Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

If logged-in user created first revision of a bin, then they "own" th…

…e bin url - and other users will only be able to clone the url
  • Loading branch information...
commit be56fa0db8474b1d2da55b82e7c7d0d1e859d776 1 parent c77cb88
@remy remy authored
View
13 lib/db/mysql.js
@@ -392,5 +392,18 @@ module.exports = utils.inherit(Object, {
}
fn(null);
});
+ },
+ isOwnerOf: function (params, fn) {
+ var values = [
+ params.name,
+ params.url
+ ], sql = templates.isOwnerOf;
+
+ this.connection.query(sql, values, function (err, result) {
+ if (err) {
+ return fn(err);
+ }
+ fn(null, { found: !!result.length, isowner: result.length ? result[0].owner === 1 : false });
+ });
}
});
View
3  lib/db/sql_templates.json
@@ -26,5 +26,6 @@
"getUserForForgotToken": "SELECT `ownership`.*, expires FROM `ownership` INNER JOIN `forgot_tokens` ON `name` = `owner_name` WHERE `token` = ? AND `forgot_tokens`.`expires` >= ?",
"setForgotToken": "INSERT INTO `forgot_tokens` (`owner_name`, `token`, `expires`, `created`) VALUES (?, ?, ?, ?)",
"deleteExpiredForgotToken": "DELETE FROM `forgot_tokens` WHERE `expires` <= ? OR `token`=? OR `owner_name`=?",
- "reportBin": "UPDATE `sandbox` SET `reported`=? WHERE `url`=? AND `revision`=? AND `active`='y'"
+ "reportBin": "UPDATE `sandbox` SET `reported`=? WHERE `url`=? AND `revision`=? AND `active`='y'",
+ "isOwnerOf": "SELECT name=? as `owner` FROM `owners` WHERE `url`=? AND `revision`=1"
}
View
20 lib/db/sqlite.js
@@ -209,7 +209,7 @@ module.exports = utils.inherit(Object, {
if (result) {
result = _this.convertUserDates(result);
}
- fn(null, result);
+ fn(null, result);
}
});
},
@@ -450,5 +450,23 @@ module.exports = utils.inherit(Object, {
}
fn(null, results);
});
+ },
+ isOwnerOf: function (params, fn) {
+ var values = [
+ params.name,
+ params.url
+ ], sql = templates.isOwnerOf;
+
+ this.connection.run(sql, values, function (err, result) {
+ if (err) {
+ return fn(err);
+ }
+ if (typeof result === 'undefined') {
+ return fn(null, { found: false });
+ } else {
+ return fn(null, { found: true, isowner: result[0].owner === 1 });
+ }
+ });
}
+
});
View
24 lib/handlers/bin.js
@@ -243,7 +243,7 @@ module.exports = Observable.extend({
if (req.param('method') === 'save') {
params = utils.extract(req.body, 'html', 'css', 'javascript', 'settings');
params.url = req.bin.url;
- params.revision = req.bin.revision + 1;
+ params.revision = parseInt(req.params.rev, 10) || 1, //req.bin.revision;
params.summary = utils.titleForBin(params);
this.validateBin(params, function (err) {
@@ -251,12 +251,26 @@ module.exports = Observable.extend({
return next(err);
}
- _this.models.bin.createRevision(params, function (err, result) {
- if (err) {
- return next(err);
+ var username = req.session.user ? req.session.user.name : undefined;
+
+ _this.models.user.isOwnerOf(username, params, function (err, result) {
+ console.log('isOwnerOf', username, params, result);
+ var method = 'create';
+
+ if (result.isowner || result.found === false) {
+ method = 'createRevision';
+ params.revision = req.bin.revision + 1; // bump the revision from the *latest*
+ } else {
+ delete params.revision;
}
- _this.completeCreateBin(result, req, res, next);
+ _this.models.bin[method](params, function (err, result) {
+ if (err) {
+ return next(err);
+ }
+
+ _this.completeCreateBin(result, req, res, next);
+ });
});
});
} else if (req.param('method') === 'update') {
View
8 lib/models/user.js
@@ -67,6 +67,14 @@ module.exports = Observable.extend({
};
this.store.getBinsByUser(id, fn);
},
+ isOwnerOf: function (username, bin, fn) {
+ var params = {
+ name: username,
+ url: bin.url,
+ revision: bin.revision
+ };
+ this.store.isOwnerOf(params, fn);
+ },
setBinOwner: function (id, bin, fn) {
var params = {
name: id,
View
2  lib/store.js
@@ -41,7 +41,7 @@ var methods = [
'reportBin',
'getAllOwners',
'getOwnersBlock',
-
+ 'isOwnerOf',
'populateOwners'
];
Please sign in to comment.
Something went wrong with that request. Please try again.