diff --git a/controllers/forms.js b/controllers/forms.js index 68ef34dc..92af8cd0 100644 --- a/controllers/forms.js +++ b/controllers/forms.js @@ -46,7 +46,7 @@ router.post('/login', (req, res, next) => { }) } - loginAccount(req, res); + loginAccount(req, res, next); }); @@ -88,7 +88,7 @@ router.post('/register', (req, res, next) => { }) } - registerAccount(req, res); + registerAccount(req, res, next); }); @@ -137,11 +137,11 @@ router.post('/board/:board', Boards.exists, banCheck, numberConverter, async (re }) } - makePost(req, res, numFiles); + makePost(req, res, next, numFiles); }); -//report, delete, sticky, etc +//report/delete/spoiler/ban router.post('/board/:board/posts', Boards.exists, banCheck, numberConverter, async (req, res, next) => { const errors = []; @@ -178,38 +178,45 @@ router.post('/board/:board/posts', Boards.exists, banCheck, numberConverter, asy }) } + const posts = await Posts.getPosts(req.params.board, req.body.checked, true); + if (!posts || posts.length === 0) { + return res.status(404).render('message', { + 'title': 'Not found', + 'errors': 'Selected posts not found', + 'redirect': `/${req.params.board}` + }) + } + const messages = []; try { - //TODO: maybe fetch the posts first instead of checking multiple times with multiple actions - - //global or board ban if (req.body.global_ban) { - messages.push((await banPoster(req, res, null))); + messages.push((await banPoster(req, res, next, null, posts))); } else if (req.body.ban) { - messages.push((await banPoster(req, res, req.params.board))); + messages.push((await banPoster(req, res, next, req.params.board, posts))); } - // then if not deleting, we can spoiler and report or dismiss reports if (req.body.delete) { - messages.push((await deletePosts(req, res))); + messages.push((await deletePosts(req, res, next, posts))); } else { if (req.body.spoiler) { - messages.push((await spoilerPosts(req, res))); + messages.push((await spoilerPosts(req, res, next, posts))); } if (req.body.report) { - messages.push((await reportPosts(req, res))); + messages.push((await reportPosts(req, res, next))); } else if (req.body.dismiss) { - messages.push((await dismissReports(req, res))); + messages.push((await dismissReports(req, res, next))); } } } catch (err) { + //something not right if (err.status) { + // return out special error return res.status(err.status).render('message', err.message); } - console.error(err); - return res.status(500).render('error'); + //some other error, use regular error handler + return next(err); } return res.render('message', { @@ -220,6 +227,4 @@ router.post('/board/:board/posts', Boards.exists, banCheck, numberConverter, asy }); - - module.exports = router; diff --git a/controllers/pages.js b/controllers/pages.js index c3e3bae0..d52a711d 100644 --- a/controllers/pages.js +++ b/controllers/pages.js @@ -3,13 +3,15 @@ const express = require('express') , router = express.Router() , Boards = require(__dirname+'/../db-models/boards.js') - , checkAuth = require(__dirname+'/../helpers/check-auth.js') + , hasPerms = require(__dirname+'/../helpers/haspermsmiddleware.js') + , isLoggedIn = require(__dirname+'/../helpers/isloggedin.js') , numberConverter = require(__dirname+'/../helpers/number-converter.js') //page models - , home = require(__dirname+'/../models/pages/home.js') - , register = require(__dirname+'/../models/pages/register.js') - , manage = require(__dirname+'/../models/pages/manage.js') - , login = require(__dirname+'/../models/pages/login.js') + , home = require(__dirname+'/../models/pages/home.js') + , register = require(__dirname+'/../models/pages/register.js') + , manage = require(__dirname+'/../models/pages/manage.js') + , globalmanage = require(__dirname+'/../models/pages/globalmanage.js') + , login = require(__dirname+'/../models/pages/login.js') , board = require(__dirname+'/../models/pages/board.js') , catalog = require(__dirname+'/../models/pages/catalog.js') , thread = require(__dirname+'/../models/pages/thread.js'); @@ -24,27 +26,24 @@ router.get('/login', login); router.get('/register', register); //logout -router.get('/logout', (req, res, next) => { - - if (req.session.authenticated === true) { - req.session.destroy(); - return res.render('message', { - 'title': 'Success', - 'message': 'You have been logged out successfully', - 'redirect': '/' - }); - } - - return res.status(400).render('message', { - 'title': 'Bad request', - 'message': 'You are not logged in', - 'redirect': '/login' - }) +router.get('/logout', isLoggedIn, (req, res, next) => { + + //remove session + req.session.destroy(); + + return res.render('message', { + 'title': 'Success', + 'message': 'You have been logged out successfully', + 'redirect': '/' + }); }); //board manage page -router.get('/:board/manage', Boards.exists, checkAuth, Boards.canManage, manage); +router.get('/:board/manage', Boards.exists, isLoggedIn, hasPerms, manage); + +//board manage page +router.get('/globalmanage', isLoggedIn, hasPerms, globalmanage); // board page/recents router.get('/:board/:page(\\d+)?', Boards.exists, numberConverter, board); diff --git a/db-models/bans.js b/db-models/bans.js index 3f235e74..c4d58fb2 100644 --- a/db-models/bans.js +++ b/db-models/bans.js @@ -5,6 +5,8 @@ const Mongo = require(__dirname+'/../helpers/db.js') module.exports = { + db, + find: (ip, board) => { return db.find({ 'ip': ip, diff --git a/db-models/posts.js b/db-models/posts.js index 0688a6ce..065f82d6 100644 --- a/db-models/posts.js +++ b/db-models/posts.js @@ -240,6 +240,22 @@ module.exports = { }).toArray(); }, + getAllReports: () => { + return db.find({ + 'reports.0': { + '$exists': true + } + }, { + 'projection': { + 'salt': 0, + 'password': 0, + 'ip': 0, + } + }).sort({ + 'board': 1 + }).toArray(); + }, + deleteOne: (board, options) => { return db.deleteOne(options); }, diff --git a/helpers/bancheck.js b/helpers/bancheck.js index 1d0f5fb5..5e53bff6 100644 --- a/helpers/bancheck.js +++ b/helpers/bancheck.js @@ -1,19 +1,17 @@ 'use strict'; const Bans = require(__dirname+'/../db-models/bans.js') - , hasPerms = require(__dirname+'/has-perms.js'); + , hasPerms = require(__dirname+'/hasperms.js'); module.exports = async (req, res, next) => { if (!hasPerms(req, res)) { const ip = req.headers['x-real-ip'] || req.connection.remoteAddress; - const bans = await Bans.find(ip, res.locals.board._id); + const bans = await Bans.find(ip, res.locals.board ? res.locals.board._id : null); if (bans && bans.length > 0) { //TODO: show posts banned for, expiry, etc - return res.status(403).render('message', { - 'title': 'Forbidden', - 'message': 'You are banned', - 'redirect': '/' + return res.status(403).render('ban', { + bans: bans }); } } diff --git a/helpers/has-perms.js b/helpers/has-perms.js deleted file mode 100644 index 3c64c804..00000000 --- a/helpers/has-perms.js +++ /dev/null @@ -1,9 +0,0 @@ -'use strict'; - -module.exports = (req, res) => { - return req.session.authenticated //if the user is authed - && req.session.user //if the user is logged in - && (req.session.user.authLevel > 1 //and is not a regular user - || res.locals.board.owner == req.session.user.username //or us board owner - || res.locals.board.moderators.includes(req.session.user.username)); //or is board moderator -} diff --git a/helpers/hasperms.js b/helpers/hasperms.js new file mode 100644 index 00000000..7131aaac --- /dev/null +++ b/helpers/hasperms.js @@ -0,0 +1,16 @@ +'use strict'; + +module.exports = (req, res) => { + return req.session.authenticated //if the user is authed + && req.session.user //if the user is logged in + && ( + req.session.user.authLevel > 1 //and is not a regular user + || ( + res.locals.board + && ( + res.locals.board.owner == req.session.user.username //and board owner + || res.locals.board.moderators.includes(req.session.user.username) //or board mod + ) + ) + ) +} diff --git a/helpers/haspermsmiddleware.js b/helpers/haspermsmiddleware.js new file mode 100644 index 00000000..e928c663 --- /dev/null +++ b/helpers/haspermsmiddleware.js @@ -0,0 +1,16 @@ +'use strict'; + +const hasPerms = require(__dirname+'/hasperms.js'); + +module.exports = async (req, res, next) => { + + if (!hasPerms(req, res)) { + return res.status(403).render('message', { + 'title': 'Forbidden', + 'message': 'You do not have permission to access this page', + 'redirect': '/' + }); + } + next(); + +} diff --git a/helpers/check-auth.js b/helpers/isloggedin.js similarity index 100% rename from helpers/check-auth.js rename to helpers/isloggedin.js diff --git a/models/forms/ban-poster.js b/models/forms/ban-poster.js index c017ca5c..16eb2554 100644 --- a/models/forms/ban-poster.js +++ b/models/forms/ban-poster.js @@ -1,11 +1,13 @@ 'use strict'; const uploadDirectory = require(__dirname+'/../../helpers/uploadDirectory.js') - , hasPerms = require(__dirname+'/../../helpers/has-perms.js') + , hasPerms = require(__dirname+'/../../helpers/hasperms.js') , Bans = require(__dirname+'/../../db-models/bans.js') , Posts = require(__dirname+'/../../db-models/posts.js'); -module.exports = async (req, res, board) => { +module.exports = async (req, res, next, board, checkedPosts) => { + + const posts = checkedPosts; //if user is not logged in or if logged in but not authed, they cannot ban if (!hasPerms(req, res)) { @@ -19,33 +21,24 @@ module.exports = async (req, res, board) => { }; } - //get all posts that were checked - let posts = await Posts.getPosts(req.params.board, req.body.checked, true); //admin arument true, fetches passwords and salts - - if (!posts || posts.length === 0) { - throw { - 'status': 400, - 'message': { - 'title': 'Bad requests', - 'message': 'No posts found', - 'redirect': `/${req.params.board}` - } - }; - } - const bans = posts.map(post => { return { 'ip': post.ip, + 'reason': req.body.reason || 'No reason specified', 'board': board, - 'post': post, - 'issuer': req.session.user.username + 'post': req.body.delete ? null : post, + 'issuer': req.session.user.username, + 'date': new Date(), + 'expireAt': new Date((new Date).getTime() + (72*1000*60*60)) // 72h ban } }); let bannedIps = 0; - const result = await Bans.insertMany(bans, board); - console.log(result) - bannedIps = result.insertedCount; + try { + bannedIps = await Bans.insertMany(bans).then(result => result.insertedCount); + } catch (err) { + return next(err); + } return `Banned ${bannedIps} ips`; diff --git a/models/forms/delete-post.js b/models/forms/delete-post.js index 7eb79f8e..e52db7ad 100644 --- a/models/forms/delete-post.js +++ b/models/forms/delete-post.js @@ -5,24 +5,12 @@ const path = require('path') , fs = require('fs') , unlink = util.promisify(fs.unlink) , uploadDirectory = require(__dirname+'/../../helpers/uploadDirectory.js') - , hasPerms = require(__dirname+'/../../helpers/has-perms.js') + , hasPerms = require(__dirname+'/../../helpers/hasperms.js') , Posts = require(__dirname+'/../../db-models/posts.js'); -module.exports = async (req, res) => { +module.exports = async (req, res, next, checkedPosts) => { - //get all posts that were checked - let posts = await Posts.getPosts(req.params.board, req.body.checked, true); //admin arument true, fetches passwords and salts - - if (!posts || posts.length === 0) { - throw { - 'status': 400, - 'message': { - 'title': 'Bad request', - 'message': 'No posts found', - 'redirect': `/${req.params.board}` - } - }; - } + let posts = checkedPosts; //if user is not logged in OR if lgoged in but not authed, filter the posts by passwords that are not null if (!hasPerms(req, res)) { @@ -34,14 +22,14 @@ module.exports = async (req, res) => { && post.password == req.body.password }); if (posts.length === 0) { - throw { - 'status': 403, - 'message': { - 'title': 'Forbidden', - 'message': 'Password did not match any selected posts', - 'redirect': `/${req.params.board}` - } - }; + throw { + 'status': 403, + 'message': { + 'title': 'Forbidden', + 'message': 'Password did not match any selected posts', + 'redirect': `/${req.params.board}` + } + }; } } @@ -60,8 +48,11 @@ module.exports = async (req, res) => { //delete posts from DB let deletedPosts = 0; - const result = await Posts.deleteMany(req.params.board, allPosts.map(x => x.postId)); - deletedPosts = result.deletedCount; + try { + deletedPosts = await Posts.deleteMany(req.params.board, allPosts.map(x => x.postId)).then(result => result.deletedCount); + } catch (err) { + return next(err); + } //get filenames from all the posts let fileNames = []; diff --git a/models/forms/dismiss-report.js b/models/forms/dismiss-report.js index c7d8e46d..e8bb8e0c 100644 --- a/models/forms/dismiss-report.js +++ b/models/forms/dismiss-report.js @@ -1,9 +1,9 @@ 'use strict'; const Posts = require(__dirname+'/../../db-models/posts.js') - , hasPerms = require(__dirname+'/../../helpers/has-perms.js'); + , hasPerms = require(__dirname+'/../../helpers/hasperms.js'); -module.exports = async (req, res) => { +module.exports = async (req, res, next) => { if (!hasPerms(req, res)) { throw { @@ -16,8 +16,12 @@ module.exports = async (req, res) => { }; } - await Posts.dismissReports(req.params.board, req.body.checked); + try { + await Posts.dismissReports(req.params.board, req.body.checked); + } catch (err) { + return next(err); + } - return `Dismissed report(s) successfully` + return `Dismissed report(s) successfully`; } diff --git a/models/forms/edit-post.js b/models/forms/edit-post.js index 6c8bad63..c256881c 100644 --- a/models/forms/edit-post.js +++ b/models/forms/edit-post.js @@ -1,13 +1,18 @@ 'use strict'; const uuidv4 = require('uuid/v4') - , path = require('path') - , Posts = require(__dirname+'/../../db-models/posts.js') + , path = require('path') + , Posts = require(__dirname+'/../../db-models/posts.js') -module.exports = async (req, res, numFiles) => { +module.exports = async (req, res, next, numFiles) => { // get the post that we are trying to edit - let post = await Posts.getPost(req.params.board, req.body.id, true); + let post; + try { + post = await Posts.getPost(req.params.board, req.body.id, true); + } catch (err) { + return next(err); + } if (!thread || thread.thread != null) { throw { diff --git a/models/forms/login.js b/models/forms/login.js index 07720bef..4db2da19 100644 --- a/models/forms/login.js +++ b/models/forms/login.js @@ -3,7 +3,7 @@ const bcrypt = require('bcrypt') , Accounts = require(__dirname+'/../../db-models/accounts.js'); -module.exports = async (req, res) => { +module.exports = async (req, res, next) => { const username = req.body.username.toLowerCase(); const password = req.body.password; @@ -13,8 +13,7 @@ module.exports = async (req, res) => { try { account = await Accounts.findOne(username); } catch (err) { - console.error(err); - return res.status(500).render('error'); + return next(err); } //if the account doesnt exist, reject @@ -31,8 +30,7 @@ module.exports = async (req, res) => { try { passwordMatch = await bcrypt.compare(password, account.passwordHash); } catch (err) { - console.error(err); - return res.status(500).render('error'); + return next(err); } //if hashes matched diff --git a/models/forms/make-post.js b/models/forms/make-post.js index 5d5c76fd..359399a0 100644 --- a/models/forms/make-post.js +++ b/models/forms/make-post.js @@ -25,7 +25,7 @@ const uuidv4 = require('uuid/v4') , videoIdentify = require(__dirname+'/../../helpers/files/video-identify.js') , formatSize = require(__dirname+'/../../helpers/files/format-size.js') -module.exports = async (req, res, numFiles) => { +module.exports = async (req, res, next, numFiles) => { // check if this is responding to an existing thread let redirect = `/${req.params.board}` @@ -35,8 +35,7 @@ module.exports = async (req, res, numFiles) => { try { thread = await Posts.getPost(req.params.board, req.body.thread, true); } catch (err) { - console.error(err); - return res.status(500).render('error'); + return next(err); } if (!thread || thread.thread != null) { return res.status(400).render('message', { @@ -100,7 +99,7 @@ module.exports = async (req, res, numFiles) => { await videoThumbnail(filename); break; default: - return res.status(500).render('error'); //how did we get here? + return next(err); } //make thumbnail @@ -119,9 +118,8 @@ module.exports = async (req, res, numFiles) => { files.push(processedFile); } catch (err) { - console.error(err); //TODO: DELETE FAILED FILES - return res.status(500).render('error'); + return next(err); } } } @@ -174,8 +172,7 @@ module.exports = async (req, res, numFiles) => { try { postId = await Posts.insertOne(req.params.board, data); } catch (err) { - console.error(err); - return res.status(500).render('error'); + return next(err); } const successRedirect = `/${req.params.board}/thread/${req.body.thread || postId}#${postId}`; diff --git a/models/forms/register.js b/models/forms/register.js index 023357e3..6a576c8c 100644 --- a/models/forms/register.js +++ b/models/forms/register.js @@ -3,7 +3,7 @@ const bcrypt = require('bcrypt') , Accounts = require(__dirname+'/../../db-models/accounts.js'); -module.exports = async (req, res) => { +module.exports = async (req, res, next) => { const username = req.body.username.toLowerCase(); const password = req.body.password; @@ -12,8 +12,7 @@ module.exports = async (req, res) => { try { account = await Accounts.findOne(username); } catch (err) { - console.error(err); - return res.status(500).render('error'); + return next(err); } // if the account exists reject @@ -29,8 +28,7 @@ module.exports = async (req, res) => { try { await Accounts.insertOne(username, password, 1); } catch (err) { - console.error(err); - return res.status(500).render('error'); + return next(err); } return res.render('message', { diff --git a/models/forms/report-post.js b/models/forms/report-post.js index 89d012fb..2778bc67 100644 --- a/models/forms/report-post.js +++ b/models/forms/report-post.js @@ -2,7 +2,7 @@ const Posts = require(__dirname+'/../../db-models/posts.js'); -module.exports = async (req, res) => { +module.exports = async (req, res, next) => { const ip = req.headers['x-real-ip'] || req.connection.remoteAddress; const report = { @@ -12,7 +12,11 @@ module.exports = async (req, res) => { } //push the report to all checked posts - await Posts.reportMany(req.params.board, req.body.checked, report); + try { + await Posts.reportMany(req.params.board, req.body.checked, report); + } catch (err) { + return next(err); + } //hooray! return `Reported post(s) successfully` diff --git a/models/forms/spoiler-post.js b/models/forms/spoiler-post.js index ceababbb..04f17d25 100644 --- a/models/forms/spoiler-post.js +++ b/models/forms/spoiler-post.js @@ -5,13 +5,13 @@ const path = require('path') , fs = require('fs') , unlink = util.promisify(fs.unlink) , uploadDirectory = require(__dirname+'/../../helpers/uploadDirectory.js') - , hasPerms = require(__dirname+'/../../helpers/has-perms.js') + , hasPerms = require(__dirname+'/../../helpers/hasperms.js') , Posts = require(__dirname+'/../../db-models/posts.js'); -module.exports = async (req, res) => { +module.exports = async (req, res, next, checkedPosts) => { //get all posts that were checked - let posts = await Posts.getPosts(req.params.board, req.body.checked, true); //admin arument true, fetches passwords and salts + let posts = checkedPosts; if (!posts || posts.length === 0) { throw { @@ -63,8 +63,11 @@ module.exports = async (req, res) => { // spoiler posts let spoileredPosts = 0; - const result = await Posts.spoilerMany(req.params.board, posts.map(x => x.postId)); - spoileredPosts = result.modifiedCount; + try { + spoileredPosts = await Posts.spoilerMany(req.params.board, posts.map(x => x.postId)).then(result => result.modifiedCount); + } catch (err) { + return next(err); + } //hooray! return `Spoilered ${spoileredPosts} posts` diff --git a/models/pages/board.js b/models/pages/board.js index a4f4a64b..5a1389eb 100644 --- a/models/pages/board.js +++ b/models/pages/board.js @@ -10,8 +10,7 @@ module.exports = async (req, res, next) => { threads = await Posts.getRecent(req.params.board, req.params.page || 1); pages = Math.ceil((await Posts.getPages(req.params.board)) / 10); } catch (err) { - console.error(err) - return next(); + return next(err); } //render the page diff --git a/models/pages/catalog.js b/models/pages/catalog.js index aefd36ce..a8cb2ac2 100644 --- a/models/pages/catalog.js +++ b/models/pages/catalog.js @@ -9,8 +9,7 @@ module.exports = async (req, res, next) => { try { threads = await Posts.getCatalog(req.params.board); } catch (err) { - console.error(err); - return next(); + return next(err); } //render the page diff --git a/models/pages/globalmanage.js b/models/pages/globalmanage.js new file mode 100644 index 00000000..51bf9157 --- /dev/null +++ b/models/pages/globalmanage.js @@ -0,0 +1,20 @@ +'use strict'; + +const Posts = require(__dirname+'/../../db-models/posts.js'); + +module.exports = async (req, res, next) => { + + let posts; + try { + posts = await Posts.getAllReports(); + } catch (err) { + return next(err); + } + + //render the page + res.render('globalmanage', { + csrf: req.csrfToken(), + posts: posts + }); + +} diff --git a/models/pages/home.js b/models/pages/home.js index f8640e0f..2bfbb9e7 100644 --- a/models/pages/home.js +++ b/models/pages/home.js @@ -9,8 +9,7 @@ module.exports = async (req, res, next) => { try { boards = await Boards.find(); } catch (err) { - console.error(err) - return next(); + return next(err); } //render the page diff --git a/models/pages/login.js b/models/pages/login.js index d4241372..70f9275d 100644 --- a/models/pages/login.js +++ b/models/pages/login.js @@ -1,6 +1,6 @@ 'use strict'; -module.exports = (req, res) => { +module.exports = (req, res, next) => { //render the page res.render('login', { diff --git a/models/pages/manage.js b/models/pages/manage.js index 4a1de412..a981b79c 100644 --- a/models/pages/manage.js +++ b/models/pages/manage.js @@ -2,14 +2,13 @@ const Posts = require(__dirname+'/../../db-models/posts.js'); -module.exports = async (req, res) => { +module.exports = async (req, res, next) => { let posts; try { posts = await Posts.getReports(req.params.board); } catch (err) { - console.error(err); - return res.status(500).render('error'); + return next(err) } //render the page diff --git a/models/pages/register.js b/models/pages/register.js index ce522342..f8ce78fb 100644 --- a/models/pages/register.js +++ b/models/pages/register.js @@ -1,15 +1,6 @@ 'use strict'; -module.exports = (req, res) => { - - //send home if already logged in - if (req.session.authenticated === true) { - return res.status(400).render('message', { - 'title': 'Notice', - 'message': 'You are already logged in. Redirecting you to back home.', - 'redirect': '/' - }); - } +module.exports = (req, res, next) => { //render the page res.render('register', { diff --git a/models/pages/thread.js b/models/pages/thread.js index 67b2b75d..3ff515ce 100644 --- a/models/pages/thread.js +++ b/models/pages/thread.js @@ -9,8 +9,7 @@ module.exports = async (req, res, next) => { try { thread = await Posts.getThread(req.params.board, req.params.id); } catch (err) { - console.error(err); - return next(); + return next(err); } if (!thread) { diff --git a/server.js b/server.js index 5ee75cd9..8773f802 100644 --- a/server.js +++ b/server.js @@ -74,7 +74,10 @@ const express = require('express') return res.status(403).send('Invalid CSRF token') } console.error(err.stack) - return res.status(500).render('error') + return res.status(500).render('message', { + 'title': 'Internal Server Error', + 'redirect': req.header('Referer') || '/' + }) }) // listen diff --git a/views/mixins/post.pug b/views/mixins/post.pug index 9af10305..e1cc90e9 100644 --- a/views/mixins/post.pug +++ b/views/mixins/post.pug @@ -1,4 +1,4 @@ -mixin post(board, post, truncate) +mixin post(board, post, truncate, showreports) article(id=post.postId class='post-container '+(post.thread ? '' : 'op')) header.post-info input.post-check(type='checkbox', name='checked[]' value=post.postId) @@ -44,7 +44,7 @@ mixin post(board, post, truncate) blockquote.post-message !{post.message} else blockquote.post-message !{post.message} - if post.reports + if showreports && post.reports each report in post.reports .reports.post-container span Date: #{report.date.toLocaleString()} diff --git a/views/pages/ban.pug b/views/pages/ban.pug new file mode 100644 index 00000000..515efd80 --- /dev/null +++ b/views/pages/ban.pug @@ -0,0 +1,25 @@ +extends ../layout.pug +include ../mixins/post.pug + +block head + title Banned! + +block content + h1.board-title Banned! + hr(size=1) + Bans currently in place against your IP: + hr(size=1) + for ban in bans + if ban.board + div Board: #[a(href=`/${ban.board}`) /#{ban.board}/] + else + div Global ban. + div Reason: #{ban.reason} + div Issuer: #{ban.issuer} + div Date: #{ban.date} + div Expiry: #{ban.expireAt} + if ban.post + span Post: + section.thread + +post(ban.post.board, ban.post, false) + hr(size=1) diff --git a/views/pages/globalmanage.pug b/views/pages/globalmanage.pug new file mode 100644 index 00000000..75b0bb85 --- /dev/null +++ b/views/pages/globalmanage.pug @@ -0,0 +1,11 @@ +extends ../layout.pug +include ../mixins/post.pug + +block head + title Manage + +block content + h1.board-title Global Management + hr(size=1) + p under construction + diff --git a/views/pages/manage.pug b/views/pages/manage.pug index cb6e86e7..f4cacf23 100644 --- a/views/pages/manage.pug +++ b/views/pages/manage.pug @@ -15,7 +15,7 @@ block content hr(size=1) for post in posts section.thread - +post(board, post) + +post(board, post, false, true) hr(size=1) section.action-wrapper span @@ -26,6 +26,10 @@ block content label input.post-check(type='checkbox', name='spoiler' value=1) | Spoiler + span + label + input.post-check(type='checkbox', name='dismiss' value=1) + | Dismiss span label input.post-check(type='checkbox', name='ban' value=1) diff --git a/wipe.js b/wipe.js index 0189c090..09f59161 100644 --- a/wipe.js +++ b/wipe.js @@ -43,6 +43,8 @@ const Mongo = require(__dirname+'/helpers/db.js') moderators: [], }) console.log('creating indexes') + await Bans.db.dropIndexes(); + await Bans.db.createIndex({ "expireAt": 1 }, { expireAfterSeconds: 0 }); await Posts.db.dropIndexes(); //these are fucked await Posts.db.createIndex({