From 5bdcc15e05ea60e12dc2bb459242b19dc0012f5b Mon Sep 17 00:00:00 2001 From: Nathan Date: Fri, 17 Apr 2015 20:32:46 -0400 Subject: [PATCH 1/3] Enable search --- package.json | 3 +-- views/stories/search-stories.jade | 5 +++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package.json b/package.json index 787a19c547..791058bf8c 100644 --- a/package.json +++ b/package.json @@ -11,8 +11,7 @@ }, "scripts": { "start": "node app.js", - "test": "mocha", - "postinstall": "node seed_data/seed.js" + "test": "mocha" }, "dependencies": { "accepts": "^1.2.5", diff --git a/views/stories/search-stories.jade b/views/stories/search-stories.jade index 84813fc470..cd46f95757 100644 --- a/views/stories/search-stories.jade +++ b/views/stories/search-stories.jade @@ -1,10 +1,11 @@ .col-xs-12 .spacer - h1.text-center Search is coming soon + h1.text-center Search is + h3 here! .input-group input#searchArea.big-text-field.field-responsive.form-control(type='text', placeholder='Search our links', autofocus) span.input-group-btn - button.disabled#searchbutton.btn.btn-big.btn-primary.btn-responsive(type='button') Search + button#searchbutton.btn.btn-big.btn-primary.btn-responsive(type='button') Search .spacer #story-list From 08bf658897bad23baab1784f0f97b20eb6d6b0f0 Mon Sep 17 00:00:00 2001 From: terakilobyte Date: Sun, 19 Apr 2015 03:36:54 -0400 Subject: [PATCH 2/3] Harden camper news and don't expose user object. Upvoting still needs to be looked at. --- .bowerrc | 4 +-- controllers/story.js | 33 +++++++++++++----- public/js/main.js | 56 +++++++++++------------------- views/partials/universal-head.jade | 1 + views/stories/comments.jade | 13 ++----- views/stories/index.jade | 11 +++--- views/stories/show.jade | 3 +- 7 files changed, 58 insertions(+), 63 deletions(-) diff --git a/.bowerrc b/.bowerrc index df63673773..5914c6f0de 100644 --- a/.bowerrc +++ b/.bowerrc @@ -1,3 +1,3 @@ { - "directory" : "public/js/lib" -} \ No newline at end of file + "directory" : "public/bower_components" +} diff --git a/controllers/story.js b/controllers/story.js index 34b8693890..507d255f9f 100644 --- a/controllers/story.js +++ b/controllers/story.js @@ -223,8 +223,8 @@ exports.upvote = function(req, res, next) { story.rank++; story.upVotes.push( { - upVotedBy: data.upVoter._id, - upVotedByUsername: data.upVoter.profile.username + upVotedBy: req.user._id, + upVotedByUsername: req.user.profile.username } ); story.markModified('rank'); @@ -314,7 +314,7 @@ exports.newStory = function(req, res, next) { exports.storySubmission = function(req, res, next) { var data = req.body.data; - if (req.user._id.toString() !== data.author.userId.toString()) { + if (!req.user) { return next(new Error('Not authorized')); } var storyLink = data.headline @@ -341,7 +341,12 @@ exports.storySubmission = function(req, res, next) { }).replace(/"/g, '"'), rank: 1, upVotes: data.upVotes, - author: data.author, + author: { + picture: req.user.profile.picture, + userId: req.user._id, + username: req.user.profile.username, + email: req.user.email + }, comments: [], image: data.image, storyLink: storyLink, @@ -361,7 +366,7 @@ exports.storySubmission = function(req, res, next) { exports.commentSubmit = function(req, res, next) { var data = req.body.data; - if (req.user._id.toString() !== data.author.userId.toString()) { + if (!req.user) { return next(new Error('Not authorized')); } var sanitizedBody = sanitizeHtml(data.body, @@ -378,11 +383,16 @@ exports.commentSubmit = function(req, res, next) { var comment = new Comment({ associatedPost: data.associatedPost, originalStoryLink: data.originalStoryLink, - originalStoryAuthorEmail: data.originalStoryAuthorEmail, + originalStoryAuthorEmail: req.user.email, body: sanitizedBody, rank: 0, upvotes: 0, - author: data.author, + author: { + picture: req.user.profile.picture, + userId: req.user._id, + username: req.user.profile.username, + email: req.user.email + }, comments: [], topLevel: true, commentOn: Date.now() @@ -393,7 +403,7 @@ exports.commentSubmit = function(req, res, next) { exports.commentOnCommentSubmit = function(req, res, next) { var data = req.body.data; - if (req.user._id.toString() !== data.author.userId.toString()) { + if (!req.user) { return next(new Error('Not authorized')); } @@ -415,7 +425,12 @@ exports.commentOnCommentSubmit = function(req, res, next) { upvotes: 0, originalStoryLink: data.originalStoryLink, originalStoryAuthorEmail: data.originalStoryAuthorEmail, - author: data.author, + author: { + picture: req.user.profile.picture, + userId: req.user._id, + username: req.user.profile.username, + email: req.user.email + }, comments: [], topLevel: false, commentOn: Date.now() diff --git a/public/js/main.js b/public/js/main.js index 8a31066a4b..8a7be2aa82 100644 --- a/public/js/main.js +++ b/public/js/main.js @@ -234,7 +234,7 @@ $(document).ready(function() { $('#upvote').unbind('click'); var alreadyUpvoted = false; for (var i = 0; i < upVotes.length; i++) { - if (upVotes[i].upVotedBy === user._id) { + if (upVotes[i].upVotedBy === B3BA669EC5C1DD70FB478221E067A7E1B686929C569F5E73561B69C8F42129B) { alreadyUpvoted = true; break; } @@ -243,8 +243,7 @@ $(document).ready(function() { $.post('/stories/upvote', { data: { - id: _id, - upVoter: user + id: _id } }) .fail(function (xhr, textStatus, errorThrown) { @@ -264,10 +263,7 @@ $(document).ready(function() { var link = $('#story-url').val(); var headline = $('#story-title').val(); var description = $('#description-box').val(); - var userDataForUpvote = { - upVotedBy: user._id, - upVotedByUsername: user.profile.username - }; + $('#story-submit').unbind('click'); $.post('/stories/', { @@ -277,15 +273,7 @@ $(document).ready(function() { timePosted: Date.now(), description: description, storyMetaDescription: storyMetaDescription, - originalStoryAuthorEmail: user.email, rank: 1, - upVotes: [userDataForUpvote], - author: { - picture: user.profile.picture, - email: user.email, - userId: user._id, - username: user.profile.username - }, comments: [], image: storyImage } @@ -311,14 +299,7 @@ $(document).ready(function() { data: { associatedPost: storyId, originalStoryLink: originalStoryLink, - originalStoryAuthorEmail: originalStoryAuthorEmail, - body: data, - author: { - picture: user.profile.picture, - userId: user._id, - username: user.profile.username, - email: user.email - } + body: data } }) .fail(function (xhr, textStatus, errorThrown) { @@ -332,7 +313,8 @@ $(document).ready(function() { $('#comment-button').on('click', commentSubmitButtonHandler); }); -var profileValidation = angular.module('profileValidation',['ui.bootstrap']); +var profileValidation = angular.module('profileValidation', + ['ui.bootstrap', 'ngLodash']); profileValidation.controller('profileValidationController', ['$scope', '$http', function($scope, $http) { $http.get('/account/api').success(function(data) { @@ -389,7 +371,7 @@ profileValidation.controller('submitStoryController', ['$scope', } ]); -profileValidation.directive('uniqueUsername',['$http',function($http) { +profileValidation.directive('uniqueUsername', ['$http', function($http) { return { restrict: 'A', require: 'ngModel', @@ -398,7 +380,7 @@ profileValidation.directive('uniqueUsername',['$http',function($http) { ngModel.$setValidity('unique', true); if (element.val()) { $http.get("/api/checkUniqueUsername/" + element.val()).success(function (data) { - if (element.val() == scope.storedUsername) { + if (element.val() === scope.storedUsername) { ngModel.$setValidity('unique', true); } else if (data) { ngModel.$setValidity('unique', false); @@ -407,10 +389,11 @@ profileValidation.directive('uniqueUsername',['$http',function($http) { } }); } - } + }; }]); -profileValidation.directive('existingUsername', ['$http', function($http) { +profileValidation.directive('existingUsername', + ['$http', 'lodash', function($http, lodash) { return { restrict: 'A', require: 'ngModel', @@ -423,15 +406,18 @@ profileValidation.directive('existingUsername', ['$http', function($http) { ngModel.$setPristine(); } if (element.val()) { - $http - .get("/api/checkExistingUsername/" + element.val()) - .success(function (data) { - ngModel.$setValidity('exists', data); - }); + var debo = lodash.debounce(function() { + $http + .get('/api/checkExistingUsername/' + element.val()) + .success(function (data) { + ngModel.$setValidity('exists', data); + }); + }, 2000); + debo(); } }); } - } + }; }]); profileValidation.directive('uniqueEmail', ['$http', function($http) { @@ -443,7 +429,7 @@ profileValidation.directive('uniqueEmail', ['$http', function($http) { ngModel.$setValidity('unique', true); if (element.val()) { $http.get("/api/checkUniqueEmail/" + encodeURIComponent(element.val())).success(function (data) { - if (element.val() == scope.storedEmail) { + if (element.val() === scope.storedEmail) { ngModel.$setValidity('unique', true); } else if (data) { ngModel.$setValidity('unique', false); diff --git a/views/partials/universal-head.jade b/views/partials/universal-head.jade index ad37165618..17ff9950d2 100644 --- a/views/partials/universal-head.jade +++ b/views/partials/universal-head.jade @@ -1,6 +1,7 @@ script(src="//ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js") script(src="//ajax.googleapis.com/ajax/libs/angularjs/1.3.11/angular.min.js") script(src="//cdnjs.cloudflare.com/ajax/libs/angular-ui-bootstrap/0.12.0/ui-bootstrap-tpls.min.js") +script(src="/bower_components/ng-lodash/build/ng-lodash.js") include meta title #{title} | Free Code Camp meta(charset='utf-8') diff --git a/views/stories/comments.jade b/views/stories/comments.jade index f21f43ac3a..3d8b424271 100644 --- a/views/stories/comments.jade +++ b/views/stories/comments.jade @@ -56,8 +56,9 @@ sentinel--; if (!sentinel) { $('.comment-a-comment').on('click', 'a', function () { - if (typeof user == "undefined" || !user) { - window.location.href = '/signin'; + if (!isLoggedIn) { + console.log('not logged in'); + //window.location.href = '/signin'; return; } $(this).unbind('click'); @@ -92,20 +93,12 @@ }); var submitCommentToCommentHandler = function submitCommentToCommentHandler() { $('#submit-comment-to-comment').unbind('click'); - console.log('in comments.jade', originalStoryAuthorEmail); $.post('/stories/comment/' + commentId + '/comment', { data: { associatedPost: commentId, originalStoryLink: originalStoryLink, - originalStoryAuthorEmail: originalStoryAuthorEmail, body: $('#comment-to-comment-textinput').val(), - author: { - picture: user.profile.picture, - userId: user._id, - username: user.profile.username, - email: user.email - } } }) .fail(function (xhr, textStatus, errorThrown) { diff --git a/views/stories/index.jade b/views/stories/index.jade index 19aa25dc5e..19cb055ec5 100644 --- a/views/stories/index.jade +++ b/views/stories/index.jade @@ -2,11 +2,12 @@ extends ../layout block content script(src='/js/lib/moment/moment.js') if (user) - script. - var user = !{JSON.stringify(user)}; + script. + var isLoggedIn = true; + var B3BA669EC5C1DD70FB478221E067A7E1B686929C569F5E73561B69C8F42129B = !{JSON.stringify(user._id)} else - script. - var user = undefined; + script. + var isLoggedIn = false; script. var challengeName = 'Camper News'; var page = !{JSON.stringify(page)}; @@ -32,4 +33,4 @@ block content if (page === 'storySubmission') include ./submit-story if (page === 'show') - include ./show \ No newline at end of file + include ./show diff --git a/views/stories/show.jade b/views/stories/show.jade index 0d093775c1..edb1e3c6b8 100644 --- a/views/stories/show.jade +++ b/views/stories/show.jade @@ -2,7 +2,6 @@ script. var storyId = !{JSON.stringify(id)}; var originalStoryLink = !{JSON.stringify(originalStoryLink)}; - var originalStoryAuthorEmail = !{JSON.stringify(originalStoryAuthorEmail)}; var comments = !{JSON.stringify(comments)}; var upVotes = !{JSON.stringify(upVotes)}; var image = !{JSON.stringify(image)}; @@ -58,7 +57,7 @@ $('#image-display').removeClass('hidden-element') } $('#reply-to-main-post').on('click', function() { - if (typeof user == "undefined" || !user) { + if (!isLoggedIn) { window.location.href = '/signin'; return; } From f396dad02906baea8324b2ffba9aaf0055f7bc2d Mon Sep 17 00:00:00 2001 From: terakilobyte Date: Sun, 19 Apr 2015 20:28:56 -0400 Subject: [PATCH 3/3] Fix upvote button on initial story submission. --- controllers/story.js | 5 ++++- views/stories/search-stories.jade | 3 +-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/controllers/story.js b/controllers/story.js index 507d255f9f..c434e4752a 100644 --- a/controllers/story.js +++ b/controllers/story.js @@ -340,7 +340,10 @@ exports.storySubmission = function(req, res, next) { allowedAttributes: [] }).replace(/"/g, '"'), rank: 1, - upVotes: data.upVotes, + upVotes: [({ + upVotedBy: req.user._id, + upVotedByUsername: req.user.profile.username + })], author: { picture: req.user.profile.picture, userId: req.user._id, diff --git a/views/stories/search-stories.jade b/views/stories/search-stories.jade index cd46f95757..f031eb0956 100644 --- a/views/stories/search-stories.jade +++ b/views/stories/search-stories.jade @@ -1,7 +1,6 @@ .col-xs-12 .spacer - h1.text-center Search is - h3 here! + h1.text-center Search .input-group input#searchArea.big-text-field.field-responsive.form-control(type='text', placeholder='Search our links', autofocus) span.input-group-btn