Vulcan/collections/posts.js

postSchemaObject = {
  _id: {
    type: String,
    optional: true
  },
  createdAt: {
    type: Date,
    optional: true
  },
  postedAt: {
    type: Date,
    optional: true
  },    
  title: {
    type: String,
    label: "Title"
  },
  url: {
    type: String,
    label: "URL",
    optional: true
  },
  body: {
    type: String,
    optional: true
  },
  htmlBody: {
    type: String,
    optional: true
  },
  commentsCount: {
    type: Number,
    optional: true
  },
  commenters: {
    type: [String],
    optional: true
  },
  lastCommentedAt: {
    type: Date,
    optional: true
  },
  clicks: {
    type: Number,
    optional: true
  },
  baseScore: {
    type: Number,
    decimal: true,
    optional: true
  },
  upvotes: {
    type: Number,
    optional: true
  },
  upvoters: {
    type: [String], // XXX
    optional: true
  },
  downvotes: {
    type: Number,
    optional: true
  },
  downvoters: {
    type: [String], // XXX
    optional: true
  },
  score: {
    type: Number,
    decimal: true,
    optional: true
  },
  status: {
    type: Number,
    optional: true
  },
  sticky: {
    type: Boolean,
    optional: true
  },
  inactive: {
    type: Boolean,
    optional: true
  },
  userId: {
    type: String, // XXX
    optional: true
  }
};

// add any extra properties to postSchemaObject (provided by packages for example)
_.each(addToPostSchema, function(item){
  postSchemaObject[item.propertyName] = item.propertySchema;
});

Posts = new Meteor.Collection("posts");

PostSchema = new SimpleSchema(postSchemaObject);
Posts.attachSchema(PostSchema);

STATUS_PENDING=1;
STATUS_APPROVED=2;
STATUS_REJECTED=3;

Posts.deny({
  update: function(userId, post, fieldNames) {
    if(isAdminById(userId))
      return false;
    // deny the update if it contains something other than the following fields
    return (_.without(fieldNames, 'title', 'url', 'body', 'shortUrl', 'shortTitle', 'categories').length > 0);
  }
});

Posts.allow({
  update: canEditById,
  remove: canEditById
});

clickedPosts = [];

getPostProperties = function(post) {

  var postAuthor = Meteor.users.findOne(post.userId);
  var p = {
    postAuthorName : getDisplayName(postAuthor),
    postTitle : cleanUp(post.title),
    profileUrl: getProfileUrlById(post.userId),
    postUrl: getPostPageUrl(post),
    thumbnailUrl: post.thumbnailUrl,
    linkUrl: !!post.url ? getOutgoingUrl(post.url) : getPostPageUrl(post._id)
  };
  
  if(post.url)
    p.url = post.url;

  if(post.htmlBody)
    p.htmlBody = post.htmlBody;

  return p;
};

getPostPageUrl = function(post){
  return getSiteUrl()+'posts/'+post._id;
};

getPostEditUrl = function(id){
  return getSiteUrl()+'posts/'+id+'/edit';
};

// for a given post, return its link if it has one, or else its post page URL
getPostLink = function (post) {
  return !!post.url ? getOutgoingUrl(post.url) : getPostPageUrl(post);
};

Posts.before.insert(function (userId, doc) {
  if(Meteor.isServer && !!doc.body)
    doc.htmlBody = sanitize(marked(doc.body));
});

Posts.before.update(function (userId, doc, fieldNames, modifier, options) {
  // if body is being modified, update htmlBody too
  if (Meteor.isServer && modifier.$set && modifier.$set.body) {
    modifier.$set = modifier.$set || {};
    modifier.$set.htmlBody = sanitize(marked(modifier.$set.body));
  }
});

Meteor.methods({
  post: function(post){
    var title = cleanUp(post.title),
        body = post.body,
        userId = this.userId,
        user = Meteor.users.findOne(userId),
        timeSinceLastPost=timeSinceLast(user, Posts),
        numberOfPostsInPast24Hours=numberOfItemsInPast24Hours(user, Posts),
        postInterval = Math.abs(parseInt(getSetting('postInterval', 30))),
        maxPostsPer24Hours = Math.abs(parseInt(getSetting('maxPostsPerDay', 30))),
        postId = '';
    

    // ------------------------------ Checks ------------------------------ //

    // check that user can post
    if (!user || !canPost(user))
      throw new Meteor.Error(601, i18n.t('You need to login or be invited to post new stories.'));

    // check that user provided a title
    if(!post.title)
      throw new Meteor.Error(602, i18n.t('Please fill in a title'));


    if(!!post.url){
      // check that there are no previous posts with the same link in the past 6 months
      var sixMonthsAgo = moment().subtract(6, 'months').toDate();
      var postWithSameLink = Posts.findOne({url: post.url, postedAt: {$gte: sixMonthsAgo}});

      if(typeof postWithSameLink !== 'undefined'){
        Meteor.call('upvotePost', postWithSameLink);
        throw new Meteor.Error(603, i18n.t('This link has already been posted'), postWithSameLink._id);
      }
    }

    if(!isAdmin(Meteor.user())){
      // check that user waits more than X seconds between posts
      if(!this.isSimulation && timeSinceLastPost < postInterval)
        throw new Meteor.Error(604, i18n.t('Please wait ')+(postInterval-timeSinceLastPost)+i18n.t(' seconds before posting again'));

      // check that the user doesn't post more than Y posts per day
      if(!this.isSimulation && numberOfPostsInPast24Hours > maxPostsPer24Hours)
        throw new Meteor.Error(605, i18n.t('Sorry, you cannot submit more than ')+maxPostsPer24Hours+i18n.t(' posts per day'));
    }

    // ------------------------------ Properties ------------------------------ //

    // Basic Properties
    properties = {
      title: title,
      body: body,
      userId: userId,
      author: getDisplayNameById(userId),
      upvotes: 0,
      downvotes: 0,
      commentsCount: 0,
      baseScore: 0,
      score: 0,
      inactive: false
    };

    // UserId    
    if(isAdmin(Meteor.user()) && !!post.userId){ // only let admins post as other users
      properties.userId = post.userId; 
    }

    // Status
    var defaultPostStatus = getSetting('requirePostsApproval') ? STATUS_PENDING : STATUS_APPROVED;
    if(isAdmin(Meteor.user()) && !!post.status){ // if user is admin and a custom status has been set
      properties.status = post.status;
    }else{ // else use default status
      properties.status = defaultPostStatus; 
    }

    // CreatedAt
    properties.createdAt = new Date();

    // PostedAt
    if(properties.status == 2){ // only set postedAt if post is approved
      if(isAdmin(Meteor.user()) && !!post.postedAt){ // if user is admin and a custom postDate has been set
        properties.postedAt = post.postedAt;
      }else{ // else use current time
        properties.postedAt = new Date();
      }
    }

    post = _.extend(post, properties);

    // ------------------------------ Callbacks ------------------------------ //

    // run all post submit server callbacks on post object successively
    post = postSubmitMethodCallbacks.reduce(function(result, currentFunction) {
        return currentFunction(result);
    }, post);

    // ------------------------------ Insert ------------------------------ //

    // console.log(post)
    post._id = Posts.insert(post);

    // ------------------------------ Callbacks ------------------------------ //

    // run all post submit server callbacks on post object successively
    post = postAfterSubmitMethodCallbacks.reduce(function(result, currentFunction) {
        return currentFunction(result);
    }, post);

    // ------------------------------ Post-Insert ------------------------------ //

    // increment posts count
    Meteor.users.update({_id: userId}, {$inc: {postCount: 1}});

    var postAuthor =  Meteor.users.findOne(post.userId);

    Meteor.call('upvotePost', post, postAuthor);

    return post;
  },
  setPostedAt: function(post, customPostedAt){

    var postedAt = new Date(); // default to current date and time
        
    if(isAdmin(Meteor.user()) && typeof customPostedAt !== 'undefined') // if user is admin and a custom datetime has been set
      postedAt = customPostedAt;

    Posts.update(post._id, {$set: {postedAt: postedAt}});
  },
  post_edit: function(post){
    // TODO: make post_edit server-side?
  },
  approvePost: function(post){
    if(isAdmin(Meteor.user())){
      var now = new Date();
      Posts.update(post._id, {$set: {status: 2, postedAt: now}});
    }else{
      throwError('You need to be an admin to do that.');
    }
  },
  unapprovePost: function(post){
    if(isAdmin(Meteor.user())){
      Posts.update(post._id, {$set: {status: 1}});
    }else{
      throwError('You need to be an admin to do that.');
    }
  },
  clickedPost: function(post, sessionId){
    // only let clients increment a post's click counter once per session
    var click = {_id: post._id, sessionId: sessionId};
    if(_.where(clickedPosts, click).length == 0){
      clickedPosts.push(click);
      Posts.update(post._id, { $inc: { clicks: 1 }});
    }
  },
  deletePostById: function(postId) {
    // remove post comments
    // if(!this.isSimulation) {
    //   Comments.remove({post: postId});
    // }
    // NOTE: actually, keep comments after all

    // decrement post count
    var post = Posts.findOne({_id: postId});
    if(!Meteor.userId() || !canEditById(Meteor.userId(), post)) throw new Meteor.Error(606, 'You need permission to edit or delete a post');
    
    Meteor.users.update({_id: post.userId}, {$inc: {postCount: -1}});
    Posts.remove(postId);
  }
});
Fixed regression 2014-09-17 21:11:59 +02:00			`postSchemaObject = {`
telescope-tags package now adds "categories" property to post schema 2014-06-22 12:58:41 +09:00			`_id: {`
			`type: String,`
			`optional: true`
			`},`
			`createdAt: {`
			`type: Date,`
			`optional: true`
			`},`
refactoring dates and timestamps 2014-07-03 13:15:23 +09:00			`postedAt: {`
telescope-tags package now adds "categories" property to post schema 2014-06-22 12:58:41 +09:00			`type: Date,`
			`optional: true`
			`},`
			`title: {`
			`type: String,`
cleanup while getting familiar with the codebase 2014-09-16 15:18:27 -04:00			`label: "Title"`
telescope-tags package now adds "categories" property to post schema 2014-06-22 12:58:41 +09:00			`},`
			`url: {`
			`type: String,`
			`label: "URL",`
			`optional: true`
			`},`
			`body: {`
			`type: String,`
			`optional: true`
			`},`
adding new htmlBody field and adding hooks to sanitise it 2014-08-31 16:11:48 +09:00			`htmlBody: {`
			`type: String,`
			`optional: true`
			`},`
Changed comments to CommentsCount; Now tracking _ids of commenters on each Post document 2014-08-22 10:31:05 +09:00			`commentsCount: {`
telescope-tags package now adds "categories" property to post schema 2014-06-22 12:58:41 +09:00			`type: Number,`
			`optional: true`
			`},`
Changed comments to CommentsCount; Now tracking _ids of commenters on each Post document 2014-08-22 10:31:05 +09:00			`commenters: {`
			`type: [String],`
			`optional: true`
			`},`
Rename property to lastCommentedAt 2014-07-22 10:29:37 +09:00			`lastCommentedAt: {`
add lastCommentDate to posts 2014-07-19 15:08:28 +09:00			`type: Date,`
			`optional: true`
			`},`
fixed click tracking 2014-07-03 17:13:22 +09:00			`clicks: {`
			`type: Number,`
			`optional: true`
			`},`
telescope-tags package now adds "categories" property to post schema 2014-06-22 12:58:41 +09:00			`baseScore: {`
			`type: Number,`
			`decimal: true,`
			`optional: true`
			`},`
			`upvotes: {`
			`type: Number,`
			`optional: true`
			`},`
			`upvoters: {`
			`type: [String], // XXX`
			`optional: true`
			`},`
			`downvotes: {`
			`type: Number,`
			`optional: true`
			`},`
			`downvoters: {`
			`type: [String], // XXX`
			`optional: true`
			`},`
			`score: {`
			`type: Number,`
			`decimal: true,`
			`optional: true`
			`},`
			`status: {`
			`type: Number,`
			`optional: true`
			`},`
			`sticky: {`
			`type: Boolean,`
			`optional: true`
			`},`
			`inactive: {`
			`type: Boolean,`
			`optional: true`
			`},`
			`userId: {`
			`type: String, // XXX`
			`optional: true`
			`}`
Fixed regression 2014-09-17 21:11:59 +02:00			`};`
telescope-tags package now adds "categories" property to post schema 2014-06-22 12:58:41 +09:00
			`// add any extra properties to postSchemaObject (provided by packages for example)`
			`_.each(addToPostSchema, function(item){`
			`postSchemaObject[item.propertyName] = item.propertySchema;`
			`});`

Replaced deprecated "schema" property with "attachSchema" method. 2014-09-17 20:10:43 +02:00			`Posts = new Meteor.Collection("posts");`
Fixed regression 2014-09-17 21:11:59 +02:00
			`PostSchema = new SimpleSchema(postSchemaObject);`
Fixed plural / singular issue in schema naming 2014-09-17 20:20:23 +02:00			`Posts.attachSchema(PostSchema);`
adding schemas 2014-05-10 16:57:17 +09:00
added pending posts 2012-10-24 11:04:42 +09:00			`STATUS_PENDING=1;`
			`STATUS_APPROVED=2;`
			`STATUS_REJECTED=3;`

refactoring allow/deny code 2013-07-04 12:51:26 +09:00			`Posts.deny({`
			`update: function(userId, post, fieldNames) {`
			`if(isAdminById(userId))`
fixed allow/deny bug 2013-07-05 07:09:15 +09:00			`return false;`
fixed comment edit bug 2013-11-05 09:32:21 +09:00			`// deny the update if it contains something other than the following fields`
Changing "headline" to "title" 2014-05-16 09:19:35 +09:00			`return (_.without(fieldNames, 'title', 'url', 'body', 'shortUrl', 'shortTitle', 'categories').length > 0);`
refactoring allow/deny code 2013-07-04 12:51:26 +09:00			`}`
			`});`

fixed comment edit bug 2013-11-05 09:32:21 +09:00			`Posts.allow({`
remove unneeded allow insert 2014-09-01 18:19:36 +09:00			`update: canEditById,`
			`remove: canEditById`
fixed comment edit bug 2013-11-05 09:32:21 +09:00			`});`

added some basic way of making sure user's clicks are only registered once per session 2013-11-06 10:11:35 +09:00			`clickedPosts = [];`

Still refactoring notifications 2014-08-04 09:47:10 +09:00			`getPostProperties = function(post) {`

cleanup while getting familiar with the codebase 2014-09-16 15:18:27 -04:00			`var postAuthor = Meteor.users.findOne(post.userId);`
Still refactoring notifications 2014-08-04 09:47:10 +09:00			`var p = {`
			`postAuthorName : getDisplayName(postAuthor),`
			`postTitle : cleanUp(post.title),`
			`profileUrl: getProfileUrlById(post.userId),`
Separating themes; adding accounts-entry 2014-08-12 16:16:44 +09:00			`postUrl: getPostPageUrl(post),`
Using templates for on-site notifications too; refactoring a lot of stuff 2014-08-04 11:22:43 +09:00			`thumbnailUrl: post.thumbnailUrl,`
			`linkUrl: !!post.url ? getOutgoingUrl(post.url) : getPostPageUrl(post._id)`
Still refactoring notifications 2014-08-04 09:47:10 +09:00			`};`

			`if(post.url)`
			`p.url = post.url;`

adding new htmlBody field and adding hooks to sanitise it 2014-08-31 16:11:48 +09:00			`if(post.htmlBody)`
			`p.htmlBody = post.htmlBody;`
Still refactoring notifications 2014-08-04 09:47:10 +09:00
			`return p;`
cleanup while getting familiar with the codebase 2014-09-16 15:18:27 -04:00			`};`
Still refactoring notifications 2014-08-04 09:47:10 +09:00
Using templates for on-site notifications too; refactoring a lot of stuff 2014-08-04 11:22:43 +09:00			`getPostPageUrl = function(post){`
			`return getSiteUrl()+'posts/'+post._id;`
			`};`

			`getPostEditUrl = function(id){`
			`return getSiteUrl()+'posts/'+id+'/edit';`
			`};`

			`// for a given post, return its link if it has one, or else its post page URL`
			`getPostLink = function (post) {`
			`return !!post.url ? getOutgoingUrl(post.url) : getPostPageUrl(post);`
cleanup while getting familiar with the codebase 2014-09-16 15:18:27 -04:00			`};`
Using templates for on-site notifications too; refactoring a lot of stuff 2014-08-04 11:22:43 +09:00
adding new htmlBody field and adding hooks to sanitise it 2014-08-31 16:11:48 +09:00			`Posts.before.insert(function (userId, doc) {`
do not insert htmlBody on the client since it's not whitelisted 2014-09-11 14:10:57 +09:00			`if(Meteor.isServer && !!doc.body)`
fixing bug on post submit 2014-09-02 14:54:04 +09:00			`doc.htmlBody = sanitize(marked(doc.body));`
adding new htmlBody field and adding hooks to sanitise it 2014-08-31 16:11:48 +09:00			`});`

			`Posts.before.update(function (userId, doc, fieldNames, modifier, options) {`
			`// if body is being modified, update htmlBody too`
do not insert htmlBody on the client since it's not whitelisted 2014-09-11 14:10:57 +09:00			`if (Meteor.isServer && modifier.$set && modifier.$set.body) {`
adding new htmlBody field and adding hooks to sanitise it 2014-08-31 16:11:48 +09:00			`modifier.$set = modifier.$set \|\| {};`
			`modifier.$set.htmlBody = sanitize(marked(modifier.$set.body));`
			`}`
			`});`

Moved post creation logic to the server side. Also made it + commenting latency compensated. 2012-10-04 11:45:12 +10:00			`Meteor.methods({`
			`post: function(post){`
Changing "headline" to "title" 2014-05-16 09:19:35 +09:00			`var title = cleanUp(post.title),`
adding new htmlBody field and adding hooks to sanitise it 2014-08-31 16:11:48 +09:00			`body = post.body,`
Fixing latency compensation issue 2014-08-06 12:02:17 +09:00			`userId = this.userId,`
			`user = Meteor.users.findOne(userId),`
fixed queued comments bug 2013-04-26 17:28:09 +09:00			`timeSinceLastPost=timeSinceLast(user, Posts),`
			`numberOfPostsInPast24Hours=numberOfItemsInPast24Hours(user, Posts),`
			`postInterval = Math.abs(parseInt(getSetting('postInterval', 30))),`
			`maxPostsPer24Hours = Math.abs(parseInt(getSetting('maxPostsPerDay', 30))),`
			`postId = '';`
refactoring dates and timestamps 2014-07-03 13:15:23 +09:00

			`// ------------------------------ Checks ------------------------------ //`
typo fix 2013-11-06 09:33:56 +09:00
now checking for duplicate links and limiting to 30 posts per 24 hours 2012-10-30 12:01:11 +09:00			`// check that user can post`
reworking invite system 2012-10-05 13:59:40 +09:00			`if (!user \|\| !canPost(user))`
More localisation 2013-11-11 22:07:19 +01:00			`throw new Meteor.Error(601, i18n.t('You need to login or be invited to post new stories.'));`
finished adding categories 2012-10-10 08:32:49 +09:00
Changing "headline" to "title" 2014-05-16 09:19:35 +09:00			`// check that user provided a title`
			`if(!post.title)`
			`throw new Meteor.Error(602, i18n.t('Please fill in a title'));`
reworking invite system 2012-10-05 13:59:40 +09:00
limit same url check to past 6 months 2014-07-03 14:20:24 +09:00
			`if(!!post.url){`
			`// check that there are no previous posts with the same link in the past 6 months`
adding new htmlBody field and adding hooks to sanitise it 2014-08-31 16:11:48 +09:00			`var sixMonthsAgo = moment().subtract(6, 'months').toDate();`
limit same url check to past 6 months 2014-07-03 14:20:24 +09:00			`var postWithSameLink = Posts.findOne({url: post.url, postedAt: {$gte: sixMonthsAgo}});`

			`if(typeof postWithSameLink !== 'undefined'){`
			`Meteor.call('upvotePost', postWithSameLink);`
			`throw new Meteor.Error(603, i18n.t('This link has already been posted'), postWithSameLink._id);`
			`}`
now checking for duplicate links and limiting to 30 posts per 24 hours 2012-10-30 12:01:11 +09:00			`}`
added rate limiting to posts and comments posting 2012-10-06 13:15:55 +09:00
do not do rate limit checks for admin, and use createdAt instead of submitted 2013-01-13 19:18:01 +09:00			`if(!isAdmin(Meteor.user())){`
			`// check that user waits more than X seconds between posts`
			`if(!this.isSimulation && timeSinceLastPost < postInterval)`
More localisation 2013-11-11 22:07:19 +01:00			`throw new Meteor.Error(604, i18n.t('Please wait ')+(postInterval-timeSinceLastPost)+i18n.t(' seconds before posting again'));`
added pending posts 2012-10-24 11:04:42 +09:00
do not do rate limit checks for admin, and use createdAt instead of submitted 2013-01-13 19:18:01 +09:00			`// check that the user doesn't post more than Y posts per day`
			`if(!this.isSimulation && numberOfPostsInPast24Hours > maxPostsPer24Hours)`
More localisation 2013-11-11 22:07:19 +01:00			`throw new Meteor.Error(605, i18n.t('Sorry, you cannot submit more than ')+maxPostsPer24Hours+i18n.t(' posts per day'));`
do not do rate limit checks for admin, and use createdAt instead of submitted 2013-01-13 19:18:01 +09:00			`}`
admin now able to change user and date 2012-10-23 12:24:38 +09:00
refactoring dates and timestamps 2014-07-03 13:15:23 +09:00			`// ------------------------------ Properties ------------------------------ //`

			`// Basic Properties`
			`properties = {`
Changing "headline" to "title" 2014-05-16 09:19:35 +09:00			`title: title,`
Strip HTML from comments and posts to prevent code injections 2012-12-13 10:58:17 +09:00			`body: body,`
admin now able to change user and date 2012-10-23 12:24:38 +09:00			`userId: userId,`
			`author: getDisplayNameById(userId),`
fixing validation errors on post submit; changing timestamp types to Date() 2014-06-22 09:55:34 +09:00			`upvotes: 0,`
			`downvotes: 0,`
small bug fixes 2014-08-27 09:25:05 +09:00			`commentsCount: 0,`
Moved post creation logic to the server side. Also made it + commenting latency compensated. 2012-10-04 11:45:12 +10:00			`baseScore: 0,`
added pending posts 2012-10-24 11:04:42 +09:00			`score: 0,`
cleanup while getting familiar with the codebase 2014-09-16 15:18:27 -04:00			`inactive: false`
			`};`
refactoring dates and timestamps 2014-07-03 13:15:23 +09:00
			`// UserId`
			`if(isAdmin(Meteor.user()) && !!post.userId){ // only let admins post as other users`
			`properties.userId = post.userId;`
			`}`

			`// Status`
			`var defaultPostStatus = getSetting('requirePostsApproval') ? STATUS_PENDING : STATUS_APPROVED;`
			`if(isAdmin(Meteor.user()) && !!post.status){ // if user is admin and a custom status has been set`
			`properties.status = post.status;`
			`}else{ // else use default status`
			`properties.status = defaultPostStatus;`
			`}`

			`// CreatedAt`
			`properties.createdAt = new Date();`
delete post comments too when a post is deleted 2013-07-19 14:30:39 +03:00
refactoring dates and timestamps 2014-07-03 13:15:23 +09:00			`// PostedAt`
			`if(properties.status == 2){ // only set postedAt if post is approved`
			`if(isAdmin(Meteor.user()) && !!post.postedAt){ // if user is admin and a custom postDate has been set`
			`properties.postedAt = post.postedAt;`
			`}else{ // else use current time`
			`properties.postedAt = new Date();`
			`}`
working on new createdAt timestamp 2013-01-13 08:52:35 +09:00			`}`
moved notifications server side 2012-10-04 15:26:59 +09:00
refactoring dates and timestamps 2014-07-03 13:15:23 +09:00			`post = _.extend(post, properties);`

working on callbacks 2014-07-05 18:06:28 +09:00			`// ------------------------------ Callbacks ------------------------------ //`

			`// run all post submit server callbacks on post object successively`
Making notifications into their own package 2014-09-20 09:57:09 +09:00			`post = postSubmitMethodCallbacks.reduce(function(result, currentFunction) {`
working on callbacks 2014-07-05 18:06:28 +09:00			`return currentFunction(result);`
			`}, post);`

refactoring dates and timestamps 2014-07-03 13:15:23 +09:00			`// ------------------------------ Insert ------------------------------ //`
fixing validation errors on post submit; changing timestamp types to Date() 2014-06-22 09:55:34 +09:00
fixing bugs 2014-07-03 14:13:47 +09:00			`// console.log(post)`
refactoring dates and timestamps 2014-07-03 13:15:23 +09:00			`post._id = Posts.insert(post);`

Renaming callbacks and adding new ones 2014-09-20 10:42:42 +09:00			`// ------------------------------ Callbacks ------------------------------ //`

			`// run all post submit server callbacks on post object successively`
			`post = postAfterSubmitMethodCallbacks.reduce(function(result, currentFunction) {`
			`return currentFunction(result);`
			`}, post);`

refactoring dates and timestamps 2014-07-03 13:15:23 +09:00			`// ------------------------------ Post-Insert ------------------------------ //`
fixed upvoting user bug 2013-01-15 08:46:00 +09:00
improved user dashboard even more! 2013-11-08 11:10:23 +09:00			`// increment posts count`
			`Meteor.users.update({_id: userId}, {$inc: {postCount: 1}});`

added notifications of new posts for admins 2013-01-19 22:42:59 +09:00			`var postAuthor = Meteor.users.findOne(post.userId);`
add _id property to post object 2013-10-29 17:54:45 +09:00
			`Meteor.call('upvotePost', post, postAuthor);`
added notifications of new posts for admins 2013-01-19 22:42:59 +09:00
added pending posts 2012-10-24 11:04:42 +09:00			`return post;`
working on new createdAt timestamp 2013-01-13 08:52:35 +09:00			`},`
refactoring dates and timestamps 2014-07-03 13:15:23 +09:00			`setPostedAt: function(post, customPostedAt){`
fixing postedAt edit bug 2014-07-03 16:17:36 +09:00
refactoring dates and timestamps 2014-07-03 13:15:23 +09:00			`var postedAt = new Date(); // default to current date and time`
fixing postedAt edit bug 2014-07-03 16:17:36 +09:00
refactoring dates and timestamps 2014-07-03 13:15:23 +09:00			`if(isAdmin(Meteor.user()) && typeof customPostedAt !== 'undefined') // if user is admin and a custom datetime has been set`
cleanup while getting familiar with the codebase 2014-09-16 15:18:27 -04:00			`postedAt = customPostedAt;`
fixing postedAt edit bug 2014-07-03 16:17:36 +09:00
refactoring dates and timestamps 2014-07-03 13:15:23 +09:00			`Posts.update(post._id, {$set: {postedAt: postedAt}});`
			`},`
added post_approve meteor method 2013-01-13 10:21:09 +09:00			`post_edit: function(post){`
updated meteor; security fix 2013-11-06 09:29:10 +09:00			`// TODO: make post_edit server-side?`
refactoring allow/deny code 2013-07-04 12:51:26 +09:00			`},`
adding approve/unapprove methods 2014-05-23 13:08:52 +09:00			`approvePost: function(post){`
			`if(isAdmin(Meteor.user())){`
don't show password field to users who logged in via twitter or facebook 2014-06-22 13:20:10 +09:00			`var now = new Date();`
fixing bugs 2014-07-03 14:13:47 +09:00			`Posts.update(post._id, {$set: {status: 2, postedAt: now}});`
adding approve/unapprove methods 2014-05-23 13:08:52 +09:00			`}else{`
			`throwError('You need to be an admin to do that.');`
			`}`
			`},`
			`unapprovePost: function(post){`
			`if(isAdmin(Meteor.user())){`
			`Posts.update(post._id, {$set: {status: 1}});`
			`}else{`
			`throwError('You need to be an admin to do that.');`
			`}`
			`},`
added some basic way of making sure user's clicks are only registered once per session 2013-11-06 10:11:35 +09:00			`clickedPost: function(post, sessionId){`
			`// only let clients increment a post's click counter once per session`
			`var click = {_id: post._id, sessionId: sessionId};`
			`if(_.where(clickedPosts, click).length == 0){`
			`clickedPosts.push(click);`
			`Posts.update(post._id, { $inc: { clicks: 1 }});`
			`}`
delete post comments too when a post is deleted 2013-07-19 14:30:39 +03:00			`},`
			`deletePostById: function(postId) {`
			`// remove post comments`
improved user dashboard even more! 2013-11-08 11:10:23 +09:00			`// if(!this.isSimulation) {`
			`// Comments.remove({post: postId});`
			`// }`
cleanup while getting familiar with the codebase 2014-09-16 15:18:27 -04:00			`// NOTE: actually, keep comments after all`
improved user dashboard even more! 2013-11-08 11:10:23 +09:00
			`// decrement post count`
Fix #159 Fix for #159 2013-11-11 20:53:02 +02:00			`var post = Posts.findOne({_id: postId});`
Permissions 2013-11-11 21:15:04 +02:00			`if(!Meteor.userId() \|\| !canEditById(Meteor.userId(), post)) throw new Meteor.Error(606, 'You need permission to edit or delete a post');`
Fix #159 Fix for #159 2013-11-11 20:53:02 +02:00
Permissions 2013-11-11 21:15:04 +02:00			`Meteor.users.update({_id: post.userId}, {$inc: {postCount: -1}});`
delete post comments too when a post is deleted 2013-07-19 14:30:39 +03:00			`Posts.remove(postId);`
Moved post creation logic to the server side. Also made it + commenting latency compensated. 2012-10-04 11:45:12 +10:00			`}`
delete post comments too when a post is deleted 2013-07-19 14:30:39 +03:00			`});`