fatchan
/
jschan
mirror of https://gitgud.io/fatchan/jschan.git
1
1
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixes #7

Browse Source
merge-requests/208/head
fatchan 5 years ago
parent ed42b02b42
commit 4371d95be7
2 changed files with 35 additions and 10 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 43
      db-models/posts.js
  2. 2
      models/api/delete-post.js

43
db-models/posts.js
Unescape View File

@ -14,6 +14,11 @@ module.exports = {
// get all thread posts (posts with null thread id)
const threads = await db.collection(board).find({
'thread': null
},{
'projection': {
'salt': 0,
'password': 0
}
}).sort({
'bumped': -1
}).skip(10*(page-1)).limit(10).toArray();
@ -22,8 +27,11 @@ module.exports = {
await Promise.all(threads.map(async thread => {
const replies = await db.collection(board).find({
'thread': thread._id
}, {
'projection': { 'salt': 0 }
},{
'projection': {
'salt': 0,
'password': 0,
}
}).sort({
'_id': -1
}).limit(3).toArray();
@ -45,7 +53,10 @@ module.exports = {
db.collection(board).findOne({
'_id': id
}, {
'projection': { 'salt': 0 } //projection to hide salts
'projection': {
'salt': 0,
'password': 0
}
}),
module.exports.getThreadPosts(board, id)
])
@ -66,7 +77,10 @@ module.exports = {
return db.collection(board).find({
'thread': id
}, {
'projection': { 'salt': 0 } //projection to hide salts
'projection': {
'salt': 0 ,
'password': 0
}
}).sort({
'_id': 1
}).toArray();
@ -79,31 +93,42 @@ module.exports = {
return db.collection(board).find({
'thread': null
}, {
'projection': { 'salt': 0 } //projection to hide salts
'projection': {
'salt': 0,
'password': 0
}
}).toArray();
},
getPost: async (board, id, salt) => {
getPost: async (board, id, admin) => {
// get a post
return db.collection(board).findOne({
'_id': id
}, {
'projection': { 'salt': salt || false } //projection to hide salts
'projection': {
'salt': admin || false,
'password': admin || false
//only reveal passwords when admin is true (e.g. getting to check salt)
}
});
},
//takes array "ids" of post ids
getPosts: async(board, ids) => {
getPosts: async(board, ids, admin) => {
return db.collection(board).find({
'_id': {
'$in': ids
}
}, {
'projection': { 'salt': 0 } //projection to hide salts
'projection': {
'salt': admin || false,
'password': admin || false
//only reveal passwords when admin is true (e.g. when fetching for deletion)
}
}).toArray();
},

2
models/api/delete-post.js
Unescape View File

@ -11,7 +11,7 @@ module.exports = async (req, res) => {
//get all posts that were checked
let posts;
try {
posts = await Posts.getPosts(req.params.board, req.body.checked);
posts = await Posts.getPosts(req.params.board, req.body.checked, true); //admin arument true, fetches passwords and salts
} catch (err) {
console.error(err);
return res.status(500).render('error');

Write Preview
Loading…
Cancel
Save