aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/controllers
diff options
context:
space:
mode:
Diffstat (limited to 'controllers')
-rw-r--r--controllers/system.js35
1 files changed, 34 insertions, 1 deletions
diff --git a/controllers/system.js b/controllers/system.js
index 6432062..eaafefa 100644
--- a/controllers/system.js
+++ b/controllers/system.js
@@ -143,15 +143,26 @@ exports.project = function(req, res) {
if (err) return res.status(500).render('error', { title: '500', text: 'En serverfeil oppstod', error: err.stack });
Access.loadProject(project._id, function(err, access) {
if (err) return res.status(500).render('error', { title: '500', text: 'En serverfeil oppstod', error: err.stack });
+ access.forEach(function(a) {
+ if (String(a.user._id) === String(req.user._id)) req.user.permissions = a.permissions;
+ });
pPost.loadProject(project._id, function(err, posts) {
if (err) return res.status(500).render('error', { title: '500', text: 'En serverfeil oppstod', error: err.stack });
- res.render('project', { title: project.name, user: req.user, req: req, project: project, access: access, posts: posts });
+ res.render('project', {
+ title: project.name
+ , user: req.user
+ , req: req
+ , project: project
+ , access: access
+ , posts: posts
+ });
});
});
});
}
+
exports.projectParticipants = function(req, res) {
if (req.user.status < 3) {
console.log(req.header('Referer'));
@@ -255,3 +266,25 @@ exports.postNewProject = function(req, res) {
}
+
+exports.deleteProjectPost = function(req, res) {
+ Project.findOne({ shortURL: req.params.short }).select('_id').exec(function(err, project) {
+ if (err) return res.status(500).render('error', { title: '500', text: 'En serverfeil oppstod', error: err.stack });
+ Access.findOne({project: project._id, user: req.user._id}, function(err, access) {
+ if (err) return res.status(500).render('error', { title: '500', text: 'En serverfeil oppstod', error: err.stack });
+ if (!access) return res.status(403).render('error', { title: '403', text: 'Du har ikke tilgang til å gjøre dette' });
+ pPost.load(req.params.post, function(err, post) {
+ if (err) return res.status(500).render('error', { title: '500', text: 'En serverfeil oppstod', error: err.stack });
+ if (post.user._id === req.user._id || access.permissions >= 6) {
+ pPost.remove({ _id: post._id }, function(err) {
+ if (err) return res.status(500).render('error', { title: '500', text: 'En serverfeil oppstod', error: err.stack });
+ console.log('deleted post ' + post._id);
+ return res.redirect('back');
+ })
+ } else { return res.status(403).render('error', { title: '403', text: 'Du har ikke tilgang til å gjøre dette' }); }
+ })
+ })
+ });
+}
+
+