@ -10,7 +10,6 @@ const express = require('express')
, processIp = require ( _ _dirname + '/../helpers/processip.js' )
, calcPerms = require ( _ _dirname + '/../helpers/checks/calcpermsmiddleware.js' )
, hasPerms = require ( _ _dirname + '/../helpers/checks/haspermsmiddleware.js' )
, paramConverter = require ( _ _dirname + '/../helpers/paramconverter.js' )
, numFiles = require ( _ _dirname + '/../helpers/numfiles.js' )
, imageHashes = require ( _ _dirname + '/../helpers/imagehash.js' )
, banCheck = require ( _ _dirname + '/../helpers/checks/bancheck.js' )
@ -23,81 +22,61 @@ const express = require('express')
, blockBypassCheck = require ( _ _dirname + '/../helpers/checks/blockbypass.js' )
, fileMiddlewares = require ( _ _dirname + '/../helpers/filemiddlewares.js' )
//controllers
, deleteBoardController = require ( _ _dirname + '/forms/deleteboard.js' )
, editBansController = require ( _ _dirname + '/forms/editbans.js' )
, appealController = require ( _ _dirname + '/forms/appeal.js' )
, globalActionController = require ( _ _dirname + '/forms/globalactions.js' )
, actionController = require ( _ _dirname + '/forms/actions.js' )
, addCustomPageController = require ( _ _dirname + '/forms/addcustompage.js' )
, deleteCustomPageController = require ( _ _dirname + '/forms/deletecustompage.js' )
, addNewsController = require ( _ _dirname + '/forms/addnews.js' )
, editNewsController = require ( _ _dirname + '/forms/editnews.js' )
, deleteNewsController = require ( _ _dirname + '/forms/deletenews.js' )
, uploadBannersController = require ( _ _dirname + '/forms/uploadbanners.js' )
, deleteBannersController = require ( _ _dirname + '/forms/deletebanners.js' )
, addFlagsController = require ( _ _dirname + '/forms/addflags.js' )
, deleteFlagsController = require ( _ _dirname + '/forms/deleteflags.js' )
, boardSettingsController = require ( _ _dirname + '/forms/boardsettings.js' )
, transferController = require ( _ _dirname + '/forms/transfer.js' )
, resignController = require ( _ _dirname + '/forms/resign.js' )
, deleteAccountController = require ( _ _dirname + '/forms/deleteaccount.js' )
, loginController = require ( _ _dirname + '/forms/login.js' )
, registerController = require ( _ _dirname + '/forms/register.js' )
, changePasswordController = require ( _ _dirname + '/forms/changepassword.js' )
, editAccountsController = require ( _ _dirname + '/forms/editaccounts.js' )
, globalSettingsController = require ( _ _dirname + '/forms/globalsettings.js' )
, createBoardController = require ( _ _dirname + '/forms/create.js' )
, makePostController = require ( _ _dirname + '/forms/makepost.js' )
, editPostController = require ( _ _dirname + '/forms/editpost.js' )
, newCaptcha = require ( _ _dirname + '/../models/forms/newcaptcha.js' )
, blockBypass = require ( _ _dirname + '/../models/forms/blockbypass.js' )
, logout = require ( _ _dirname + '/../models/forms/logout.js' ) ;
, { deleteBoardController , editBansController , appealController , globalActionController ,
actionController , addCustomPageController , deleteCustomPageController , addNewsController ,
editNewsController , deleteNewsController , uploadBannersController , deleteBannersController ,
addFlagsController , deleteFlagsController , boardSettingsController , transferController ,
resignController , deleteAccountController , loginController , registerController , changePasswordController ,
editAccountsController , globalSettingsController , createBoardController , makePostController ,
editPostController , newCaptcha , blockBypass , logout } = require ( _ _dirname + '/forms/index.js' ) ;
//make new post
router . post ( '/board/:board/post' , geoAndTor , fileMiddlewares . postsEarly , torPreBypassCheck , processIp , useSession , sessionRefresh , Boards . exists , calcPerms , banCheck , fileMiddlewares . posts ,
paramConverter , verifyCaptcha , numFiles , blockBypassCheck , dnsblCheck , imageHashes , makePostController ) ;
makePostController . paramConverter , verifyCaptcha , numFiles , blockBypassCheck , dnsblCheck , imageHashes , makePostController . controller ) ;
router . post ( '/board/:board/modpost' , geoAndTor , fileMiddlewares . postsEarly , torPreBypassCheck , processIp , useSession , sessionRefresh , Boards . exists , calcPerms , banCheck , isLoggedIn , hasPerms ( 3 ) , fileMiddlewares . posts ,
paramConverter , csrf , numFiles , blockBypassCheck , dnsblCheck , makePostController ) ; //mod post has token instead of captcha
makePostController . paramConverter , csrf , numFiles , blockBypassCheck , dnsblCheck , makePostController . controller ) ; //mod post has token instead of captcha
//post actions
router . post ( '/board/:board/actions' , geoAndTor , torPreBypassCheck , processIp , useSession , sessionRefresh , Boards . exists , calcPerms , banCheck , paramConverter , verifyCaptcha , actionController ) ; //public, with captcha
router . post ( '/board/:board/modactions' , geoAndTor , torPreBypassCheck , processIp , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , banCheck , isLoggedIn , hasPerms ( 3 ) , paramConverter , actionController ) ; //board manage page
router . post ( '/global/actions' , geoAndTor , torPreBypassCheck , processIp , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , hasPerms ( 1 ) , paramConverter , globalActionController ) ; //global manage page
router . post ( '/board/:board/actions' , geoAndTor , torPreBypassCheck , processIp , useSession , sessionRefresh , Boards . exists , calcPerms , banCheck , actionController . paramConverter , verifyCaptcha , actionController . controller ) ; //public, with captcha
router . post ( '/board/:board/modactions' , geoAndTor , torPreBypassCheck , processIp , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , banCheck , isLoggedIn , hasPerms ( 3 ) , actionController . paramConverter , actionController . controller ) ; //board manage page
router . post ( '/global/actions' , geoAndTor , torPreBypassCheck , processIp , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , hasPerms ( 1 ) , globalActionController . paramConverter , globalActionController . controller ) ; //global manage page
//appeal ban
router . post ( '/appeal' , geoAndTor , torPreBypassCheck , processIp , useSession , sessionRefresh , paramConverter , verifyCaptcha , appealController ) ;
router . post ( '/appeal' , geoAndTor , torPreBypassCheck , processIp , useSession , sessionRefresh , appealController . paramConverter , verifyCaptcha , appealController . controller ) ;
//edit post
router . post ( '/editpost' , geoAndTor , torPreBypassCheck , processIp , useSession , sessionRefresh , csrf , paramConverter , Boards . bodyExists , calcPerms , hasPerms ( 3 ) , editPostController ) ;
router . post ( '/editpost' , geoAndTor , torPreBypassCheck , processIp , useSession , sessionRefresh , csrf , editPostController . paramConverter , Boards . bodyExists , calcPerms , hasPerms ( 3 ) , editPostController . controller ) ;
//board management forms
router . post ( '/board/:board/transfer' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 2 ) , paramConverter , transferController ) ;
router . post ( '/board/:board/settings' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 2 ) , paramConverter , boardSettingsController ) ;
router . post ( '/board/:board/addbanners' , useSession , sessionRefresh , fileMiddlewares . banner , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 2 ) , paramConverter , numFiles , uploadBannersController ) ; //add banners
router . post ( '/board/:board/deletebanners' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 2 ) , paramConverter , deleteBannersController ) ; //delete banners
router . post ( '/board/:board/addflags' , useSession , sessionRefresh , fileMiddlewares . flag , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 2 ) , paramConverter , numFiles , addFlagsController ) ; //add flags
router . post ( '/board/:board/deleteflags' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 2 ) , paramConverter , deleteFlagsController ) ; //delete flags
router . post ( '/board/:board/addcustompages' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 2 ) , paramConverter , addCustomPageController ) ; //add banners
router . post ( '/board/:board/deletecustompages' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 2 ) , paramConverter , deleteCustomPageController ) ; //delete banners
router . post ( '/board/:board/editbans' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 3 ) , paramConverter , editBansController ) ; //edit bans
router . post ( '/board/:board/deleteboard' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( config . get . deleteBoardPermLevel ) , deleteBoardController ) ; //delete board
router . post ( '/board/:board/transfer' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 2 ) , transferController . paramConverter , transferController . controller ) ;
router . post ( '/board/:board/settings' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 2 ) , boardSettingsController . paramConverter , boardSettingsController . controller ) ;
router . post ( '/board/:board/addbanners' , useSession , sessionRefresh , fileMiddlewares . banner , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 2 ) , numFiles , uploadBannersController . controller ) ; //add banners
router . post ( '/board/:board/deletebanners' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 2 ) , deleteBannersController . paramConverter , deleteBannersController . controller ) ; //delete banners
router . post ( '/board/:board/addflags' , useSession , sessionRefresh , fileMiddlewares . flag , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 2 ) , numFiles , addFlagsController . c ontroller ) ; //add flags
router . post ( '/board/:board/deleteflags' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 2 ) , deleteFlagsController . paramConverter , deleteFlagsController . c ontroller ) ; //delete flags
router . post ( '/board/:board/addcustompages' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 2 ) , addCustomPageController . paramConverter , addCustomPageController . c ontroller ) ; //add banners
router . post ( '/board/:board/deletecustompages' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 2 ) , deleteCustomPageController . paramConverter , deleteCustomPageController . c ontroller ) ; //delete banners
router . post ( '/board/:board/editbans' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( 3 ) , editBansController . paramConverter , editBansController . c ontroller ) ; //edit bans
router . post ( '/board/:board/deleteboard' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn , hasPerms ( config . get . deleteBoardPermLevel ) , deleteBoardController . controller ) ; //delete board
//global management forms
router . post ( '/global/editbans' , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , hasPerms ( 1 ) , paramConverter , editBansController ) ; //remove bans
router . post ( '/global/deleteboard' , useSession , sessionRefresh , csrf , paramConverter , calcPerms , isLoggedIn , hasPerms ( Math . min ( config . get . deleteBoardPermLevel , 1 ) ) , deleteBoardController ) ; //delete board from global management panel
router . post ( '/global/addnews' , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , hasPerms ( 0 ) , paramConverter , addNewsController ) ; //add new newspost
router . post ( '/global/editnews' , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , hasPerms ( 0 ) , paramConverter , editNewsController ) ; //add new newspost
router . post ( '/global/deletenews' , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , hasPerms ( 0 ) , paramConverter , deleteNewsController ) ; //delete news
router . post ( '/global/editaccounts' , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , hasPerms ( 0 ) , paramConverter , editAccountsController ) ; //account editing
router . post ( '/global/settings' , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , hasPerms ( 0 ) , paramConverter , globalSettingsController ) ; //global settings
router . post ( '/global/editbans' , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , hasPerms ( 1 ) , editBansController . paramConverter , editBansController . c ontroller ) ; //remove bans
router . post ( '/global/deleteboard' , useSession , sessionRefresh , csrf , deleteBoardController . paramConverter , calcPerms , isLoggedIn , hasPerms ( Math . min ( config . get . deleteBoardPermLevel , 1 ) ) , deleteBoardController . c ontroller ) ; //delete board from global management panel
router . post ( '/global/addnews' , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , hasPerms ( 0 ) , addNewsController . paramConverter , addNewsController . c ontroller ) ; //add new newspost
router . post ( '/global/editnews' , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , hasPerms ( 0 ) , editNewsController . paramConverter , editNewsController . c ontroller ) ; //add new newspost
router . post ( '/global/deletenews' , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , hasPerms ( 0 ) , deleteNewsController . paramConverter , deleteNewsController . c ontroller ) ; //delete news
router . post ( '/global/editaccounts' , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , hasPerms ( 0 ) , editAccountsController . paramConverter , editAccountsController . c ontroller ) ; //account editing
router . post ( '/global/settings' , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , hasPerms ( 0 ) , globalSettingsController . paramConverter , globalSettingsController . c ontroller ) ; //global settings
//create board
router . post ( '/create' , geoAndTor , torPreBypassCheck , processIp , useSession , sessionRefresh , isLoggedIn , verifyCaptcha , calcPerms , paramConverter , createBoardController ) ;
router . post ( '/create' , geoAndTor , torPreBypassCheck , processIp , useSession , sessionRefresh , isLoggedIn , verifyCaptcha , calcPerms , createBoardController . paramConverter , createBoardController . controller ) ;
//accounts
router . post ( '/login' , useSession , paramConverter , loginController ) ;
router . post ( '/login' , useSession , loginController . paramConverter , loginController . c ontroller ) ;
router . post ( '/logout' , useSession , logout ) ;
router . post ( '/register' , geoAndTor , torPreBypassCheck , processIp , useSession , sessionRefresh , verifyCaptcha , calcPerms , paramConverter , registerController ) ;
router . post ( '/changepassword' , geoAndTor , torPreBypassCheck , processIp , useSession , sessionRefresh , verifyCaptcha , paramConverter , changePasswordController ) ;
router . post ( '/resign' , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , paramConverter , resignController ) ;
router . post ( '/deleteaccount' , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , paramConverter , deleteAccountC ontroller) ;
router . post ( '/register' , geoAndTor , torPreBypassCheck , processIp , useSession , sessionRefresh , verifyCaptcha , calcPerms , registerController . paramConverter , registerController . c ontroller ) ;
router . post ( '/changepassword' , geoAndTor , torPreBypassCheck , processIp , useSession , sessionRefresh , verifyCaptcha , changePasswordController . paramConverter , changePasswordController . c ontroller ) ;
router . post ( '/resign' , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , resignController . paramConverter , resignController . c ontroller ) ;
router . post ( '/deleteaccount' , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn , deleteAccountController . c ontroller) ;
//removes captcha cookie, for refreshing for noscript users
router . post ( '/newcaptcha' , newCaptcha ) ;