From c711b41fa0400961115ce80637211866e1f575f9 Mon Sep 17 00:00:00 2001 From: MrRenter Date: Fri, 17 Apr 2015 22:33:07 -0400 Subject: [PATCH 1/5] Added code to display edit button next to discuss button when viewing a story. Button will vanish if comment was posted > 10 minutes --- views/stories/comments.jade | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/views/stories/comments.jade b/views/stories/comments.jade index f21f43ac3a..ae2b051d06 100644 --- a/views/stories/comments.jade +++ b/views/stories/comments.jade @@ -21,7 +21,10 @@ success: function (data, textStatus, xhr) { commentDetails = data; var div = document.createElement('div'); - + var editButton = ""; + if ((Date.now() - commentDetails.commentOn) < 600000){ + editButton = "Edit · "; + } $(div) .html( '
' + @@ -36,6 +39,7 @@ '
' + '
' + "Reply · " + + editButton + "commented " + moment(commentDetails.commentOn).fromNow() + " by " + "@" + commentDetails.author.username + "" + '
' + From 47bb301a9112c305f102caf39c888075e97d2247 Mon Sep 17 00:00:00 2001 From: MrRenter Date: Fri, 17 Apr 2015 22:36:09 -0400 Subject: [PATCH 2/5] Made it so edit will only be displayed for the user. Since its on client side (following practices used) a final check should be used when actually saving edit to db --- views/stories/comments.jade | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/views/stories/comments.jade b/views/stories/comments.jade index ae2b051d06..a47a969c95 100644 --- a/views/stories/comments.jade +++ b/views/stories/comments.jade @@ -22,8 +22,10 @@ commentDetails = data; var div = document.createElement('div'); var editButton = ""; - if ((Date.now() - commentDetails.commentOn) < 600000){ - editButton = "Edit · "; + if (commentDetails.author.username === user.profile.username){ + if ((Date.now() - commentDetails.commentOn) < 600000){ + editButton = "Edit · "; + } } $(div) .html( From 349dbbc2af22bfc1304154b6b3b7159461baa3e2 Mon Sep 17 00:00:00 2001 From: MrRenter Date: Sat, 18 Apr 2015 02:40:48 -0400 Subject: [PATCH 3/5] Added functuality to the edit button. Added router to /commets/:id/edit as well as commentEdit method in story js. --- app.js | 5 +++++ controllers/story.js | 35 ++++++++++++++++++++++++++++++++ views/stories/comments.jade | 40 +++++++++++++++++++++++++++++++++---- 3 files changed, 76 insertions(+), 4 deletions(-) mode change 100644 => 100755 app.js mode change 100644 => 100755 controllers/story.js mode change 100644 => 100755 views/stories/comments.jade diff --git a/app.js b/app.js old mode 100644 new mode 100755 index f03046711b..eadf61888e --- a/app.js +++ b/app.js @@ -470,6 +470,11 @@ app.post( storyController.commentOnCommentSubmit ); +app.post( + '/stories/comment/:id/edit', + storyController.commentEdit +); + app.get( '/stories/submit', storyController.submitNew diff --git a/controllers/story.js b/controllers/story.js old mode 100644 new mode 100755 index 34b8693890..4ab8351393 --- a/controllers/story.js +++ b/controllers/story.js @@ -423,6 +423,41 @@ exports.commentOnCommentSubmit = function(req, res, next) { commentSave(comment, Comment, res, next); }; +exports.commentEdit = function(req, res, next){ + if (req.user._id.toString() !== req.body.data.author.userId.toString()) { + return next(new Error('Not authorized')); + } + + var data = req.params.id; + var sanitizedBody = sanitizeHtml(req.body.data.body,{ + allowedTags: [], + allowedAttributes: [] + }).replace(/"/g, '"'); + if (req.body.data.body !== sanitizedBody) { + req.flash('errors', { + msg: 'HTML is not allowed' + }); + return res.send(true); + } + + Comment.find({'_id': data}, function(err, cmt) { + if (err) { + return next(err); + } + cmt = cmt.pop(); + cmt.body = sanitizedBody; + cmt.commentOn = Date.now(); + cmt.save(function (err) { + if (err) { + return next(err); + } + res.send(true); + }); + //commentSave(comment, Comment, res, next); + }); + +}; + function commentSave(comment, Context, res, next) { comment.save(function(err, data) { if (err) { diff --git a/views/stories/comments.jade b/views/stories/comments.jade old mode 100644 new mode 100755 index a47a969c95..43d1701288 --- a/views/stories/comments.jade +++ b/views/stories/comments.jade @@ -24,7 +24,7 @@ var editButton = ""; if (commentDetails.author.username === user.profile.username){ if ((Date.now() - commentDetails.commentOn) < 600000){ - editButton = "Edit · "; + editButton = "Edit · "; } } $(div) @@ -61,7 +61,12 @@ complete: function () { sentinel--; if (!sentinel) { - $('.comment-a-comment').on('click', 'a', function () { + $('.comment-a-comment').on('click', 'a', function() { + alert($(this).hasClass("edit-btn")); + var editOrComment = 'comment'; + if ($(this).hasClass("edit-btn")){ + editOrComment = 'edit'; + } if (typeof user == "undefined" || !user) { window.location.href = '/signin'; return; @@ -77,7 +82,7 @@ "
" + "" + "" + - "" + + "" + "" + "
" + "
" + @@ -122,9 +127,36 @@ }); }; + var submitCommentForEditToCommentHandler = function submitCommentForEditToCommentHandler() { + $('#submit-comment-to-edit').unbind('click'); + console.log('in comments.jade', originalStoryAuthorEmail); + $.post('/stories/comment/' + commentId + '/edit', + { + data: { + associatedPost: commentId, + originalStoryLink: originalStoryLink, + originalStoryAuthorEmail: originalStoryAuthorEmail, + body: $('#comment-to-comment-textinput').val(), + author: { + picture: user.profile.picture, + userId: user._id, + username: user.profile.username, + email: user.email + } + } + }) + .fail(function (xhr, textStatus, errorThrown) { + $('#submit-comment-to-edit').bind('click', submitCommentForEditToCommentHandler); + }) + .done(function (data, textStatus, xhr) { + window.location.reload(); + }); + }; + + $('#submit-comment-to-edit').on('click', submitCommentForEditToCommentHandler) $('#submit-comment-to-comment').on('click', submitCommentToCommentHandler); - });// + }); } } }) From 790a4f941d3239c47f1282c540125c40536bf8e9 Mon Sep 17 00:00:00 2001 From: MrRenter Date: Sat, 18 Apr 2015 02:46:16 -0400 Subject: [PATCH 4/5] Removed alert and added server side check for 10minutes --- controllers/story.js | 21 +++++++++++++-------- views/stories/comments.jade | 1 - 2 files changed, 13 insertions(+), 9 deletions(-) diff --git a/controllers/story.js b/controllers/story.js index 4ab8351393..24b11ddba9 100755 --- a/controllers/story.js +++ b/controllers/story.js @@ -445,15 +445,20 @@ exports.commentEdit = function(req, res, next){ return next(err); } cmt = cmt.pop(); - cmt.body = sanitizedBody; - cmt.commentOn = Date.now(); - cmt.save(function (err) { - if (err) { - return next(err); - } - res.send(true); + var rightNow = Date.now(); + if ((rightNow - cmt.commentOn) < 600000){ + cmt.body = sanitizedBody; + cmt.commentOn = Date.now(); + cmt.save(function (err) { + if (err) { + return next(err); + } + res.send(true); + }); + } + req.flash('errors', { + msg: 'Comment is too old to edit' }); - //commentSave(comment, Comment, res, next); }); }; diff --git a/views/stories/comments.jade b/views/stories/comments.jade index 43d1701288..15d0b2deaf 100755 --- a/views/stories/comments.jade +++ b/views/stories/comments.jade @@ -62,7 +62,6 @@ sentinel--; if (!sentinel) { $('.comment-a-comment').on('click', 'a', function() { - alert($(this).hasClass("edit-btn")); var editOrComment = 'comment'; if ($(this).hasClass("edit-btn")){ editOrComment = 'edit'; From b2f18a790af5cd63c52aaa3e767c700866ee085b Mon Sep 17 00:00:00 2001 From: MrRenter Date: Sat, 18 Apr 2015 11:53:46 -0400 Subject: [PATCH 5/5] Changed from post to put for since updating not creatings --- app.js | 2 +- controllers/story.js | 8 +++++--- views/stories/comments.jade | 20 +++++++++++--------- 3 files changed, 17 insertions(+), 13 deletions(-) diff --git a/app.js b/app.js index eadf61888e..a40b25f074 100755 --- a/app.js +++ b/app.js @@ -470,7 +470,7 @@ app.post( storyController.commentOnCommentSubmit ); -app.post( +app.put( '/stories/comment/:id/edit', storyController.commentEdit ); diff --git a/controllers/story.js b/controllers/story.js index 24b11ddba9..8b12c12ca9 100755 --- a/controllers/story.js +++ b/controllers/story.js @@ -424,16 +424,18 @@ exports.commentOnCommentSubmit = function(req, res, next) { }; exports.commentEdit = function(req, res, next){ - if (req.user._id.toString() !== req.body.data.author.userId.toString()) { + //console.log(JSON.stringify(req)); + console.log(JSON.stringify(req.body)); + if (req.user._id.toString() !== req.body.author.userId.toString()) { return next(new Error('Not authorized')); } var data = req.params.id; - var sanitizedBody = sanitizeHtml(req.body.data.body,{ + var sanitizedBody = sanitizeHtml(req.body.body,{ allowedTags: [], allowedAttributes: [] }).replace(/"/g, '"'); - if (req.body.data.body !== sanitizedBody) { + if (req.body.body !== sanitizedBody) { req.flash('errors', { msg: 'HTML is not allowed' }); diff --git a/views/stories/comments.jade b/views/stories/comments.jade index 15d0b2deaf..34f25b7b8b 100755 --- a/views/stories/comments.jade +++ b/views/stories/comments.jade @@ -129,8 +129,10 @@ var submitCommentForEditToCommentHandler = function submitCommentForEditToCommentHandler() { $('#submit-comment-to-edit').unbind('click'); console.log('in comments.jade', originalStoryAuthorEmail); - $.post('/stories/comment/' + commentId + '/edit', - { + + $.ajax({ + type: "PUT", + url: '/stories/comment/' + commentId + '/edit', data: { associatedPost: commentId, originalStoryLink: originalStoryLink, @@ -142,15 +144,15 @@ username: user.profile.username, email: user.email } + }, + dataType: "json", + success: function (msg) { + window.location.reload(); + }, + error: function (err){ + $('#submit-comment-to-edit').bind('click', submitCommentForEditToCommentHandler); } - }) - .fail(function (xhr, textStatus, errorThrown) { - $('#submit-comment-to-edit').bind('click', submitCommentForEditToCommentHandler); - }) - .done(function (data, textStatus, xhr) { - window.location.reload(); }); - }; $('#submit-comment-to-edit').on('click', submitCommentForEditToCommentHandler)