From eb360351e5a7752f8340131918ab443e4cd05f7e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bar=C4=B1=C5=9F=20Soner=20U=C5=9Fakl=C4=B1?= Date: Mon, 15 Mar 2021 14:03:35 -0400 Subject: [PATCH] fix: #9394, fix guest handles --- src/api/topics.js | 3 +++ src/posts/summary.js | 9 +++++---- src/posts/user.js | 10 ++++++++++ src/topics/create.js | 5 +---- test/topics.js | 38 ++++++++++++++++++++++++++++++++++++++ 5 files changed, 57 insertions(+), 8 deletions(-) diff --git a/src/api/topics.js b/src/api/topics.js index b6678ccfa8..e0ede09b9e 100644 --- a/src/api/topics.js +++ b/src/api/topics.js @@ -68,6 +68,9 @@ topicsAPI.reply = async function (caller, data) { }; if (data.toPid) { payload.toPid = data.toPid; } + if (data.handle && !parseInt(caller.uid, 10)) { + payload.handle = data.handle; + } // Blacklist & Post Queue await meta.blacklist.test(caller.ip); diff --git a/src/posts/summary.js b/src/posts/summary.js index 93fbc5fee6..bad9849ab3 100644 --- a/src/posts/summary.js +++ b/src/posts/summary.js @@ -20,7 +20,7 @@ module.exports = function (Posts) { options.parse = options.hasOwnProperty('parse') ? options.parse : true; options.extraFields = options.hasOwnProperty('extraFields') ? options.extraFields : []; - const fields = ['pid', 'tid', 'content', 'uid', 'timestamp', 'deleted', 'upvotes', 'downvotes', 'replies'].concat(options.extraFields); + const fields = ['pid', 'tid', 'content', 'uid', 'timestamp', 'deleted', 'upvotes', 'downvotes', 'replies', 'handle'].concat(options.extraFields); let posts = await Posts.getPostsFields(pids, fields); posts = posts.filter(Boolean); @@ -45,6 +45,8 @@ module.exports = function (Posts) { post.uid = 0; } post.user = uidToUser[post.uid]; + Posts.overrideGuestHandle(post, post.handle); + post.handle = undefined; post.topic = tidToTopic[post.tid]; post.category = post.topic && cidToCategory[post.topic.cid]; post.isMainPost = post.topic && post.pid === post.topic.mainPid; @@ -60,7 +62,7 @@ module.exports = function (Posts) { }; async function parsePosts(posts, options) { - async function parse(post) { + return await Promise.all(posts.map(async (post) => { if (!post.content || !options.parse) { post.content = post.content ? validator.escape(String(post.content)) : post.content; return post; @@ -70,8 +72,7 @@ module.exports = function (Posts) { post.content = stripTags(post.content); } return post; - } - return await Promise.all(posts.map(p => parse(p))); + })); } async function getTopicAndCategories(tids) { diff --git a/src/posts/user.js b/src/posts/user.js index e5de646ed8..4509a75814 100644 --- a/src/posts/user.js +++ b/src/posts/user.js @@ -53,6 +53,16 @@ module.exports = function (Posts) { })); }; + Posts.overrideGuestHandle = function (postData, handle) { + if (meta.config.allowGuestHandles && postData && postData.user && parseInt(postData.uid, 10) === 0 && handle) { + postData.user.username = validator.escape(String(handle)); + if (postData.user.hasOwnProperty('fullname')) { + postData.user.fullname = postData.user.username; + } + postData.user.displayname = postData.user.username; + } + }; + async function checkGroupMembership(uid, groupTitleArray) { if (!Array.isArray(groupTitleArray) || !groupTitleArray.length) { return null; diff --git a/src/topics/create.js b/src/topics/create.js index 88fab6aaf4..8580ea9b87 100644 --- a/src/topics/create.js +++ b/src/topics/create.js @@ -217,10 +217,7 @@ module.exports = function (Topics) { postData.topic = topicInfo; postData.index = topicInfo.postcount - 1; - // Username override for guests, if enabled - if (meta.config.allowGuestHandles && postData.uid === 0 && data.handle) { - postData.user.username = validator.escape(String(data.handle)); - } + posts.overrideGuestHandle(postData, data.handle); postData.votes = 0; postData.bookmarked = false; diff --git a/test/topics.js b/test/topics.js index 00512a2c29..cf2ea098fe 100644 --- a/test/topics.js +++ b/test/topics.js @@ -167,6 +167,44 @@ describe('Topic\'s', () => { json: true, }); assert.strictEqual(replyResult.body.response.content, 'a reply by guest'); + assert.strictEqual(replyResult.body.response.user.username, '[[global:guest]]'); + }); + + it('should post a topic/reply as guest with handle if guest group has privileges', async () => { + const categoryObj = await categories.create({ + name: 'Test Category', + description: 'Test category created by testing script', + }); + await privileges.categories.give(['groups:topics:create'], categoryObj.cid, 'guests'); + await privileges.categories.give(['groups:topics:reply'], categoryObj.cid, 'guests'); + const oldValue = meta.config.allowGuestHandles; + meta.config.allowGuestHandles = 1; + const result = await requestType('post', `${nconf.get('url')}/api/v3/topics`, { + form: { + title: 'just a title', + cid: categoryObj.cid, + content: 'content for the main post', + handle: 'guest123', + }, + json: true, + }); + + assert.strictEqual(result.body.status.code, 'ok'); + assert.strictEqual(result.body.response.title, 'just a title'); + assert.strictEqual(result.body.response.user.username, 'guest123'); + assert.strictEqual(result.body.response.user.displayname, 'guest123'); + + const replyResult = await requestType('post', `${nconf.get('url')}/api/v3/topics/${result.body.response.tid}`, { + form: { + content: 'a reply by guest', + handle: 'guest124', + }, + json: true, + }); + assert.strictEqual(replyResult.body.response.content, 'a reply by guest'); + assert.strictEqual(replyResult.body.response.user.username, 'guest124'); + assert.strictEqual(replyResult.body.response.user.displayname, 'guest124'); + meta.config.allowGuestHandles = oldValue; }); });