@ -20,6 +20,7 @@ const express = require('express')
, dnsblCheck = require ( _ _dirname + '/../lib/middleware/ip/dnsbl.js' )
, blockBypass = require ( _ _dirname + '/../lib/middleware/captcha/blockbypass.js' )
, fileMiddlewares = require ( _ _dirname + '/../lib/middleware/file/filemiddlewares.js' )
, { setBoardLanguage , setQueryLanguage } = require ( _ _dirname + '/../lib/middleware/locale/locale.js' )
//controllers
, { deleteBoardController , editBansController , appealController , globalActionController , twofactorController ,
actionController , addCustomPageController , deleteCustomPageController , addNewsController ,
@ -31,14 +32,14 @@ const express = require('express')
editRoleController , newCaptchaForm , blockBypassForm , logoutForm , deleteSessionsController } = require ( _ _dirname + '/forms/index.js' ) ;
//make new post
router . post ( '/board/:board/post' , geoIp , processIp , useSession , sessionRefresh , Boards . exists , calcPerms , banCheck , fileMiddlewares . posts ,
router . post ( '/board/:board/post' , geoIp , processIp , useSession , sessionRefresh , Boards . exists , setBoardLanguage , calcPerms , banCheck , fileMiddlewares . posts ,
makePostController . paramConverter , verifyCaptcha , numFiles , blockBypass . middleware , dnsblCheck , imageHashes , makePostController . controller ) ;
router . post ( '/board/:board/modpost' , geoIp , processIp , useSession , sessionRefresh , Boards . exists , calcPerms , banCheck , isLoggedIn ,
router . post ( '/board/:board/modpost' , geoIp , processIp , useSession , sessionRefresh , Boards . exists , setBoardLanguage , calcPerms , banCheck , isLoggedIn ,
hasPerms . one ( Permissions . MANAGE _BOARD _GENERAL ) , fileMiddlewares . posts , makePostController . paramConverter , csrf , numFiles , blockBypass . middleware , dnsblCheck , imageHashes , makePostController . controller ) ; //mod post has token instead of captcha
//post actions
router . post ( '/board/:board/actions' , geoIp , processIp , useSession , sessionRefresh , Boards . exists , calcPerms , banCheck , actionController . paramConverter , verifyCaptcha , actionController . controller ) ; //public, with captcha
router . post ( '/board/:board/modactions' , geoIp , processIp , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , banCheck , isLoggedIn ,
router . post ( '/board/:board/actions' , geoIp , processIp , useSession , sessionRefresh , Boards . exists , setBoardLanguage , calcPerms , banCheck , actionController . paramConverter , verifyCaptcha , actionController . controller ) ; //public, with captcha
router . post ( '/board/:board/modactions' , geoIp , processIp , useSession , sessionRefresh , csrf , Boards . exists , setBoardLanguage , calcPerms , banCheck , isLoggedIn ,
hasPerms . one ( Permissions . MANAGE _BOARD _GENERAL ) , actionController . paramConverter , actionController . controller ) ; //board manage page
router . post ( '/global/actions' , geoIp , processIp , useSession , sessionRefresh , csrf , calcPerms , isLoggedIn ,
@ -47,43 +48,43 @@ router.post('/global/actions', geoIp, processIp, useSession, sessionRefresh, csr
//appeal ban
router . post ( '/appeal' , geoIp , processIp , useSession , sessionRefresh , appealController . paramConverter , verifyCaptcha , appealController . controller ) ;
//edit post
router . post ( '/editpost' , geoIp , processIp , useSession , sessionRefresh , csrf , editPostController . paramConverter , Boards . bodyExists , calcPerms ,
router . post ( '/editpost' , geoIp , processIp , useSession , sessionRefresh , csrf , editPostController . paramConverter , Boards . bodyExists , setBoardLanguage , calcPerms ,
hasPerms . any ( Permissions . MANAGE _GLOBAL _GENERAL , Permissions . MANAGE _BOARD _GENERAL ) , editPostController . controller ) ;
//board management forms
router . post ( '/board/:board/transfer' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn ,
router . post ( '/board/:board/transfer' , useSession , sessionRefresh , csrf , Boards . exists , setBoardLanguage , calcPerms , isLoggedIn ,
hasPerms . any ( Permissions . MANAGE _BOARD _OWNER , Permissions . MANAGE _GLOBAL _BOARDS ) , transferController . paramConverter , transferController . controller ) ;
router . post ( '/board/:board/settings' , geoIp , processIp , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn ,
router . post ( '/board/:board/settings' , geoIp , processIp , useSession , sessionRefresh , csrf , Boards . exists , setBoardLanguage , calcPerms , isLoggedIn ,
hasPerms . one ( Permissions . MANAGE _BOARD _SETTINGS ) , boardSettingsController . paramConverter , boardSettingsController . controller ) ;
router . post ( '/board/:board/editbans' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn ,
router . post ( '/board/:board/editbans' , useSession , sessionRefresh , csrf , Boards . exists , setBoardLanguage , calcPerms , isLoggedIn ,
hasPerms . one ( Permissions . MANAGE _BOARD _BANS ) , editBansController . paramConverter , editBansController . controller ) ; //edit bans
router . post ( '/board/:board/deleteboard' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn ,
router . post ( '/board/:board/deleteboard' , useSession , sessionRefresh , csrf , Boards . exists , setBoardLanguage , calcPerms , isLoggedIn ,
hasPerms . any ( Permissions . MANAGE _BOARD _OWNER , Permissions . MANAGE _GLOBAL _BOARDS ) , deleteBoardController . controller ) ; //delete board
//board crud banners, flags, assets, custompages
router . post ( '/board/:board/addbanners' , useSession , sessionRefresh , fileMiddlewares . banner , csrf , Boards . exists , calcPerms , isLoggedIn ,
router . post ( '/board/:board/addbanners' , useSession , sessionRefresh , Boards . exists , setBoardLanguage , fileMiddlewares . banner , csrf , calcPerms , isLoggedIn ,
hasPerms . one ( Permissions . MANAGE _BOARD _CUSTOMISATION ) , numFiles , uploadBannersController . controller ) ; //add banners
router . post ( '/board/:board/deletebanners' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn ,
router . post ( '/board/:board/deletebanners' , useSession , sessionRefresh , csrf , Boards . exists , setBoardLanguage , calcPerms , isLoggedIn ,
hasPerms . one ( Permissions . MANAGE _BOARD _CUSTOMISATION ) , deleteBannersController . paramConverter , deleteBannersController . controller ) ; //delete banners
router . post ( '/board/:board/addassets' , useSession , sessionRefresh , fileMiddlewares . asset , csrf , Boards . exists , calcPerms , isLoggedIn ,
router . post ( '/board/:board/addassets' , useSession , sessionRefresh , Boards . exists , setBoardLanguage , fileMiddlewares . asset , csrf , calcPerms , isLoggedIn ,
hasPerms . one ( Permissions . MANAGE _BOARD _CUSTOMISATION ) , numFiles , addAssetsController . controller ) ; //add assets
router . post ( '/board/:board/deleteassets' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn ,
router . post ( '/board/:board/deleteassets' , useSession , sessionRefresh , csrf , Boards . exists , setBoardLanguage , calcPerms , isLoggedIn ,
hasPerms . one ( Permissions . MANAGE _BOARD _CUSTOMISATION ) , deleteAssetsController . paramConverter , deleteAssetsController . controller ) ; //delete assets
router . post ( '/board/:board/addflags' , useSession , sessionRefresh , fileMiddlewares . flag , csrf , Boards . exists , calcPerms , isLoggedIn ,
router . post ( '/board/:board/addflags' , useSession , sessionRefresh , Boards . exists , setBoardLanguage , fileMiddlewares . flag , csrf , calcPerms , isLoggedIn ,
hasPerms . one ( Permissions . MANAGE _BOARD _CUSTOMISATION ) , numFiles , addFlagsController . controller ) ; //add flags
router . post ( '/board/:board/deleteflags' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn ,
router . post ( '/board/:board/deleteflags' , useSession , sessionRefresh , csrf , Boards . exists , setBoardLanguage , calcPerms , isLoggedIn ,
hasPerms . one ( Permissions . MANAGE _BOARD _CUSTOMISATION ) , deleteFlagsController . paramConverter , deleteFlagsController . controller ) ; //delete flags
router . post ( '/board/:board/addcustompages' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn ,
router . post ( '/board/:board/addcustompages' , useSession , sessionRefresh , csrf , Boards . exists , setBoardLanguage , calcPerms , isLoggedIn ,
hasPerms . one ( Permissions . MANAGE _BOARD _CUSTOMISATION ) , addCustomPageController . paramConverter , addCustomPageController . controller ) ; //add custom pages
router . post ( '/board/:board/deletecustompages' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn ,
router . post ( '/board/:board/deletecustompages' , useSession , sessionRefresh , csrf , Boards . exists , setBoardLanguage , calcPerms , isLoggedIn ,
hasPerms . one ( Permissions . MANAGE _BOARD _CUSTOMISATION ) , deleteCustomPageController . paramConverter , deleteCustomPageController . controller ) ; //delete custom pages
router . post ( '/board/:board/editcustompage' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn ,
router . post ( '/board/:board/editcustompage' , useSession , sessionRefresh , csrf , Boards . exists , setBoardLanguage , calcPerms , isLoggedIn ,
hasPerms . one ( Permissions . MANAGE _BOARD _CUSTOMISATION ) , editCustomPageController . paramConverter , editCustomPageController . controller ) ; //edit custom page
router . post ( '/board/:board/addstaff' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn ,
router . post ( '/board/:board/addstaff' , useSession , sessionRefresh , csrf , Boards . exists , setBoardLanguage , calcPerms , isLoggedIn ,
hasPerms . one ( Permissions . MANAGE _BOARD _STAFF ) , addStaffController . paramConverter , addStaffController . controller ) ; //add board staff
router . post ( '/board/:board/editstaff' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn ,
router . post ( '/board/:board/editstaff' , useSession , sessionRefresh , csrf , Boards . exists , setBoardLanguage , calcPerms , isLoggedIn ,
hasPerms . one ( Permissions . MANAGE _BOARD _STAFF ) , editStaffController . paramConverter , editStaffController . controller ) ; //edit staff permission
router . post ( '/board/:board/deletestaff' , useSession , sessionRefresh , csrf , Boards . exists , calcPerms , isLoggedIn ,
router . post ( '/board/:board/deletestaff' , useSession , sessionRefresh , csrf , Boards . exists , setBoardLanguage , calcPerms , isLoggedIn ,
hasPerms . one ( Permissions . MANAGE _BOARD _STAFF ) , deleteStaffController . paramConverter , deleteStaffController . controller ) ; //delete board staff
//global management forms