mirror of https://gitgud.io/fatchan/jschan.git
parent
b0f09621b9
commit
92f8e993d9
16 changed files with 574 additions and 12 deletions
@ -0,0 +1,404 @@ |
||||
'use strict'; |
||||
|
||||
const express = require('express') |
||||
, router = express.Router() |
||||
, Boards = require(__dirname+'/../db/boards.js') |
||||
, Posts = require(__dirname+'/../db/posts.js') |
||||
, Trips = require(__dirname+'/../db/trips.js') |
||||
, Bans = require(__dirname+'/../db/bans.js') |
||||
, banPoster = require(__dirname+'/../models/forms/ban-poster.js') |
||||
, removeBans = require(__dirname+'/../models/forms/removebans.js') |
||||
, makePost = require(__dirname+'/../models/forms/make-post.js') |
||||
, deletePosts = require(__dirname+'/../models/forms/delete-post.js') |
||||
, spoilerPosts = require(__dirname+'/../models/forms/spoiler-post.js') |
||||
, reportPosts = require(__dirname+'/../models/forms/report-post.js') |
||||
, globalReportPosts = require(__dirname+'/../models/forms/globalreportpost.js') |
||||
, dismissReports = require(__dirname+'/../models/forms/dismiss-report.js') |
||||
, dismissGlobalReports = require(__dirname+'/../models/forms/dismissglobalreport.js') |
||||
, loginAccount = require(__dirname+'/../models/forms/login.js') |
||||
, registerAccount = require(__dirname+'/../models/forms/register.js') |
||||
, hasPerms = require(__dirname+'/../helpers/haspermsmiddleware.js') |
||||
, numberConverter = require(__dirname+'/../helpers/number-converter.js') |
||||
, banCheck = require(__dirname+'/../helpers/bancheck.js'); |
||||
|
||||
// login to account |
||||
router.post('/login', (req, res, next) => { |
||||
|
||||
const errors = []; |
||||
|
||||
//check exist |
||||
if (!req.body.username || req.body.username.length <= 0) { |
||||
errors.push('Missing username'); |
||||
} |
||||
if (!req.body.password || req.body.password.length <= 0) { |
||||
errors.push('Missing password'); |
||||
} |
||||
|
||||
//check too long |
||||
if (req.body.username && req.body.username.length > 50) { |
||||
errors.push('Username must be 50 characters or less'); |
||||
} |
||||
if (req.body.password && req.body.password.length > 100) { |
||||
errors.push('Password must be 100 characters or less'); |
||||
} |
||||
|
||||
if (errors.length > 0) { |
||||
return res.status(400).render('message', { |
||||
'title': 'Bad request', |
||||
'errors': errors, |
||||
'redirect': '/login' |
||||
}) |
||||
} |
||||
|
||||
loginAccount(req, res, next); |
||||
|
||||
}); |
||||
|
||||
//register account |
||||
router.post('/register', (req, res, next) => { |
||||
|
||||
const errors = []; |
||||
|
||||
//check exist |
||||
if (!req.body.username || req.body.username.length <= 0) { |
||||
errors.push('Missing username'); |
||||
} |
||||
if (!req.body.password || req.body.password.length <= 0) { |
||||
errors.push('Missing password'); |
||||
} |
||||
if (!req.body.passwordconfirm || req.body.passwordconfirm.length <= 0) { |
||||
errors.push('Missing password confirmation'); |
||||
} |
||||
|
||||
//check too long |
||||
if (req.body.username && req.body.username.length > 50) { |
||||
errors.push('Username must be 50 characters or less'); |
||||
} |
||||
if (req.body.password && req.body.password.length > 100) { |
||||
errors.push('Password must be 100 characters or less'); |
||||
} |
||||
if (req.body.passwordconfirm && req.body.passwordconfirm.length > 100) { |
||||
errors.push('Password confirmation must be 100 characters or less'); |
||||
} |
||||
if (req.body.password != req.body.passwordconfirm) { |
||||
errors.push('Password and password confirmation must match'); |
||||
} |
||||
|
||||
if (errors.length > 0) { |
||||
return res.status(400).render('message', { |
||||
'title': 'Bad request', |
||||
'errors': errors, |
||||
'redirect': '/register' |
||||
}) |
||||
} |
||||
|
||||
registerAccount(req, res, next); |
||||
|
||||
}); |
||||
|
||||
// make new post |
||||
router.post('/board/:board/post', Boards.exists, banCheck, numberConverter, async (req, res, next) => { |
||||
|
||||
let numFiles = 0; |
||||
if (req.files && req.files.file) { |
||||
if (Array.isArray(req.files.file)) { |
||||
numFiles = req.files.file.length; |
||||
} else { |
||||
numFiles = 1; |
||||
req.files.file = [req.files.file]; |
||||
} |
||||
} |
||||
|
||||
const errors = []; |
||||
|
||||
if (!req.body.message && numFiles === 0) { |
||||
errors.push('Must provide a message or file'); |
||||
} |
||||
if (req.body.message && req.body.message.length > 2000) { |
||||
errors.push('Message must be 2000 characters or less'); |
||||
} |
||||
if (!req.body.thread && (!req.body.message || req.body.message.length === 0)) { |
||||
errors.push('Threads must include a message'); |
||||
} |
||||
if (req.body.name && req.body.name.length > 50) { |
||||
errors.push('Name must be 50 characters or less'); |
||||
} |
||||
if (req.body.subject && req.body.subject.length > 50) { |
||||
errors.push('Subject must be 50 characters or less'); |
||||
} |
||||
if (req.body.email && req.body.email.length > 50) { |
||||
errors.push('Email must be 50 characters or less'); |
||||
} |
||||
if (req.body.password && req.body.password.length > 50) { |
||||
errors.push('Password must be 50 characters or less'); |
||||
} |
||||
|
||||
if (errors.length > 0) { |
||||
return res.status(400).render('message', { |
||||
'title': 'Bad request', |
||||
'errors': errors, |
||||
'redirect': `/${req.params.board}${req.body.thread ? '/thread/' + req.body.thread : ''}` |
||||
}) |
||||
} |
||||
|
||||
makePost(req, res, next, numFiles); |
||||
|
||||
}); |
||||
|
||||
//report/delete/spoiler/ban |
||||
router.post('/board/:board/actions', Boards.exists, banCheck, numberConverter, async (req, res, next) => { |
||||
|
||||
const errors = []; |
||||
|
||||
if (!req.body.checkedposts || req.body.checkedposts.length === 0 || req.body.checkedposts.length > 10) { |
||||
errors.push('Must select 1-10 posts') |
||||
} |
||||
if (req.body.password && req.body.password.length > 50) { |
||||
errors.push('Password must be 50 characters or less'); |
||||
} |
||||
if (req.body.report_reason && req.body.report_reason.length > 50) { |
||||
errors.push('Report must be 50 characters or less'); |
||||
} |
||||
if (req.body.ban_reason && req.body.ban_reason.length > 50) { |
||||
errors.push('Ban reason must be 50 characters or less'); |
||||
} |
||||
if (!(req.body.report |
||||
|| req.body.global_report |
||||
|| req.body.spoiler |
||||
|| req.body.delete |
||||
|| req.body.dismiss |
||||
|| req.body.global_dismiss |
||||
|| req.body.ban |
||||
|| req.body.global_ban)) { |
||||
errors.push('Invalid actions selected') |
||||
} |
||||
if (req.body.report && (!req.body.report_reason || req.body.report_reason.length === 0)) { |
||||
errors.push('Reports must have a reason') |
||||
} |
||||
|
||||
if (errors.length > 0) { |
||||
return res.status(400).render('message', { |
||||
'title': 'Bad request', |
||||
'errors': errors, |
||||
'redirect': `/${req.params.board}` |
||||
}) |
||||
} |
||||
|
||||
const posts = await Posts.getPosts(req.params.board, req.body.checkedposts, true); |
||||
if (!posts || posts.length === 0) { |
||||
return res.status(404).render('message', { |
||||
'title': 'Not found', |
||||
'errors': 'Selected posts not found', |
||||
'redirect': `/${req.params.board}` |
||||
}) |
||||
} |
||||
|
||||
const messages = []; |
||||
try { |
||||
|
||||
// if getting global banned, board ban doesnt matter |
||||
if (req.body.global_ban) { |
||||
messages.push((await banPoster(req, res, next, null, posts))); |
||||
} else if (req.body.ban) { |
||||
messages.push((await banPoster(req, res, next, req.params.board, posts))); |
||||
} |
||||
|
||||
//ban before deleting |
||||
if (req.body.delete) { |
||||
messages.push((await deletePosts(req, res, next, posts))); |
||||
} else { |
||||
// if it was getting deleted, we cant do any of these |
||||
if (req.body.spoiler) { |
||||
messages.push((await spoilerPosts(req, res, next, posts))); |
||||
} |
||||
// cannot report and dismiss at same time |
||||
if (req.body.report) { |
||||
messages.push((await reportPosts(req, res, next))); |
||||
} else if (req.body.dismiss) { |
||||
messages.push((await dismissReports(req, res, next))); |
||||
} |
||||
|
||||
// cannot report and dismiss at same time |
||||
if (req.body.global_report) { |
||||
messages.push((await globalReportPosts(req, res, next, posts))); |
||||
} else if (req.body.global_dismiss) { |
||||
messages.push((await dismissGlobalReports(req, res, next, posts))); |
||||
} |
||||
} |
||||
|
||||
} catch (err) { |
||||
//something not right |
||||
if (err.status) { |
||||
// return out special error |
||||
return res.status(err.status).render('message', err.message); |
||||
} |
||||
//some other error, use regular error handler |
||||
return next(err); |
||||
} |
||||
|
||||
return res.render('message', { |
||||
'title': 'Success', |
||||
'messages': messages, |
||||
'redirect': `/${req.params.board}` |
||||
}); |
||||
|
||||
}); |
||||
|
||||
//unban |
||||
router.post('/board/:board/unban', Boards.exists, banCheck, hasPerms, numberConverter, async (req, res, next) => { |
||||
|
||||
|
||||
|
||||
}); |
||||
|
||||
//unban |
||||
router.post('/board/:board/unban', Boards.exists, banCheck, hasPerms, numberConverter, async (req, res, next) => { |
||||
|
||||
//keep this for later in case i add other options to unbans |
||||
const errors = []; |
||||
|
||||
if (!req.body.checkedbans || req.body.checkedbans.length === 0 || req.body.checkedbans.length > 10) { |
||||
errors.push('Must select 1-10 bans') |
||||
} |
||||
|
||||
if (errors.length > 0) { |
||||
return res.status(400).render('message', { |
||||
'title': 'Bad request', |
||||
'errors': errors, |
||||
'redirect': `/${req.params.board}/manage` |
||||
}); |
||||
} |
||||
|
||||
const messages = []; |
||||
try { |
||||
messages.push((await removeBans(req, res, next))); |
||||
} catch (err) { |
||||
//something not right |
||||
if (err.status) { |
||||
// return out special error |
||||
return res.status(err.status).render('message', err.message); |
||||
} |
||||
//some other error, use regular error handler |
||||
return next(err); |
||||
} |
||||
|
||||
return res.render('message', { |
||||
'title': 'Success', |
||||
'messages': messages, |
||||
'redirect': `/${req.params.board}/manage` |
||||
}); |
||||
|
||||
}); |
||||
|
||||
router.post('/global/actions', hasPerms, numberConverter, async(req, res, next) => { |
||||
|
||||
const errors = []; |
||||
|
||||
if (!req.body.globalcheckedposts || req.body.globalcheckedposts.length === 0 || req.body.globalcheckedposts.length > 10) { |
||||
errors.push('Must select 1-10 posts') |
||||
} |
||||
if (req.body.ban_reason && req.body.ban_reason.length > 50) { |
||||
errors.push('Ban reason must be 50 characters or less'); |
||||
} |
||||
if (!(req.body.spoiler |
||||
|| req.body.delete |
||||
|| req.body.global_dismiss |
||||
|| req.body.global_ban)) { |
||||
errors.push('Invalid actions selected') |
||||
} |
||||
|
||||
if (errors.length > 0) { |
||||
return res.status(400).render('message', { |
||||
'title': 'Bad request', |
||||
'errors': errors, |
||||
'redirect': '/globalmanage' |
||||
}) |
||||
} |
||||
|
||||
const posts = await Posts.globalGetPosts(req.body.globalcheckedposts, true); |
||||
if (!posts || posts.length === 0) { |
||||
return res.status(404).render('message', { |
||||
'title': 'Not found', |
||||
'errors': 'Selected posts not found', |
||||
'redirect': '/globalmanage' |
||||
}) |
||||
} |
||||
|
||||
const messages = []; |
||||
try { |
||||
|
||||
if (req.body.global_ban) { |
||||
messages.push((await banPoster(req, res, next, null, posts))); |
||||
} |
||||
|
||||
//ban before deleting |
||||
if (req.body.delete) { |
||||
messages.push((await deletePosts(req, res, next, posts))); |
||||
} else { |
||||
// if it was getting deleted, we cant do any of these |
||||
if (req.body.spoiler) { |
||||
messages.push((await spoilerPosts(req, res, next, posts))); |
||||
} |
||||
if (req.body.global_dismiss) { |
||||
messages.push((await dismissGlobalReports(req, res, next, posts))); |
||||
} |
||||
} |
||||
|
||||
} catch (err) { |
||||
//something not right |
||||
if (err.status) { |
||||
// return out special error |
||||
return res.status(err.status).render('message', err.message); |
||||
} |
||||
//some other error, use regular error handler |
||||
return next(err); |
||||
} |
||||
|
||||
return res.render('message', { |
||||
'title': 'Success', |
||||
'messages': messages, |
||||
'redirect': `/${req.params.board}` |
||||
}); |
||||
|
||||
}); |
||||
|
||||
router.post('/global/unban', hasPerms, numberConverter, async(req, res, next) => { |
||||
|
||||
//TODO |
||||
const errors = []; |
||||
|
||||
if (!req.body.checkedbans || req.body.checkedbans.length === 0 || req.body.checkedbans.length > 10) { |
||||
errors.push('Must select 1-10 bans') |
||||
} |
||||
|
||||
if (errors.length > 0) { |
||||
return res.status(400).render('message', { |
||||
'title': 'Bad request', |
||||
'errors': errors, |
||||
'redirect': `/globalmanage` |
||||
}); |
||||
} |
||||
|
||||
const messages = []; |
||||
try { |
||||
messages.push((await removeBans(req, res, next))); |
||||
} catch (err) { |
||||
//something not right |
||||
if (err.status) { |
||||
// return out special error |
||||
return res.status(err.status).render('message', err.message); |
||||
} |
||||
//some other error, use regular error handler |
||||
return next(err); |
||||
} |
||||
|
||||
return res.render('message', { |
||||
'title': 'Success', |
||||
'messages': messages, |
||||
'redirect': `/globalmanage` |
||||
}); |
||||
|
||||
}); |
||||
|
||||
module.exports = router; |
||||
|
@ -0,0 +1,15 @@ |
||||
'use strict'; |
||||
|
||||
const path = require('path') |
||||
, util = require('util') |
||||
, fs = require('fs') |
||||
, unlink = util.promisify(fs.unlink) |
||||
, uploadDirectory = require(__dirname+'/../../helpers/uploadDirectory.js'); |
||||
|
||||
module.exports = async (filenames) => { |
||||
|
||||
await Promise.all(filenames.map(async filename => { |
||||
unlink(uploadDirectory + filename) |
||||
})); |
||||
|
||||
} |
@ -1,14 +1,21 @@ |
||||
'use strict'; |
||||
|
||||
const allowedMimeTypes = new Set([ |
||||
const imageMimeTypes = new Set([ |
||||
'image/jpeg', |
||||
'image/pjpeg', |
||||
'image/png', |
||||
'image/gif', |
||||
]); |
||||
|
||||
const videoMimeTypes = new Set([ |
||||
'image/webp', |
||||
'image/bmp', |
||||
'video/mp4', |
||||
'video/webm', |
||||
]); |
||||
|
||||
module.exports = (mimetype) => allowedMimeTypes.has(mimetype); |
||||
module.exports = (mimetype, options) => { |
||||
|
||||
return (options.video && videoMimeTypes.has(mimetype)) || (options.image && imageMimeTypes.has(mimetype)); |
||||
|
||||
}; |
||||
|
@ -0,0 +1,62 @@ |
||||
'use strict'; |
||||
|
||||
const uuidv4 = require('uuid/v4') |
||||
, path = require('path') |
||||
, uploadDirectory = require(__dirname+'/../../helpers/uploadDirectory.js') |
||||
, fileUpload = require(__dirname+'/../../helpers/files/file-upload.js') |
||||
, fileCheckMimeType = require(__dirname+'/../../helpers/files/file-check-mime-types.js') |
||||
, deleteFailedFiles = require(__dirname+'/../../helpers/files/deletefailed.js') |
||||
, imageIdentify = require(__dirname+'/../../helpers/files/image-identify.js') |
||||
, Boards = require(__dirname+'/../../db/boards.js') |
||||
|
||||
module.exports = async (req, res, next, numFiles) => { |
||||
|
||||
// check if this is responding to an existing thread
|
||||
let redirect = `/${req.params.board}/manage` |
||||
|
||||
// check all mime types befoer we try saving anything
|
||||
for (let i = 0; i < numFiles; i++) { |
||||
if (!fileCheckMimeType(req.files.file[i].mimetype, {image: true, video: false})) { |
||||
return res.status(400).render('message', { |
||||
'title': 'Bad request', |
||||
'message': `Invalid file type for ${req.files.file[i].name}. Mimetype ${req.files.file[i].mimetype} not allowed.`, |
||||
'redirect': redirect |
||||
}); |
||||
} |
||||
} |
||||
|
||||
const filenames = []; |
||||
// then upload
|
||||
for (let i = 0; i < numFiles; i++) { |
||||
const file = req.files.file[i]; |
||||
const uuid = uuidv4(); |
||||
const filename = uuid + path.extname(file.name); |
||||
//add filenames to array add processing to delete previous if one fails
|
||||
filenames.push(filename); |
||||
// try to save
|
||||
try { |
||||
//upload it
|
||||
await fileUpload(req, res, file, filename); |
||||
const imageData = await imageIdentify(filename); |
||||
const geometry = imageData.size; |
||||
//make sure its 300x100 banner
|
||||
if (geometry.width !== 300 || geometry.height !== 100) { |
||||
await deleteFailedFiles(filenames); |
||||
return res.status(400).render('message', { |
||||
'title': 'Bad request', |
||||
'message': `Invalid file ${file.name}. Banners must be 300x100.`, |
||||
'redirect': redirect |
||||
}); |
||||
} |
||||
} catch (err) { |
||||
//TODO: this better
|
||||
await deleteFailedFiles(filenames); |
||||
return next(err); |
||||
} |
||||
} |
||||
|
||||
await Boards.addBanners(req.params.board, filenames); |
||||
|
||||
return res.redirect(redirect); |
||||
|
||||
} |
@ -0,0 +1,14 @@ |
||||
section.form-wrapper |
||||
label.toggle-label Upload Banners |
||||
input.toggle(type='checkbox') |
||||
form.form-post.togglable(action=`/forms/board/${board._id}/addbanners`, enctype='multipart/form-data', method='POST') |
||||
|
||||
input(type='hidden' name='_csrf' value=csrf) |
||||
|
||||
span |
||||
input#file(type='file', name='file' multiple) |
||||
|
||||
input(type='submit', value='submit') |
||||
|
||||
|
||||
|
@ -1,4 +1,6 @@ |
||||
section.board-header |
||||
if board.banners |
||||
object.board-banner(data=`/img/${board.banners[Math.floor(Math.random()*board.banners.length)]}` width='300' height='100') |
||||
a.no-decoration(href=`/${board._id}`) |
||||
h1.board-title /#{board._id}/ - #{board.name} |
||||
h4.board-description #{board.description} |
||||
|
Loading…
Reference in new issue