Vulcan/packages/nova-posts/lib/methods.js

/**
 *
 * Post Methods
 *
 */

Posts.methods = {};
/**
 * Insert a post in the database (note: optional post properties not listed here)
 * @param {Object} post - the post being inserted
 * @param {string} post.userId - the id of the user the post belongs to
 * @param {string} post.title - the post's title
 */
Posts.methods.new = function (post) {

  post = Telescope.callbacks.run("posts.new.sync", post, Meteor.user());

  post._id = Posts.insert(post);

  // note: query for post to get fresh document with collection-hooks effects applied
  Telescope.callbacks.runAsync("posts.new.async", Posts.findOne(post._id));

  return post;
};

/**
 * Edit a post in the database
 * @param {string} postId – the ID of the post being edited
 * @param {Object} modifier – the modifier object
 * @param {Object} post - the current post object
 */
Posts.methods.edit = function (postId, modifier, post) {

  if (typeof post === "undefined") {
    post = Posts.findOne(postId);
  }

  modifier = Telescope.callbacks.run("posts.edit.sync", modifier, post);

  Posts.update(postId, modifier);

  Telescope.callbacks.runAsync("posts.edit.async", Posts.findOne(postId), post);

  return Posts.findOne(postId);
};

// ------------------------------------------------------------------------------------------- //
// ----------------------------------------- Methods ----------------------------------------- //
// ------------------------------------------------------------------------------------------- //

var postViews = [];

Meteor.methods({

  /**
   * Meteor method for submitting a post from the client
   * @memberof Posts
   * @param {Object} post - the post being inserted
   */
  'posts.new': function(post){

    check(post, Posts.simpleSchema());

    // required properties:
    // title

    // optional properties
    // URL
    // body
    // categories
    // thumbnailUrl

    // NOTE: the current user and the post author user might be two different users!

    // TODO: find a way to bind `this` to do the following in a callback?

    post = Telescope.callbacks.run("posts.new.method", post, Meteor.user());

    if (Meteor.isServer) {
      post.userIP = this.connection.clientAddress;
      post.userAgent = this.connection.httpHeaders["user-agent"];
    }

    return Posts.methods.new(post);
  },

  /**
   * Meteor method for editing a post from the client
   * @memberof Posts
   * @param {Object} modifier - the update modifier
   * @param {Object} postId - the id of the post being updated
   */
  'posts.edit': function (postId, modifier) {

    // checking might be redundant because SimpleSchema already enforces the schema, but you never know
    check(modifier, Match.OneOf({$set: Posts.simpleSchema()}, {$unset: Object}, {$set: Posts.simpleSchema(), $unset: Object}));
    check(postId, String);

    var user = Meteor.user(),
        post = Posts.findOne(postId),
        schema = Posts.simpleSchema()._schema;

    // ------------------------------ Checks ------------------------------ //

    // check that user can edit document
    if (!user || !Users.can.edit(user, post)) {
      throw new Meteor.Error(601, __('sorry_you_cannot_edit_this_post'));
    }

    // go over each field and throw an error if it's not editable
    // loop over each operation ($set, $unset, etc.)
    _.each(modifier, function (operation) {
      // loop over each property being operated on
      _.keys(operation).forEach(function (fieldName) {

        var field = schema[fieldName];
        if (!Users.can.editField(user, field, post)) {
          throw new Meteor.Error("disallowed_property", __('disallowed_property_detected') + ": " + fieldName);
        }

      });
    });

    return Posts.methods.edit(postId, modifier, post);

  },

  'posts.approve': function(postId){

    check(postId, String);
    
    var post = Posts.findOne(postId);
    var now = new Date();

    if(Users.is.admin(Meteor.user())){

      var set = {status: Posts.config.STATUS_APPROVED};

      if (!post.postedAt) {
        set.postedAt = now;
      }
      
      Posts.update(post._id, {$set: set});

      Telescope.callbacks.runAsync("postApproveAsync", post);

    }else{
      Messages.flash('You need to be an admin to do that.', "error");
    }
  },

  'posts.reject': function(postId){

    check(postId, String);
    var post = Posts.findOne(postId);
    
    if(Users.is.admin(Meteor.user())){

      Posts.update(post._id, {$set: {status: Posts.config.STATUS_REJECTED}});

      Telescope.callbacks.runAsync("postRejectAsync", post);
    
    }else{
      Messages.flash('You need to be an admin to do that.', "error");
    }
  },

  'posts.increaseViews': function(postId, sessionId){

    check(postId, String);
    check(sessionId, Match.Any);

    

    // only let users increment a post's view counter once per session
    var view = {_id: postId, userId: this.userId, sessionId: sessionId};

    if(_.where(postViews, view).length === 0){
      postViews.push(view);
      Posts.update(postId, { $inc: { viewCount: 1 }});
    }
  },

  'posts.deleteById': function(postId) {

    check(postId, String);

    // remove post comments
    // if(!this.isSimulation) {
    //   Comments.remove({post: postId});
    // }
    // NOTE: actually, keep comments after all

    var post = Posts.findOne({_id: postId});

    if(!Meteor.userId() || !Users.can.editById(Meteor.userId(), post)) throw new Meteor.Error(606, 'You need permission to edit or delete a post');

    // decrement post count
    Users.update({_id: post.userId}, {$inc: {"telescope.postCount": -1}});

    // delete post
    Posts.remove(postId);

    Telescope.callbacks.runAsync("postDeleteAsync", post);

  },

  'posts.checkForDuplicates': function (url) {
    Posts.checkForSameUrl(url);  
  },

  'posts.upvote': function (postId) {
    check(postId, String);
    return Telescope.operateOnItem.call(this, Posts, postId, Meteor.user(), "upvote");
  },

  'posts.downvote': function (postId) {
    check(postId, String);
    return Telescope.operateOnItem.call(this, Posts, postId, Meteor.user(), "downvote");
  },

  'posts.cancelUpvote': function (postId) {
    check(postId, String);
    return Telescope.operateOnItem.call(this, Posts, postId, Meteor.user(), "cancelUpvote");
  },

  'posts.cancelDownvote': function (postId) {
    check(postId, String);
    return Telescope.operateOnItem.call(this, Posts, postId, Meteor.user(), "cancelDownvote");
  }

});
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
+								/**
 								 *
 								 * Post Methods
 								 *
 								 */
-												adding i18n package stub; working on new post page; adding user accounts widget

											
										
										
											2016-02-18 11:55:00 +09:00
+								Posts.methods = {};
-												various fixes; started working on template-level sub controller

											
										
										
											2015-04-29 12:16:14 +09:00
+								/**
 								 * Insert a post in the database (note: optional post properties not listed here)
-												working on documentation

											
										
										
											2015-05-10 13:37:42 +09:00
+								 * @param {Object} post - the post being inserted
 								 * @param {string} post.userId - the id of the user the post belongs to
-												various fixes; started working on template-level sub controller

											
										
										
											2015-04-29 12:16:14 +09:00
+								 * @param {string} post.title - the post's title
 								 */
-												adding i18n package stub; working on new post page; adding user accounts widget

											
										
										
											2016-02-18 11:55:00 +09:00
+								Posts.methods.new = function (post) {
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
-												convert posts.new to callbacks; fix flash message typos

											
										
										
											2016-02-24 18:11:53 +09:00
+								  post = Telescope.callbacks.run("posts.new.sync", post, Meteor.user());
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
 								  post._id = Posts.insert(post);
-												completely refactor notifications code

											
										
										
											2015-06-24 15:38:14 +09:00
+								  // note: query for post to get fresh document with collection-hooks effects applied
-												convert posts.new to callbacks; fix flash message typos

											
										
										
											2016-02-24 18:11:53 +09:00
+								  Telescope.callbacks.runAsync("posts.new.async", Posts.findOne(post._id));
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
 								  return post;
-												Improve jsHint consistency

This commit touch a lot of lines of code with the goal to be more
rigorous about JavaScript code conventions defined in the `.jshintrc`.

Some modification:

* Add a list of used global symbols in the corresponding section of
  `.jshintrc`
* Use local variables instead of global in a lot of places where the
  keyword `var` was mistakenly forgotten
* Add missing semi-colons after instructions
* Add new lines at the end of files
* Remove trailing whitespaces
* Use newer name of some Meteor APIs, eg `addFiles` instead of
  `add_files`
* Add missing `break` statements in `switch` blocks
* Use `===` instead of `==` and `!==` instead of `!=`
* Remove unused variables

This commit should also fix a few bugs due to this lack of rigor. One
example of that was the test `typeof navElements === "array"` that was
never true because in JavaScript, `typeof [] === "object"`, we
replaced this test by the `_.isArray` method provided by underscore.
It might also fix some potential collision related to global
variables.

There is still plenty of work until Telescope code base passes jsHint
validation, but at least this commit is a step in the right direction.

											
										
										
											2015-05-01 18:22:00 +02:00
+								};
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
-												working on documentation

											
										
										
											2015-05-10 13:37:42 +09:00
+								/**
 								 * Edit a post in the database
 								 * @param {string} postId – the ID of the post being edited
 								 * @param {Object} modifier – the modifier object
 								 * @param {Object} post - the current post object
 								 */
-												adding i18n package stub; working on new post page; adding user accounts widget

											
										
										
											2016-02-18 11:55:00 +09:00
+								Posts.methods.edit = function (postId, modifier, post) {
-												Add third "constant" parameter to callbacks; split callbacks.run into run and runAsync; split postEdit and commentEdit in two

											
										
										
											2015-05-04 10:19:50 +09:00
 								  if (typeof post === "undefined") {
 								    post = Posts.findOne(postId);
 								  }
-												convert posts.new to callbacks; fix flash message typos

											
										
										
											2016-02-24 18:11:53 +09:00
+								  modifier = Telescope.callbacks.run("posts.edit.sync", modifier, post);
-												Add third "constant" parameter to callbacks; split callbacks.run into run and runAsync; split postEdit and commentEdit in two

											
										
										
											2015-05-04 10:19:50 +09:00
 								  Posts.update(postId, modifier);
-												convert posts.new to callbacks; fix flash message typos

											
										
										
											2016-02-24 18:11:53 +09:00
+								  Telescope.callbacks.runAsync("posts.edit.async", Posts.findOne(postId), post);
-												Add third "constant" parameter to callbacks; split callbacks.run into run and runAsync; split postEdit and commentEdit in two

											
										
										
											2015-05-04 10:19:50 +09:00
 								  return Posts.findOne(postId);
 								};
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
+								// ------------------------------------------------------------------------------------------- //
 								// ----------------------------------------- Methods ----------------------------------------- //
 								// ------------------------------------------------------------------------------------------- //
 								var postViews = [];
 								Meteor.methods({
-												working on documentation

											
										
										
											2015-05-10 13:37:42 +09:00
+								  /**
 								   * Meteor method for submitting a post from the client
 								   * @memberof Posts
 								   * @param {Object} post - the post being inserted
 								   */
-												adding i18n package stub; working on new post page; adding user accounts widget

											
										
										
											2016-02-18 11:55:00 +09:00
+								  'posts.new': function(post){
-												using audit-argument-check and adding check to all methods

											
										
										
											2015-07-10 11:05:13 +09:00
+								    check(post, Posts.simpleSchema());
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
+								    // required properties:
 								    // title
 								    // optional properties
 								    // URL
 								    // body
 								    // categories
 								    // thumbnailUrl
 								    // NOTE: the current user and the post author user might be two different users!
-												convert posts.new to callbacks; fix flash message typos

											
										
										
											2016-02-24 18:11:53 +09:00
+								    // TODO: find a way to bind `this` to do the following in a callback?
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
-												convert posts.new to callbacks; fix flash message typos

											
										
										
											2016-02-24 18:11:53 +09:00
+								    post = Telescope.callbacks.run("posts.new.method", post, Meteor.user());
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
-												add username field

											
										
										
											2016-02-21 13:57:02 +09:00
+								    if (Meteor.isServer) {
 								      post.userIP = this.connection.clientAddress;
 								      post.userAgent = this.connection.httpHeaders["user-agent"];
 								    }
-												Attach data to post for spam detection package.

											
										
										
											2015-12-28 11:52:01 -05:00
-												adding i18n package stub; working on new post page; adding user accounts widget

											
										
										
											2016-02-18 11:55:00 +09:00
+								    return Posts.methods.new(post);
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
+								  },
-												working on documentation

											
										
										
											2015-05-10 13:37:42 +09:00
+								  /**
 								   * Meteor method for editing a post from the client
 								   * @memberof Posts
 								   * @param {Object} modifier - the update modifier
 								   * @param {Object} postId - the id of the post being updated
 								   */
-												user edit/account page

											
										
										
											2016-02-23 11:34:40 +09:00
+								  'posts.edit': function (postId, modifier) {
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
-												using audit-argument-check and adding check to all methods

											
										
										
											2015-07-10 11:05:13 +09:00
+								    // checking might be redundant because SimpleSchema already enforces the schema, but you never know
-												updating history; small tweaks

											
										
										
											2015-07-14 11:40:58 +09:00
+								    check(modifier, Match.OneOf({$set: Posts.simpleSchema()}, {$unset: Object}, {$set: Posts.simpleSchema(), $unset: Object}));
-												using audit-argument-check and adding check to all methods

											
										
										
											2015-07-10 11:05:13 +09:00
+								    check(postId, String);
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
+								    var user = Meteor.user(),
-												using Users.can.editField for post and comment submit and edit methods

											
										
										
											2015-04-28 10:45:00 +09:00
+								        post = Posts.findOne(postId),
 								        schema = Posts.simpleSchema()._schema;
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
 								    // ------------------------------ Checks ------------------------------ //
-												using Users.can.editField for post and comment submit and edit methods

											
										
										
											2015-04-28 10:45:00 +09:00
+								    // check that user can edit document
 								    if (!user || !Users.can.edit(user, post)) {
-												adding i18n package stub; working on new post page; adding user accounts widget

											
										
										
											2016-02-18 11:55:00 +09:00
+								      throw new Meteor.Error(601, __('sorry_you_cannot_edit_this_post'));
-												using Users.can.editField for post and comment submit and edit methods

											
										
										
											2015-04-28 10:45:00 +09:00
+								    }
 								    // go over each field and throw an error if it's not editable
 								    // loop over each operation ($set, $unset, etc.)
 								    _.each(modifier, function (operation) {
 								      // loop over each property being operated on
 								      _.keys(operation).forEach(function (fieldName) {
 								        var field = schema[fieldName];
-												clean up comment edit form; continue namespacing users.telescope

											
										
										
											2015-04-28 15:54:19 +09:00
+								        if (!Users.can.editField(user, field, post)) {
-												adding i18n package stub; working on new post page; adding user accounts widget

											
										
										
											2016-02-18 11:55:00 +09:00
+								          throw new Meteor.Error("disallowed_property", __('disallowed_property_detected') + ": " + fieldName);
-												using Users.can.editField for post and comment submit and edit methods

											
										
										
											2015-04-28 10:45:00 +09:00
+								        }
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
 								      });
-												using Users.can.editField for post and comment submit and edit methods

											
										
										
											2015-04-28 10:45:00 +09:00
+								    });
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
-												adding i18n package stub; working on new post page; adding user accounts widget

											
										
										
											2016-02-18 11:55:00 +09:00
+								    return Posts.methods.edit(postId, modifier, post);
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
 								  },
-												adding i18n package stub; working on new post page; adding user accounts widget

											
										
										
											2016-02-18 11:55:00 +09:00
+								  'posts.approve': function(postId){
-												more checks

											
										
										
											2015-07-10 11:40:11 +09:00
-												make `approvePost` and `unapprovePost` methods take `postId` instead of `post` as argument.

											
										
										
											2015-07-28 10:59:04 +09:00
+								    check(postId, String);
-												set postedAt on post approval

											
										
										
											2015-10-03 13:03:39 +09:00
-												make `approvePost` and `unapprovePost` methods take `postId` instead of `post` as argument.

											
										
										
											2015-07-28 10:59:04 +09:00
+								    var post = Posts.findOne(postId);
-												set postedAt on post approval

											
										
										
											2015-10-03 13:03:39 +09:00
+								    var now = new Date();
-												more checks

											
										
										
											2015-07-10 11:40:11 +09:00
-												namespacing user roles

											
										
										
											2015-04-27 17:14:07 +09:00
+								    if(Users.is.admin(Meteor.user())){
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
-												set postedAt on post approval

											
										
										
											2015-10-03 13:03:39 +09:00
+								      var set = {status: Posts.config.STATUS_APPROVED};
 								      if (!post.postedAt) {
 								        set.postedAt = now;
 								      }
 								      Posts.update(post._id, {$set: set});
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
-												New post approval/rejection workflow; Removed `status` radio button from post edit form; Added `rejected` view to show all rejected posts

											
										
										
											2015-09-06 11:37:48 +09:00
+								      Telescope.callbacks.runAsync("postApproveAsync", post);
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
 								    }else{
 								      Messages.flash('You need to be an admin to do that.', "error");
 								    }
 								  },
-												adding i18n package stub; working on new post page; adding user accounts widget

											
										
										
											2016-02-18 11:55:00 +09:00
+								  'posts.reject': function(postId){
-												more checks

											
										
										
											2015-07-10 11:40:11 +09:00
-												make `approvePost` and `unapprovePost` methods take `postId` instead of `post` as argument.

											
										
										
											2015-07-28 10:59:04 +09:00
+								    check(postId, String);
 								    var post = Posts.findOne(postId);
-												namespacing user roles

											
										
										
											2015-04-27 17:14:07 +09:00
+								    if(Users.is.admin(Meteor.user())){
-												New post approval/rejection workflow; Removed `status` radio button from post edit form; Added `rejected` view to show all rejected posts

											
										
										
											2015-09-06 11:37:48 +09:00
 								      Posts.update(post._id, {$set: {status: Posts.config.STATUS_REJECTED}});
 								      Telescope.callbacks.runAsync("postRejectAsync", post);
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
+								    }else{
 								      Messages.flash('You need to be an admin to do that.', "error");
 								    }
 								  },
-												adding i18n package stub; working on new post page; adding user accounts widget

											
										
										
											2016-02-18 11:55:00 +09:00
+								  'posts.increaseViews': function(postId, sessionId){
-												using audit-argument-check and adding check to all methods

											
										
										
											2015-07-10 11:05:13 +09:00
 								    check(postId, String);
-												match anything (fix #1103)

											
										
										
											2015-08-13 15:46:33 +09:00
+								    check(sessionId, Match.Any);
-												using audit-argument-check and adding check to all methods

											
										
										
											2015-07-10 11:05:13 +09:00
-												remove this.unblock() for now

											
										
										
											2016-02-17 17:46:34 +09:00
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
 								    // only let users increment a post's view counter once per session
 								    var view = {_id: postId, userId: this.userId, sessionId: sessionId};
-												Improve jsHint consistency

This commit touch a lot of lines of code with the goal to be more
rigorous about JavaScript code conventions defined in the `.jshintrc`.

Some modification:

* Add a list of used global symbols in the corresponding section of
  `.jshintrc`
* Use local variables instead of global in a lot of places where the
  keyword `var` was mistakenly forgotten
* Add missing semi-colons after instructions
* Add new lines at the end of files
* Remove trailing whitespaces
* Use newer name of some Meteor APIs, eg `addFiles` instead of
  `add_files`
* Add missing `break` statements in `switch` blocks
* Use `===` instead of `==` and `!==` instead of `!=`
* Remove unused variables

This commit should also fix a few bugs due to this lack of rigor. One
example of that was the test `typeof navElements === "array"` that was
never true because in JavaScript, `typeof [] === "object"`, we
replaced this test by the `_.isArray` method provided by underscore.
It might also fix some potential collision related to global
variables.

There is still plenty of work until Telescope code base passes jsHint
validation, but at least this commit is a step in the right direction.

											
										
										
											2015-05-01 18:22:00 +02:00
+								    if(_.where(postViews, view).length === 0){
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
+								      postViews.push(view);
 								      Posts.update(postId, { $inc: { viewCount: 1 }});
 								    }
 								  },
-												adding i18n package stub; working on new post page; adding user accounts widget

											
										
										
											2016-02-18 11:55:00 +09:00
+								  'posts.deleteById': function(postId) {
-												more checks

											
										
										
											2015-07-10 11:40:11 +09:00
 								    check(postId, String);
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
+								    // remove post comments
 								    // if(!this.isSimulation) {
 								    //   Comments.remove({post: postId});
 								    // }
 								    // NOTE: actually, keep comments after all
 								    var post = Posts.findOne({_id: postId});
 								    if(!Meteor.userId() || !Users.can.editById(Meteor.userId(), post)) throw new Meteor.Error(606, 'You need permission to edit or delete a post');
 								    // decrement post count
-												working on documentation

											
										
										
											2015-05-10 13:37:42 +09:00
+								    Users.update({_id: post.userId}, {$inc: {"telescope.postCount": -1}});
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
 								    // delete post
 								    Posts.remove(postId);
-												add postDeleteAsync callback hook; decrement category postCount on post delete

											
										
										
											2015-08-24 09:56:21 +09:00
 								    Telescope.callbacks.runAsync("postDeleteAsync", post);
-												working on permissions and router filters

											
										
										
											2015-09-19 10:33:37 +09:00
+								  },
-												adding i18n package stub; working on new post page; adding user accounts widget

											
										
										
											2016-02-18 11:55:00 +09:00
+								  'posts.checkForDuplicates': function (url) {
-												working on permissions and router filters

											
										
										
											2015-09-19 10:33:37 +09:00
+								    Posts.checkForSameUrl(url);
-												working on methods

											
										
										
											2016-02-18 12:16:32 +09:00
+								  },
 								  'posts.upvote': function (postId) {
 								    check(postId, String);
 								    return Telescope.operateOnItem.call(this, Posts, postId, Meteor.user(), "upvote");
 								  },
 								  'posts.downvote': function (postId) {
 								    check(postId, String);
 								    return Telescope.operateOnItem.call(this, Posts, postId, Meteor.user(), "downvote");
 								  },
 								  'posts.cancelUpvote': function (postId) {
 								    check(postId, String);
 								    return Telescope.operateOnItem.call(this, Posts, postId, Meteor.user(), "cancelUpvote");
 								  },
 								  'posts.cancelDownvote': function (postId) {
 								    check(postId, String);
 								    return Telescope.operateOnItem.call(this, Posts, postId, Meteor.user(), "cancelDownvote");
-												bringing packages back into core repo after all

											
										
										
											2015-04-22 07:50:11 +09:00
+								  }
 								});