Synchronet now requires the libarchive development package (e.g. libarchive-dev on Debian-based Linux distros, libarchive.org for more info) to build successfully.

forum.ssjs 6.7 KB
Newer Older
1 2 3 4 5
/*  This script is an interface between HTTP clients and the functions defined
    in web/lib/forum.js.  A basic check for an authenticated, non-guest user
    is done here; otherwise all permission checking is done at the function
    level. */

6
var settings = load('modopts.js', 'web') || { web_directory: '../webv4' };
7 8 9 10

load(settings.web_directory + '/lib/init.js');
load(settings.web_lib + 'auth.js');
load(settings.web_lib + 'forum.js');
11
load(settings.web_lib + 'request.js');
12 13 14 15

var reply = {};

// There must be an API call, and the user must not be a guest or unknown
16
if (Request.has_param('call') && (http_request.method === 'GET' || http_request.method === 'POST')) {
17 18 19 20 21 22 23 24

    var handled = false;

    // Authenticated calls
    if (user.number > 0 && user.alias !== settings.guest) {

        handled = true;

25
        switch (http_request.query.call[0].toLowerCase()) {
26

echicken's avatar
echicken committed
27 28
            // Unread message counts for every sub in a group
            case 'get-sub-unread-counts':
29
                if (Request.has_param('group') && msg_area.grp_list[http_request.query.group[0]]) {
echicken's avatar
echicken committed
30 31 32 33 34 35 36 37 38
                    reply = getSubUnreadCounts(http_request.query.group[0]);
                }
                break;
            
            // Unread message counts for all groups user has access to
            case 'get-group-unread-counts':
                reply = getGroupUnreadCounts();
                break;

39 40 41 42 43 44 45 46 47 48 49 50 51 52 53
            case 'get-mail-unread-count':
                reply.count = user.stats.mail_waiting;
                break;

            case 'get-mail-body':
                if (typeof http_request.query.number !== 'undefined') {
                    reply = getMailBody(http_request.query.number[0]);
                }
                break;

            case 'get-signature':
                reply.signature = getSignature();
                break;

            case 'post-reply':
54 55
                if (Request.has_params(['sub', 'body', 'pid'])) {
                    reply.success = postReply(http_request.query.sub[0], http_request.query.body[0], Number(http_request.query.pid[0]));
56 57 58 59 60 61
                } else {
                    reply.success = false;
                }
                break;

            case 'post':
62
                if (Request.has_params(['sub', 'to', 'subject', 'body'])) {
63 64 65 66 67 68 69 70 71 72 73 74
                    reply.success = postNew(
                        http_request.query.sub[0],
                        http_request.query.to[0],
                        http_request.query.subject[0],
                        http_request.query.body[0]
                    );
                } else {
                    reply.success = false;
                }
                break;

            case 'delete-message':
75 76
                if (Request.has_params(['sub', 'number'])) {
                    reply.success = deleteMessage(http_request.query.sub[0], http_request.query.number[0]);
77 78 79 80 81 82
                } else {
                    reply.success = false;
                }
                break;

            case 'delete-mail':
83
                if (Request.has_param('number')) {
84 85 86 87 88 89 90
                    reply.success = deleteMail(http_request.query.number);
                } else {
                    reply.success = false;
                }
                break;

            case 'set-scan-cfg':
91 92
                if (Request.has_params(['sub', 'cfg'])) {
                    reply.success = setScanCfg(http_request.query.sub[0], http_request.query.cfg[0]);
93 94 95 96 97 98
                } else {
                    reply.success = false;
                }
                break;

            case 'vote':
99 100
                if (Request.has_params(['sub', 'id', 'up']) && !(user.security.restrictions&UFLAG_V)) {
                    reply.success = voteMessage(http_request.query.sub[0], http_request.query.id[0], http_request.query.up[0]);
101 102 103 104 105 106
                } else {
                    reply.success = false;
                }
                break;

            case 'submit-poll-answers':
107 108
                if (Request.has_params(['sub', 'id', 'answer'])) {
                    reply.success = submitPollAnswers(http_request.query.sub[0], http_request.query.id[0], http_request.query.answer[0]);
109 110 111 112
                }
                break;

            case 'submit-poll':
113
                if (Request.has_params(['subject', 'sub', 'votes', 'results', 'answer'])) {
114 115 116 117 118 119 120 121 122 123 124
                    reply.success = postPoll(
                        http_request.query.sub[0],
                        http_request.query.subject[0],
                        http_request.query.votes[0],
                        http_request.query.results[0],
                        http_request.query.answer,
                        http_request.query.comment || []
                    );
                }
                break;

echicken's avatar
echicken committed
125 126 127 128 129 130 131 132
            case 'block-sender':
                if (user.is_sysop) {
                    if (http_request.query.from) addTwit(decodeURIComponent(http_request.query.from[0]));
                    if (http_request.query.from_net) addTwit(decodeURIComponent(http_request.query.from_net[0]));
                    reply.err = null;
                }
                break;

133 134 135
            default:
                handled = false;
                break;
136

137
        }
138

139
    }
140

141 142
    // Unauthenticated calls
    if (!handled) {
143

144
        switch(http_request.query.call[0].toLowerCase()) {
145

146
            case 'get-thread-votes':
147
                if (Request.has_params(['sub', 'id'])) {
148
                    var id = parseInt(http_request.query.id[0]);
149
                    if (!isNaN(id)) reply = getVotesInThread(http_request.query.sub[0], id);
150 151 152 153
                }
                break;

            case 'get-sub-votes':
154
                if (Request.has_param('sub')) reply = getVotesInThreads(http_request.query.sub[0]);
155 156 157
                break;

            case 'get-poll-results':
158 159
                if (Request.has_params(['sub', 'id'])) {
                    reply = getUserPollData(http_request.query.sub[0], http_request.query.id[0]);
160 161 162 163 164 165 166 167
                }
                break;

            case 'list-groups':
                reply = listGroups();
                break;

            case 'list-subs':
168
                if (Request.has_param('group')) reply = listSubs(http_request.query.group[0]);
169 170 171
                break;

            case 'list-threads':
172 173 174
                if (Request.has_params(['sub', 'offset'])) {
                    if (Request.has_param('count')) var count = http_request.query.count[0];
                    reply = listThreads(http_request.query.sub[0], http_request.query.offset[0], count || settings.page_size).threads;
175 176 177 178 179
                }
                break;

            default:
                break;
180

181
        }
182

echicken's avatar
echicken committed
183
    }
echicken's avatar
echicken committed
184

185 186 187 188 189 190
}

reply = JSON.stringify(reply);
http_reply.header['Content-Type'] = 'application/json';
http_reply.header['Content-Length'] = reply.length;
write(reply);