|
|
|
|
/*
|
|
|
|
|
* This file is part of SYZOJ.
|
|
|
|
|
*
|
|
|
|
|
* Copyright (c) 2016 Menci <huanghaorui301@gmail.com>
|
|
|
|
|
*
|
|
|
|
|
* SYZOJ is free software: you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU Affero General Public License as
|
|
|
|
|
* published by the Free Software Foundation, either version 3 of the
|
|
|
|
|
* License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* SYZOJ is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Affero General Public
|
|
|
|
|
* License along with SYZOJ. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
'use strict';
|
|
|
|
|
|
|
|
|
|
let Article = syzoj.model('article');
|
|
|
|
|
let ArticleComment = syzoj.model('article-comment');
|
|
|
|
|
let User = syzoj.model('user');
|
|
|
|
|
|
|
|
|
|
app.get('/discussion', async (req, res) => {
|
|
|
|
|
try {
|
|
|
|
|
let paginate = syzoj.utils.paginate(await Article.count(), req.query.page, syzoj.config.page.discussion);
|
|
|
|
|
let articles = await Article.query(paginate, null, [['public_time', 'desc']]);
|
|
|
|
|
|
|
|
|
|
for (let article of articles) await article.loadRelationships();
|
|
|
|
|
|
|
|
|
|
res.render('discussion', {
|
|
|
|
|
articles: articles,
|
|
|
|
|
paginate: paginate
|
|
|
|
|
});
|
|
|
|
|
} catch (e) {
|
|
|
|
|
syzoj.log(e);
|
|
|
|
|
res.render('error', {
|
|
|
|
|
err: e
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
app.get('/article/:id', async (req, res) => {
|
|
|
|
|
try {
|
|
|
|
|
let id = parseInt(req.params.id);
|
|
|
|
|
let article = await Article.fromID(id);
|
|
|
|
|
if (!article) throw new ErrorMessage('无此帖子。');
|
|
|
|
|
|
|
|
|
|
await article.loadRelationships();
|
|
|
|
|
article.allowedEdit = await article.isAllowedEditBy(res.locals.user);
|
|
|
|
|
article.allowedComment = await article.isAllowedCommentBy(res.locals.user);
|
|
|
|
|
article.content = await syzoj.utils.markdown(article.content);
|
|
|
|
|
|
|
|
|
|
let where = { article_id: id };
|
|
|
|
|
|
|
|
|
|
let paginate = syzoj.utils.paginate(await ArticleComment.count(where), req.query.page, syzoj.config.page.article_comment);
|
|
|
|
|
|
|
|
|
|
let comments = await ArticleComment.query(paginate, where, [['public_time', 'asc']]);
|
|
|
|
|
|
|
|
|
|
for (let comment of comments) {
|
|
|
|
|
comment.content = await syzoj.utils.markdown(comment.content);
|
|
|
|
|
comment.allowedEdit = await comment.isAllowedEditBy(res.locals.user);
|
|
|
|
|
await comment.loadRelationships();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
res.render('article', {
|
|
|
|
|
article: article,
|
|
|
|
|
comments: comments,
|
|
|
|
|
paginate: paginate
|
|
|
|
|
});
|
|
|
|
|
} catch (e) {
|
|
|
|
|
syzoj.log(e);
|
|
|
|
|
res.render('error', {
|
|
|
|
|
err: e
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
app.get('/article/:id/edit', async (req, res) => {
|
|
|
|
|
try {
|
|
|
|
|
if (!res.locals.user) throw new ErrorMessage('请登录后继续。', { '登录': syzoj.utils.makeUrl(['login'], { 'url': req.originalUrl }) });
|
|
|
|
|
|
|
|
|
|
let id = parseInt(req.params.id);
|
|
|
|
|
let article = await Article.fromID(id);
|
|
|
|
|
|
|
|
|
|
if (!article) {
|
|
|
|
|
article = await Article.create();
|
|
|
|
|
article.id = 0;
|
|
|
|
|
article.allowedEdit = true;
|
|
|
|
|
} else {
|
|
|
|
|
article.allowedEdit = await article.isAllowedEditBy(res.locals.user);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
res.render('article_edit', {
|
|
|
|
|
article: article
|
|
|
|
|
});
|
|
|
|
|
} catch (e) {
|
|
|
|
|
syzoj.log(e);
|
|
|
|
|
res.render('error', {
|
|
|
|
|
err: e
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
app.post('/article/:id/edit', async (req, res) => {
|
|
|
|
|
try {
|
|
|
|
|
if (!res.locals.user) throw new ErrorMessage('请登录后继续。', { '登录': syzoj.utils.makeUrl(['login'], { 'url': req.originalUrl }) });
|
|
|
|
|
|
|
|
|
|
let id = parseInt(req.params.id);
|
|
|
|
|
let article = await Article.fromID(id);
|
|
|
|
|
|
|
|
|
|
let time = syzoj.utils.getCurrentDate();
|
|
|
|
|
if (!article) {
|
|
|
|
|
article = await Article.create();
|
|
|
|
|
article.user_id = res.locals.user.id;
|
|
|
|
|
article.public_time = article.sort_time = time;
|
|
|
|
|
} else {
|
|
|
|
|
if (!await article.isAllowedEditBy(res.locals.user)) throw new ErrorMessage('您没有权限进行此操作。');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!req.body.title.trim()) throw new ErrorMessage('标题不能为空。');
|
|
|
|
|
article.title = req.body.title;
|
|
|
|
|
article.content = req.body.content;
|
|
|
|
|
article.update_time = time;
|
|
|
|
|
article.is_notice = res.locals.user && res.locals.user.is_admin && req.body.is_notice === 'on';
|
|
|
|
|
|
|
|
|
|
await article.save();
|
|
|
|
|
|
|
|
|
|
res.redirect(syzoj.utils.makeUrl(['article', article.id]));
|
|
|
|
|
} catch (e) {
|
|
|
|
|
syzoj.log(e);
|
|
|
|
|
res.render('error', {
|
|
|
|
|
err: e
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
app.get('/article/:id/delete', async (req, res) => {
|
|
|
|
|
try {
|
|
|
|
|
if (!res.locals.user) throw new ErrorMessage('请登录后继续。', { '登录': syzoj.utils.makeUrl(['login'], { 'url': req.originalUrl }) });
|
|
|
|
|
|
|
|
|
|
let id = parseInt(req.params.id);
|
|
|
|
|
let article = await Article.fromID(id);
|
|
|
|
|
|
|
|
|
|
if (!article) {
|
|
|
|
|
throw new ErrorMessage('无此帖子。');
|
|
|
|
|
} else {
|
|
|
|
|
if (!await article.isAllowedEditBy(res.locals.user)) throw new ErrorMessage('您没有权限进行此操作。');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
await article.destroy();
|
|
|
|
|
|
|
|
|
|
res.redirect(syzoj.utils.makeUrl(['discussion']));
|
|
|
|
|
} catch (e) {
|
|
|
|
|
syzoj.log(e);
|
|
|
|
|
res.render('error', {
|
|
|
|
|
err: e
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
app.post('/article/:id/comment', async (req, res) => {
|
|
|
|
|
try {
|
|
|
|
|
if (!res.locals.user) throw new ErrorMessage('请登录后继续。', { '登录': syzoj.utils.makeUrl(['login'], { 'url': req.originalUrl }) });
|
|
|
|
|
|
|
|
|
|
let id = parseInt(req.params.id);
|
|
|
|
|
let article = await Article.fromID(id);
|
|
|
|
|
|
|
|
|
|
if (!article) {
|
|
|
|
|
throw new ErrorMessage('无此帖子。');
|
|
|
|
|
} else {
|
|
|
|
|
if (!await article.isAllowedCommentBy(res.locals.user)) throw new ErrorMessage('您没有权限进行此操作。');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let comment = await ArticleComment.create({
|
|
|
|
|
content: req.body.comment,
|
|
|
|
|
article_id: id,
|
|
|
|
|
user_id: res.locals.user.id,
|
|
|
|
|
public_time: syzoj.utils.getCurrentDate()
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
await comment.save();
|
|
|
|
|
|
|
|
|
|
res.redirect(syzoj.utils.makeUrl(['article', article.id]));
|
|
|
|
|
} catch (e) {
|
|
|
|
|
syzoj.log(e);
|
|
|
|
|
res.render('error', {
|
|
|
|
|
err: e
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
app.get('/article/:article_id/comment/:id/delete', async (req, res) => {
|
|
|
|
|
try {
|
|
|
|
|
if (!res.locals.user) throw new ErrorMessage('请登录后继续。', { '登录': syzoj.utils.makeUrl(['login'], { 'url': req.originalUrl }) });
|
|
|
|
|
|
|
|
|
|
let id = parseInt(req.params.id);
|
|
|
|
|
let comment = await ArticleComment.fromID(id);
|
|
|
|
|
|
|
|
|
|
if (!comment) {
|
|
|
|
|
throw new ErrorMessage('无此评论。');
|
|
|
|
|
} else {
|
|
|
|
|
if (!await comment.isAllowedEditBy(res.locals.user)) throw new ErrorMessage('您没有权限进行此操作。');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
await comment.destroy();
|
|
|
|
|
|
|
|
|
|
res.redirect(syzoj.utils.makeUrl(['article', comment.article_id]));
|
|
|
|
|
} catch (e) {
|
|
|
|
|
syzoj.log(e);
|
|
|
|
|
res.render('error', {
|
|
|
|
|
err: e
|
|
|
|
|
});
|
|
|
|
|
}
|
|
|
|
|
});
|
