diff --git a/common/models/user.js b/common/models/user.js index 2c998f76e9..7d389f9b01 100644 --- a/common/models/user.js +++ b/common/models/user.js @@ -1,15 +1,6 @@ -var Rx = require('rx'); var debug = require('debug')('freecc:user:remote'); - -function destroyById(id, Model) { - return Rx.Observable.create(function(observer) { - Model.destroyById(id, function(err) { - if (err) { return observer.onError(err); } - observer.onCompleted(); - }); - return Rx.Disposable(Rx.helpers.noop); - }); -} +var blacklistedUsernames = + require('../../server/utils/constants').blacklistedUsernames; module.exports = function(User) { // NOTE(berks): user email validation currently not needed but build in. This @@ -17,9 +8,6 @@ module.exports = function(User) { // see: // https://github.com/strongloop/loopback/issues/1137#issuecomment-109200135 delete User.validations.email; - var app = User.app; - var UserIdentity = app.models.UserIdentity; - var UserCredential = app.models.UserCredential; debug('setting up user hooks'); // send verification email to new camper User.afterRemote('create', function(ctx, user, next) { @@ -103,6 +91,12 @@ module.exports = function(User) { }); } debug('checking existence'); + + // check to see if username is on blacklist + if (username && blacklistedUsernames.indexOf(username) !== -1) { + return cb(null, true); + } + var where = {}; if (username) { where.username = username.toLowerCase(); @@ -151,27 +145,4 @@ module.exports = function(User) { } } ); - - User.observe('after delete', function(ctx, next) { - debug('removing user', ctx.where); - var id = ctx.where && ctx.where.id ? ctx.where.id : null; - if (!id) { - return next(); - } - Rx.Observable.combineLatest( - destroyById(id, UserIdentity), - destroyById(id, UserCredential), - Rx.helpers.noop - ).subscribe( - Rx.helpers.noop, - function(err) { - debug('error deleting user %s stuff', id, err); - next(err); - }, - function() { - debug('user stuff deleted for user %s', id); - next(); - } - ); - }); }; diff --git a/server/boot/a-extendUser.js b/server/boot/a-extendUser.js index e69de29bb2..951705c650 100644 --- a/server/boot/a-extendUser.js +++ b/server/boot/a-extendUser.js @@ -0,0 +1,40 @@ +var Rx = require('rx'); +var debug = require('debug')('freecc:user:remote'); + +function destroyById(id, Model) { + return Rx.Observable.create(function(observer) { + Model.destroyById(id, function(err) { + if (err) { return observer.onError(err); } + observer.onCompleted(); + }); + return Rx.Disposable(Rx.helpers.noop); + }); +} + +module.exports = function(app) { + var User = app.models.User; + var UserIdentity = app.models.UserIdentity; + var UserCredential = app.models.UserCredential; + User.observe('after delete', function(ctx, next) { + debug('removing user', ctx.where); + var id = ctx.where && ctx.where.id ? ctx.where.id : null; + if (!id) { + return next(); + } + Rx.Observable.combineLatest( + destroyById(id, UserIdentity), + destroyById(id, UserCredential), + Rx.helpers.noop + ).subscribe( + Rx.helpers.noop, + function(err) { + debug('error deleting user %s stuff', id, err); + next(err); + }, + function() { + debug('user stuff deleted for user %s', id); + next(); + } + ); + }); +}; diff --git a/server/utils/constants.js b/server/utils/constants.js new file mode 100644 index 0000000000..49055b3477 --- /dev/null +++ b/server/utils/constants.js @@ -0,0 +1,39 @@ +exports.blacklistedUsernames = [ + 'bonfire', + 'account', + 'user', + 'challenge', + 'challenges', + 'completed-challenge', + 'completed-zipline-or-basejump', + 'completed-bonfire', + 'map', + 'learn-to-code', + 'about', + 'api', + 'explorer', + 'field-guide', + 'completed-field-guide', + 'jobs', + 'nonprofits', + 'api', + 'sitemap.xml', + 'get-help', + 'chat', + 'twitch', + 'get-pai', + 'get-help', + 'nonprofits', + 'nonproifts-form', + 'jobs-form', + 'unsubscribe', + 'unsubscribed', + 'cats.json', + 'agile', + 'privacy', + 'stories', + 'signin', + 'signout', + 'forgot', + 'reset' +];