.textStatus;
$('#content, #footer').removeClass('ajaxifying');
var data = err.data,
textStatus = err.textStatus;
if (data) {
if (data.status === 404) {
return ajaxify.go('404');
if (data.status === 404 || data.status === 500) {
$('#footer, #content').removeClass('hide').addClass('ajaxifying');
return renderTemplate(url, data.status.toString(), data.responseJSON, (new Date()).getTime(), callback);
} else if (data.status === 401) {
app.alertError('[[global:please_log_in]]');
return ajaxify.go('login');
} else if (data.status === 403) {
$('#content, #footer').removeClass('ajaxifying');
app.alertError('[[error:no-privileges]]');
} else if (data.status === 302) {
return ajaxify.go(data.responseJSON.slice(1), callback, quiet);
@@ -56,10 +57,8 @@ $(document).ready(function() {
apiXHR.abort();
}
// Remove trailing slash
url = url.replace(/\/$/, "");
url = ajaxify.removeRelativePath(url);
// Remove relative path and trailing slash
url = ajaxify.removeRelativePath(url.replace(/\/$/, ''));
var tpl_url = ajaxify.getTemplateMapping(url);
@@ -80,8 +79,8 @@ $(document).ready(function() {
translator.load(config.defaultLang, tpl_url);
$('#footer, #content').removeClass('hide').addClass('ajaxifying');
var animationDuration = parseFloat($('#content').css('transition-duration')) || 0.2,
startTime = (new Date()).getTime();
var startTime = (new Date()).getTime();
ajaxify.variables.flush();
ajaxify.loadData(url, function(err, data) {
@@ -89,37 +88,7 @@ $(document).ready(function() {
return onAjaxError(err, url, callback, quiet);
}
$(window).trigger('action:ajaxify.loadingTemplates', {});
templates.parse(tpl_url, data, function(template) {
translator.translate(template, function(translatedTemplate) {
setTimeout(function() {
$('#content').html(translatedTemplate);
ajaxify.variables.parse();
ajaxify.widgets.render(tpl_url, url, function() {
$(window).trigger('action:ajaxify.end', {url: url});
});
$(window).trigger('action:ajaxify.contentLoaded', {url: url});
ajaxify.loadScript(tpl_url);
if (typeof callback === 'function') {
callback();
}
app.processPage();
$('#content, #footer').removeClass('ajaxifying');
ajaxify.initialLoad = false;
app.refreshTitle(url);
}, animationDuration * 1000 - ((new Date()).getTime() - startTime));
});
});
renderTemplate(url, tpl_url, data, startTime, callback);
require(['search'], function(search) {
search.topicDOM.end();
@@ -132,6 +101,42 @@ $(document).ready(function() {
return false;
};
function renderTemplate(url, tpl_url, data, startTime, callback) {
var animationDuration = parseFloat($('#content').css('transition-duration')) || 0.2;
$(window).trigger('action:ajaxify.loadingTemplates', {});
templates.parse(tpl_url, data, function(template) {
translator.translate(template, function(translatedTemplate) {
setTimeout(function() {
$('#content').html(translatedTemplate);
ajaxify.variables.parse();
ajaxify.widgets.render(tpl_url, url, function() {
$(window).trigger('action:ajaxify.end', {url: url});
});
$(window).trigger('action:ajaxify.contentLoaded', {url: url});
ajaxify.loadScript(tpl_url);
if (typeof callback === 'function') {
callback();
}
app.processPage();
$('#content, #footer').removeClass('ajaxifying');
ajaxify.initialLoad = false;
app.refreshTitle(url);
}, animationDuration * 1000 - ((new Date()).getTime() - startTime));
});
});
}
ajaxify.removeRelativePath = function(url) {
if (url.indexOf(RELATIVE_PATH.slice(1)) === 0) {
url = url.slice(RELATIVE_PATH.length);

16
src/controllers/accounts.js
View File

@@ -140,7 +140,7 @@ accountsController.getAccount = function(req, res, next) {
}
if (!userData) {
return helpers.notFound(res);
return helpers.notFound(req, res);
}
async.parallel({
@@ -198,7 +198,7 @@ function getFollow(route, name, req, res, next) {
function(data, next) {
userData = data;
if (!userData) {
return helpers.notFound(res);
return helpers.notFound(req, res);
}
var method = name === 'following' ? 'getFollowing' : 'getFollowers';
user[method](userData.uid, next);
@@ -223,7 +223,7 @@ accountsController.getFavourites = function(req, res, next) {
}
if (!userData) {
return helpers.notFound(res);
return helpers.notFound(req, res);
}
if (parseInt(userData.uid, 10) !== callerUID) {
@@ -252,7 +252,7 @@ accountsController.getPosts = function(req, res, next) {
}
if (!userData) {
return helpers.notFound(res);
return helpers.notFound(req, res);
}
posts.getPostsFromSet('uid:' + userData.uid + ':posts', callerUID, 0, 19, function(err, userPosts) {
if (err) {
@@ -276,7 +276,7 @@ accountsController.getTopics = function(req, res, next) {
}
if (!userData) {
return helpers.notFound(res);
return helpers.notFound(req, res);
}
var set = 'uid:' + userData.uid + ':topics';
@@ -359,7 +359,7 @@ accountsController.accountSettings = function(req, res, next) {
}
if (!userData) {
return helpers.notFound(res);
return helpers.notFound(req, res);
}
async.parallel({
@@ -502,7 +502,7 @@ accountsController.getNotifications = function(req, res, next) {
accountsController.getChats = function(req, res, next) {
if (parseInt(meta.config.disableChat) === 1) {
return helpers.notFound(res);
return helpers.notFound(req, res);
}
async.parallel({
contacts: async.apply(user.getFollowing, req.user.uid),
@@ -536,7 +536,7 @@ accountsController.getChats = function(req, res, next) {
async.apply(user.getUidByUserslug, req.params.userslug),
function(toUid, next) {
if (!toUid) {
return helpers.notFound(res);
return helpers.notFound(req, res);
}
async.parallel({
toUser: async.apply(user.getUserFields, toUid, ['uid', 'username']),

6
src/controllers/categories.js
View File

@@ -102,7 +102,7 @@ categoriesController.get = function(req, res, next) {
userPrivileges;
if (req.params.topic_index && !utils.isNumber(req.params.topic_index)) {
return helpers.notFound(res);
return helpers.notFound(req, res);
}
async.waterfall([
@@ -124,11 +124,11 @@ categoriesController.get = function(req, res, next) {
},
function(results, next) {
if (!results.exists || (results.categoryData && parseInt(results.categoryData.disabled, 10) === 1)) {
return helpers.notFound(res);
return helpers.notFound(req, res);
}
if (cid + '/' + req.params.slug !== results.categoryData.slug) {
return helpers.notFound(res);
return helpers.notFound(req, res);
}
if (!results.privileges.read) {

15
src/controllers/groups.js
View File

@@ -3,6 +3,7 @@
var groups = require('../groups'),
async = require('async'),
nconf = require('nconf'),
helpers = require('./helpers'),
groupsController = {};
groupsController.list = function(req, res, next) {
@@ -19,7 +20,7 @@ groupsController.list = function(req, res, next) {
});
};
groupsController.details = function(req, res) {
groupsController.details = function(req, res, next) {
var uid = req.user ? parseInt(req.user.uid, 10) : 0;
async.parallel({
group: function(next) {
@@ -31,11 +32,15 @@ groupsController.details = function(req, res) {
groups.getLatestMemberPosts(req.params.name, 10, uid, next);
}
}, function(err, results) {
if (!err) {
res.render('groups/details', results);
} else {
res.redirect(nconf.get('relative_path') + '/404');
if (err) {
return next(err);
}
if (!results.group) {
return helpers.notFound(req, res);
}
res.render('groups/details', results);
});
};

6
src/controllers/helpers.js
View File

@@ -4,11 +4,11 @@ var nconf = require('nconf');
var helpers = {};
helpers.notFound = function(res) {
helpers.notFound = function(req, res, error) {
if (res.locals.isAPI) {
res.status(404).json('not-found');
res.status(404).json({path: req.path.replace(/^\/api/, ''), error: error});
} else {
res.status(404).render('404');
res.status(404).render('404', {path: req.path, error: error});
}
};

14
src/controllers/index.js
View File

@@ -104,6 +104,10 @@ Controllers.home = function(req, res, next) {
};
Controllers.search = function(req, res, next) {
if (!plugins.hasListeners('filter:search.query')) {
return helpers.notFound(req, res);
}
if (!req.params.term) {
return res.render('search', {
time: 0,
@@ -115,10 +119,6 @@ Controllers.search = function(req, res, next) {
var uid = req.user ? req.user.uid : 0;
if (!plugins.hasListeners('filter:search.query')) {
return res.redirect('/404');
}
req.params.term = validator.escape(req.params.term);
search.search(req.params.term, uid, function(err, results) {
@@ -198,8 +198,8 @@ Controllers.confirmEmail = function(req, res, next) {
};
Controllers.sitemap = function(req, res, next) {
if (meta.config['feeds:disableSitemap'] === '1') {
return res.redirect(nconf.get('relative_path') + '/404');
if (parseInt(meta.config['feeds:disableSitemap'], 10) === 1) {
return helpers.notFound(req, res);
}
var sitemap = require('../sitemap.js');
@@ -238,7 +238,7 @@ Controllers.outgoing = function(req, res, next) {
Controllers.termsOfUse = function(req, res, next) {
if (!meta.config.termsOfUse) {
return helpers.notFound(res);
return helpers.notFound(req, res);
}
res.render('tos', {termsOfUse: meta.config.termsOfUse});
};

20
src/controllers/topics.js
View File

@@ -22,7 +22,7 @@ topicsController.get = function(req, res, next) {
userPrivileges;
if (req.params.post_index && !utils.isNumber(req.params.post_index)) {
return helpers.notFound(res);
return helpers.notFound(req, res);
}
async.waterfall([
@@ -42,19 +42,11 @@ topicsController.get = function(req, res, next) {
function (results, next) {
userPrivileges = results.privileges;
if (userPrivileges.disabled) {
return helpers.notFound(res);
if (userPrivileges.disabled || tid + '/' + req.params.slug !== results.topic.slug) {
return helpers.notFound(req, res);
}
if (tid + '/' + req.params.slug !== results.topic.slug) {
return helpers.notFound(res);
}
if (!userPrivileges.read) {
return helpers.notAllowed(req, res);
}
if (parseInt(results.topic.deleted, 10) && !userPrivileges.view_deleted) {
if (!userPrivileges.read || (parseInt(results.topic.deleted, 10) && !userPrivileges.view_deleted)) {
return helpers.notAllowed(req, res);
}
@@ -71,7 +63,7 @@ topicsController.get = function(req, res, next) {
}
if (settings.usePagination && (req.query.page < 1 || req.query.page > pageCount)) {
return helpers.notFound(res);
return helpers.notFound(req, res);
}
var set = 'tid:' + tid + ':posts',
@@ -114,7 +106,7 @@ topicsController.get = function(req, res, next) {
topics.getTopicWithPosts(tid, set, uid, start, end, reverse, function (err, topicData) {
if (err && err.message === '[[error:no-topic]]' && !topicData) {
return helpers.notFound(res);
return helpers.notFound(req, res);
}
if (err && !topicData) {

14
src/groups.js
View File

@@ -85,15 +85,7 @@ var async = require('async'),
async.parallel({
base: function (next) {
if (ephemeralGroups.indexOf(groupName) === -1) {
db.getObject('group:' + groupName, function(err, groupObj) {
if (err) {
next(err);
} else if (!groupObj) {
next('group-not-found');
} else {
next(err, groupObj);
}
});
db.getObject('group:' + groupName, next);
} else {
internals.getEphemeralGroup(groupName, options, next);
}
@@ -120,7 +112,7 @@ var async = require('async'),
});
}
}, function (err, results) {
if (err) {
if (err || !results.base) {
return callback(err);
}
@@ -498,7 +490,7 @@ var async = require('async'),
// If this is a hidden group, and it is now empty, delete it
Groups.get(groupName, {}, function(err, group) {
if (err) {
if (err || !group) {
return callback(err);
}

6
src/install.js
View File

@@ -261,7 +261,11 @@ function enableDefaultTheme(next) {
function createAdministrator(next) {
var Groups = require('./groups');
Groups.get('administrators', {}, function (err, groupObj) {
if (!err && groupObj && groupObj.memberCount > 0) {
if (err) {
return next(err);
}
if (groupObj && groupObj.memberCount > 0) {
winston.info('Administrator found, skipping Admin setup');
next();
} else {

47
src/middleware/middleware.js
View File

@@ -22,19 +22,16 @@ var app,
ensureLoggedIn = require('connect-ensure-login'),
controllers = {
api: require('./../controllers/api')
api: require('./../controllers/api'),
helpers: require('../controllers/helpers')
};
middleware.authenticate = function(req, res, next) {
if(!req.user) {
if (res.locals.isAPI) {
return res.status(403).json('not-allowed');
} else {
return res.redirect(nconf.get('url') + '/403');
}
} else {
next();
if (req.user) {
return next();
}
helpers.notAllowed(req, res);
};
middleware.applyCSRF = csrf();
@@ -135,23 +132,16 @@ middleware.prepareAPI = function(req, res, next) {
};
middleware.guestSearchingAllowed = function(req, res, next) {
if (!req.user && meta.config.allowGuestSearching !== '1') {
return res.redirect('/403');
if (!req.user && parseInt(meta.config.allowGuestSearching, 10) !== 1) {
return controllers.helpers.notAllowed(req, res);
}
next();
};
middleware.checkGlobalPrivacySettings = function(req, res, next) {
var callerUID = req.user ? parseInt(req.user.uid, 10) : 0;
if (!callerUID && !!parseInt(meta.config.privateUserInfo, 10)) {
if (res.locals.isAPI) {
return res.status(403).json('not-allowed');
} else {
req.session.returnTo = req.url;
return res.redirect('/login');
}
if (!req.user && !!parseInt(meta.config.privateUserInfo, 10)) {
return controllers.helpers.notAllowed(req, res);
}
next();
@@ -162,8 +152,7 @@ middleware.checkAccountPermissions = function(req, res, next) {
var callerUID = req.user ? parseInt(req.user.uid, 10) : 0;
if (callerUID === 0) {
req.session.returnTo = req.url;
return res.redirect('/login');
return controllers.helpers.notAllowed(req, res);
}
user.getUidByUserslug(req.params.userslug, function (err, uid) {
@@ -172,7 +161,7 @@ middleware.checkAccountPermissions = function(req, res, next) {
}
if (!uid) {
return res.locals.isAPI ? res.status(404).json('not-found') : res.redirect(nconf.get('relative_path') + '/404');
return controllers.helpers.notFound(req, res);
}
if (parseInt(uid, 10) === callerUID) {
@@ -180,19 +169,11 @@ middleware.checkAccountPermissions = function(req, res, next) {
}
user.isAdministrator(callerUID, function(err, isAdmin) {
if(err) {
if (err || isAdmin) {
return next(err);
}
if(isAdmin) {
return next();
}
if (res.locals.isAPI) {
res.status(403).json('not-allowed');
} else {
res.redirect(nconf.get('relative_path') + '/403');
}
controllers.helpers.notAllowed(req, res);
});
});
};

9
src/routes/feeds.js
View File

@@ -8,6 +8,7 @@ var async = require('async'),
topics = require('../topics'),
categories = require('../categories'),
meta = require('../meta'),
helpers = require('../controllers/helpers'),
privileges = require('../privileges');
function hasTopicPrivileges(req, res, next) {
@@ -31,7 +32,7 @@ function hasPrivileges(method, id, req, res, next) {
}
if (!canRead) {
return res.redirect(nconf.get('relative_path') + '/403');
return helpers.notAllowed(req, res);
}
return next();
@@ -53,7 +54,7 @@ function generateForTopic(req, res, next) {
}
if (topicData.deleted && !userPrivileges.view_deleted) {
return res.redirect(nconf.get('relative_path') + '/404');
return helpers.notFound(req, res);
}
var description = topicData.posts.length ? topicData.posts[0].content : '';
@@ -137,8 +138,8 @@ function generateForPopular(req, res, next) {
}
function disabledRSS(req, res, next) {
if (meta.config['feeds:disableRSS'] === '1') {
return res.redirect(nconf.get('relative_path') + '/404');
if (parseInt(meta.config['feeds:disableRSS'], 10) === 1) {
return helpers.notFound(req, res);
}
next();

81
src/routes/index.js
View File

@@ -164,59 +164,62 @@ module.exports = function(app, middleware) {
maxAge: app.enabled('cache') ? 5184000000 : 0
}));
app.use(catch404);
app.use(handleErrors);
handle404(app, middleware);
handleErrors(app, middleware);
// Add plugin routes
plugins.init(app, middleware);
authRoutes.reloadRoutes();
};
function handleErrors(err, req, res, next) {
// we may use properties of the error object
// here and next(err) appropriately, or if
// we possibly recovered from the error, simply next().
//console.error(err.stack, req.path);
winston.error(req.path + '\n', err.stack);
function handle404(app, middleware) {
app.use(function(req, res, next) {
var relativePath = nconf.get('relative_path');
var isLanguage = new RegExp('^' + relativePath + '/language/[\\w]{2,}/.*.json'),
isClientScript = new RegExp('^' + relativePath + '\\/src\\/.+\\.js');
if (err.code === 'EBADCSRFTOKEN') {
return res.sendStatus(403);
}
if (isClientScript.test(req.url)) {
res.type('text/javascript').status(200).send('');
} else if (isLanguage.test(req.url)) {
res.status(200).json({});
} else if (req.accepts('html')) {
if (process.env.NODE_ENV === 'development') {
winston.warn('Route requested but not found: ' + req.url);
}
var status = err.status || 500;
res.status(status);
res.status(404);
req.flash('errorMessage', err.message);
if (res.locals.isAPI) {
return res.json({path: req.path, error: 'not-found'});
}
res.redirect(nconf.get('relative_path') + '/500');
middleware.buildHeader(req, res, function() {
res.render('404', {path: req.path});
});
} else {
res.status(404).type('txt').send('Not found');
}
});
}
function catch404(req, res, next) {
var relativePath = nconf.get('relative_path');
var isLanguage = new RegExp('^' + relativePath + '/language/[\\w]{2,}/.*.json'),
isClientScript = new RegExp('^' + relativePath + '\\/src\\/.+\\.js');
function handleErrors(app, middleware) {
app.use(function(err, req, res, next) {
winston.error(req.path + '\n', err.stack);
res.status(404);
if (isClientScript.test(req.url)) {
res.type('text/javascript').status(200).send('');
} else if (isLanguage.test(req.url)) {
res.status(200).json({});
} else if (req.accepts('html')) {
if (process.env.NODE_ENV === 'development') {
winston.warn('Route requested but not found: ' + req.url);
if (err.code === 'EBADCSRFTOKEN') {
return res.sendStatus(403);
}
res.redirect(relativePath + '/404');
} else if (req.accepts('json')) {
if (process.env.NODE_ENV === 'development') {
winston.warn('Route requested but not found: ' + req.url);
}
res.status(err.status || 500);
res.json({
error: 'Not found'
});
} else {
res.type('txt').send('Not found');
}
if (res.locals.isAPI) {
return res.json({path: req.path, error: err.message});
} else {
middleware.buildHeader(req, res, function() {
res.render('500', {path: req.path, error: err.message});
});
}
});
}

17
src/routes/plugins.js
View File

@@ -8,12 +8,13 @@ var _ = require('underscore'),
async = require('async'),
winston = require('winston'),
plugins = require('../plugins');
plugins = require('../plugins'),
helpers = require('../controllers/helpers');
module.exports = function(app, middleware, controllers) {
// Static Assets
app.get('/plugins/:id/*', middleware.addExpiresHeaders, function(req, res) {
app.get('/plugins/:id/*', middleware.addExpiresHeaders, function(req, res, next) {
var relPath = req._parsedUrl.pathname.replace('/plugins/', ''),
matches = _.map(plugins.staticDirs, function(realPath, mappedPath) {
if (relPath.match(mappedPath)) {
@@ -35,19 +36,19 @@ module.exports = function(app, middleware, controllers) {
}
});
}, function(err, matches) {
// Filter out the nulls
matches = matches.filter(function(a) {
return a;
});
if (err) {
return next(err);
}
matches = matches.filter(Boolean);
if (matches.length) {
res.sendFile(matches[0]);
} else {
res.redirect(nconf.get('relative_path') + '/404');
helpers.notFound(req, res);
}
});
} else {
res.redirect(nconf.get('relative_path') + '/404');
helpers.notFound(req, res);
}
});
};

9
src/socket.io/admin/categories.js
View File

@@ -67,13 +67,18 @@ Categories.getPrivilegeSettings = function(socket, cid, callback) {
async.reduce(privileges, [], function(members, privilege, next) {
groups.get('cid:' + cid + ':privileges:' + privilege, { expand: true }, function(err, groupObj) {
if (!err) {
members = members.concat(groupObj.members);
if (err || !groupObj) {
return next(err, members);
}
members = members.concat(groupObj.members);
next(null, members);
});
}, function(err, members) {
if (err) {
return callback(err);
}
// Remove duplicates
var present = [],
x = members.length,

4
src/socket.io/admin/groups.js
View File

@@ -20,9 +20,7 @@ Groups.delete = function(socket, groupName, callback) {
Groups.get = function(socket, groupName, callback) {
groups.get(groupName, {
expand: true
}, function(err, groupObj) {
callback(err, groupObj || undefined);
});
}, callback);
};
Groups.join = function(socket, data, callback) {

2
src/views/404.tpl
View File

@@ -1,5 +1,5 @@
<div class="alert alert-danger">
<strong>[[global:404.title]]</strong>
<strong>{path} [[global:404.title]]</strong>
<!-- IF error -->
<p>{error}</p>
<!-- ELSE -->

4
src/views/500.tpl
View File

@@ -1,5 +1,7 @@
<div class="alert alert-danger">
<strong>[[global:500.title]]</strong>
<p>[[global:500.message]]</p>
<!-- IF errorMessage --><p>{errorMessage}</p><!-- ENDIF errorMessage -->
<p>{path}<p>
<!-- IF error --><p>{error}</p><!-- ENDIF error -->
</div>