@ -5,9 +5,6 @@ const express = require('express')
, { enableUserBoards } = require ( _ _dirname + '/../configs/main.json' )
, { enableUserBoards } = require ( _ _dirname + '/../configs/main.json' )
, Boards = require ( _ _dirname + '/../db/boards.js' )
, Boards = require ( _ _dirname + '/../db/boards.js' )
, Posts = require ( _ _dirname + '/../db/posts.js' )
, Posts = require ( _ _dirname + '/../db/posts.js' )
, Bans = require ( _ _dirname + '/../db/bans.js' )
, Mongo = require ( _ _dirname + '/../db/db.js' )
, { remove } = require ( 'fs-extra' )
, upload = require ( 'express-fileupload' )
, upload = require ( 'express-fileupload' )
, path = require ( 'path' )
, path = require ( 'path' )
, alphaNumericRegex = /^[a-zA-Z0-9]+$/
, alphaNumericRegex = /^[a-zA-Z0-9]+$/
@ -37,10 +34,10 @@ const express = require('express')
} )
} )
, removeBans = require ( _ _dirname + '/../models/forms/removebans.js' )
, removeBans = require ( _ _dirname + '/../models/forms/removebans.js' )
, makePost = require ( _ _dirname + '/../models/forms/makepost.js' )
, makePost = require ( _ _dirname + '/../models/forms/makepost.js' )
, deletePosts = require ( _ _dirname + '/../models/forms/deletepost.js' )
, deleteTempFiles = require ( _ _dirname + '/../helpers/files/deletetempfiles.js' )
, deleteTempFiles = require ( _ _dirname + '/../helpers/files/deletetempfiles.js' )
, uploadBanners = require ( _ _dirname + '/../models/forms/uploadbanners.js' )
, uploadBanners = require ( _ _dirname + '/../models/forms/uploadbanners.js' )
, deleteBanners = require ( _ _dirname + '/../models/forms/deletebanners.js' )
, deleteBanners = require ( _ _dirname + '/../models/forms/deletebanners.js' )
, deleteBoard = require ( _ _dirname + '/../models/forms/deleteboard.js' )
, loginAccount = require ( _ _dirname + '/../models/forms/login.js' )
, loginAccount = require ( _ _dirname + '/../models/forms/login.js' )
, changePassword = require ( _ _dirname + '/../models/forms/changepassword.js' )
, changePassword = require ( _ _dirname + '/../models/forms/changepassword.js' )
, changeBoardSettings = require ( _ _dirname + '/../models/forms/changeboardsettings.js' )
, changeBoardSettings = require ( _ _dirname + '/../models/forms/changeboardsettings.js' )
@ -610,7 +607,9 @@ async function globalActionController(req, res, next) {
}
}
//unban
//unban
router . post ( '/board/:board/unban' , csrf , Boards . exists , calcPerms , banCheck , isLoggedIn , hasPerms ( 3 ) , paramConverter , async ( req , res , next ) => {
router . post ( '/global/unban' , csrf , calcPerms , isLoggedIn , hasPerms ( 1 ) , paramConverter , removeBansController ) ;
router . post ( '/board/:board/unban' , csrf , Boards . exists , calcPerms , banCheck , isLoggedIn , hasPerms ( 3 ) , paramConverter , removeBansController ) ;
async function removeBansController ( req , res , next ) {
//keep this for later in case i add other options to unbans
//keep this for later in case i add other options to unbans
const errors = [ ] ;
const errors = [ ] ;
@ -619,101 +618,78 @@ router.post('/board/:board/unban', csrf, Boards.exists, calcPerms, banCheck, isL
errors . push ( 'Must select 1-10 bans' )
errors . push ( 'Must select 1-10 bans' )
}
}
const redirect = req . params . board ? ` / ${ req . params . board } /manage.html ` : '/globalmanage.html' ;
if ( errors . length > 0 ) {
if ( errors . length > 0 ) {
return res . status ( 400 ) . render ( 'message' , {
return res . status ( 400 ) . render ( 'message' , {
'title' : 'Bad request' ,
'title' : 'Bad request' ,
'errors' : errors ,
'errors' : errors ,
'redirect' : ` / ${ req . params . board } /manage.html `
redirect
} ) ;
} ) ;
}
}
const messages = [ ] ;
let amount = 0 ;
try {
try {
messages . push ( ( await removeBans ( req , res , next ) ) ) ;
amount = await removeBans ( req , res , next ) ;
} catch ( err ) {
} catch ( err ) {
return next ( err ) ;
return next ( err ) ;
}
}
return res . render ( 'message' , {
return res . render ( 'message' , {
'title' : 'Success' ,
'title' : 'Success' ,
'messages' : messages ,
'message' : ` Removed ${ amount } bans ` ,
'redirect' : ` / ${ req . params . board } /manage.html `
redirect
} ) ;
} ) ;
} ) ;
}
//delete board
//delete board
router . post ( '/board/:board/deleteboard' , csrf , Boards . exists , calcPerms , banCheck , isLoggedIn , hasPerms ( 2 ) , async ( req , res , next ) => {
router . post ( '/board/:board/deleteboard' , csrf , Boards . exists , calcPerms , banCheck , isLoggedIn , hasPerms ( 2 ) , deleteBoardController ) ;
router . post ( '/global/deleteboard' , csrf , calcPerms , isLoggedIn , hasPerms ( 1 ) , deleteBoardController ) ;
async function deleteBoardController ( req , res , next ) {
const errors = [ ] ;
const errors = [ ] ;
if ( ! req . body . confirm ) {
if ( ! req . body . confirm ) {
errors . push ( 'Missing confirmation' ) ;
errors . push ( 'Missing confirmation' ) ;
}
}
if ( ! req . body . uri || req . body . uri !== req . params . board ) {
if ( ! req . body . uri ) {
errors . push ( 'URI does not match' )
errors . push ( 'Missing URI' ) ;
}
if ( errors . length > 0 ) {
return res . status ( 400 ) . render ( 'message' , {
'title' : 'Bad request' ,
'errors' : errors ,
'redirect' : ` / ${ req . params . board } /manage.html `
} ) ;
}
}
if ( alphaNumericRegex . test ( req . body . uri ) !== true ) {
try {
errors . push ( 'URI must contain a-z 0-9 only' ) ;
//todo: move this to separate model file
} else {
// could be slow, might also wanna use projection to just get the files and other info necessary for deleteposts model
//no need to check these if the board name is completely invalid
await Boards . deleteOne ( res . locals . board . _id ) ;
if ( req . params . board != null && req . params . board !== req . body . uri ) {
const allPosts = await Posts . allBoardPosts ( res . locals . board . _id ) ;
//board manage page to not be able to delete other boards;
if ( allPosts . length > 0 ) {
errors . push ( 'URI does not match current board' ) ;
await deletePosts ( allPosts , res . locals . board . _id , true ) ;
} else if ( ! ( await Boards . findOne ( req . body . uri ) ) ) {
}
//global must chech exist because it skips Boards.exists middleware
await Bans . deleteBoard ( res . locals . board . _id ) ;
errors . push ( ` Board / ${ req . body . uri } / does not exist ` ) ;
await remove ( ` ${ uploadDirectory } html/ ${ req . params . board } / ` )
} catch ( err ) {
return next ( err ) ;
}
}
return res . render ( 'message' , {
'title' : 'Success' ,
'message' : 'Board deleted' ,
'redirect' : '/'
} ) ;
} ) ;
router . post ( '/global/unban' , csrf , calcPerms , isLoggedIn , hasPerms ( 1 ) , paramConverter , async ( req , res , next ) => {
const errors = [ ] ;
if ( ! req . body . checkedbans || req . body . checkedbans . length === 0 || req . body . checkedbans . length > 10 ) {
errors . push ( 'Must select 1-10 bans' )
}
}
if ( errors . length > 0 ) {
if ( errors . length > 0 ) {
return res . status ( 400 ) . render ( 'message' , {
return res . status ( 400 ) . render ( 'message' , {
'title' : 'Bad request' ,
'title' : 'Bad request' ,
'errors' : errors ,
'errors' : errors ,
'redirect' : ` /globalmanage.html `
'redirect' : req . params . board ? ` / ${ req . params . board } /manage.html ` : '/globalmanage.html'
} ) ;
} ) ;
}
}
const messages = [ ] ;
try {
try {
messages . push ( ( await removeBans ( req , res , next ) ) ) ;
await deleteBoard ( req . body . uri ) ;
} catch ( err ) {
} catch ( err ) {
return next ( err ) ;
return next ( err ) ;
}
}
return res . render ( 'message' , {
return res . render ( 'message' , {
'title' : 'Success' ,
'title' : 'Success' ,
'messages ' : messages ,
'message' : 'Board deleted' ,
'redirect' : ` /globalmanage.html `
'redirect' : req . params . board ? '/' : '/globalmanage.html'
} ) ;
} ) ;
} ) ;
}
router . post ( '/newcaptcha' , async ( req , res , next ) => {
router . post ( '/newcaptcha' , async ( req , res , next ) => {