diff --git a/backend/core/core.js b/backend/core/core.js index 0c66da4..0c35ea1 100644 --- a/backend/core/core.js +++ b/backend/core/core.js @@ -235,21 +235,19 @@ async function editPost({ requester_id, post_id, post_content }) { let user = await getUser({ user_id: requester_id }); let post = await getPost({ post_id: post_id }); - if (!user.success) return _r(false, post.message || "User not found"); - user = user.data; - if (!post.success) return _r(false, post.message || "Post not found"); - post = post.data; + // Validate the post content + let validated_post = validate.patchPost(post_content, user, post); + if (!validated_post.success) return _r(false, validated_post.message); + + user = validated_post.data.user; + post = validated_post.data.post; + validated_post = validated_post.data.post_formatted; // Check if the user can preform the action const can_act = permissions.patchPost(post, user); if (!can_act.success) return _r(false, can_act.message); - // Validate the post content - let validated_post = validate.patchPost(post_content); - if (!validated_post.success) return _r(false, can_act.message); - validated_post = validated_post.data; - - // Handle tags ---- + // Handle tags ---------- let database_tag_list = []; const existing_tags = post.tags?.map((tag) => ({ name: tag })) || []; @@ -331,13 +329,16 @@ async function updateBiography({ requester_id, author_id, biography_content }) { let user = await getUser({ user_id: requester_id }); let biography = await getBiography({ author_id: author_id }); - if (!user.success) return _r(false, user.message || "Author not found"); - user = user.data; - if (!biography.success) return _r(false, biography.message || "Post not found"); - biography = biography.data; + // Validate post ---------- + let formatted_biography = validate.patchBiography(biography_content, user, biography); + if (!formatted_biography.success) return _r(false, formatted_biography.message); - // Permission check - const can_act = permissions.patchBiography(biography_content, user); + user = formatted_biography.data.user; + biography = formatted_biography.data.biography; + biography_content = formatted_biography.data.biography_content; + + // Permission check ---------- + const can_act = permissions.patchBiography(biography_content, user, biography); if (!can_act.success) return _r(false, "User not permitted"); let formatted = { diff --git a/backend/form_validation.js b/backend/form_validation.js index 686d628..3e5f38c 100644 --- a/backend/form_validation.js +++ b/backend/form_validation.js @@ -19,11 +19,14 @@ function newUser({ username, password } = {}) { return _r(true); } -function patchPost(post_content) { +function patchPost(post_content, user, post) { let post_formatted = {}; // The formatted post content object that will be returned upon success let publish_date; // Time and date the post should be made public let tags = []; // An array of tags for the post + if (!user.success) return _r(false, "User not found"); + if (!post.success) return _r(false, "Post not found"); + // Get the publish date in a standard format const [year, month, day] = post_content.date.split("-"); const [hour, minute] = post_content.time.split(":"); @@ -56,7 +59,14 @@ function patchPost(post_content) { publish_date: publish_date, }; - return _r(true, null, post_formatted); + return _r(true, null, { post_formatted: post_formatted, user: user.data, post: post.data }); +} + +function patchBiography(biography_content, user, biography) { + if (!user.success) return _r(false, "User not found"); + if (!biography.success) return _r(false, "Post not found"); + + return _r(true, null, { biography_content: biography_content, user: user.data, biography: biography.data }); } // Helper functions -------------------- @@ -68,4 +78,4 @@ function _r(s, m, d) { return { success: s, message: m ? m || "Unknown error" : undefined, data: d }; } -module.exports = { newUser, patchPost }; +module.exports = { newUser, patchPost, patchBiography };