Moved checks from core to form_validation.

Signed-off-by: Armored Dragon <publicmail@armoreddragon.com>

backend/core/core.js

@@ -235,21 +235,19 @@ async function editPost({ requester_id, post_id, post_content }) {
   let user = await getUser({ user_id: requester_id });
   let post = await getPost({ post_id: post_id });
 
-  if (!user.success) return _r(false, post.message || "User not found");
+  // Validate the post content
-  user = user.data;
+  let validated_post = validate.patchPost(post_content, user, post);
-  if (!post.success) return _r(false, post.message || "Post not found");
+  if (!validated_post.success) return _r(false, validated_post.message);
-  post = post.data;
+
+  user = validated_post.data.user;
+  post = validated_post.data.post;
+  validated_post = validated_post.data.post_formatted;
 
   // Check if the user can preform the action
   const can_act = permissions.patchPost(post, user);
   if (!can_act.success) return _r(false, can_act.message);
 
-  // Validate the post content
+  // Handle tags ----------
-  let validated_post = validate.patchPost(post_content);
-  if (!validated_post.success) return _r(false, can_act.message);
-  validated_post = validated_post.data;
-
-  // Handle tags ----
   let database_tag_list = [];
   const existing_tags = post.tags?.map((tag) => ({ name: tag })) || [];
 
@@ -331,13 +329,16 @@ async function updateBiography({ requester_id, author_id, biography_content }) {
   let user = await getUser({ user_id: requester_id });
   let biography = await getBiography({ author_id: author_id });
 
-  if (!user.success) return _r(false, user.message || "Author not found");
+  // Validate post ----------
-  user = user.data;
+  let formatted_biography = validate.patchBiography(biography_content, user, biography);
-  if (!biography.success) return _r(false, biography.message || "Post not found");
+  if (!formatted_biography.success) return _r(false, formatted_biography.message);
-  biography = biography.data;
 
-  // Permission check
+  user = formatted_biography.data.user;
-  const can_act = permissions.patchBiography(biography_content, user);
+  biography = formatted_biography.data.biography;
+  biography_content = formatted_biography.data.biography_content;
+
+  // Permission check ----------
+  const can_act = permissions.patchBiography(biography_content, user, biography);
   if (!can_act.success) return _r(false, "User not permitted");
 
   let formatted = {

backend/form_validation.js

@@ -19,11 +19,14 @@ function newUser({ username, password } = {}) {
   return _r(true);
 }
 
-function patchPost(post_content) {
+function patchPost(post_content, user, post) {
   let post_formatted = {}; // The formatted post content object that will be returned upon success
   let publish_date; // Time and date the post should be made public
   let tags = []; // An array of tags for the post
 
+  if (!user.success) return _r(false, "User not found");
+  if (!post.success) return _r(false, "Post not found");
+
   // Get the publish date in a standard format
   const [year, month, day] = post_content.date.split("-");
   const [hour, minute] = post_content.time.split(":");
@@ -56,7 +59,14 @@ function patchPost(post_content) {
     publish_date: publish_date,
   };
 
-  return _r(true, null, post_formatted);
+  return _r(true, null, { post_formatted: post_formatted, user: user.data, post: post.data });
+}
+
+function patchBiography(biography_content, user, biography) {
+  if (!user.success) return _r(false, "User not found");
+  if (!biography.success) return _r(false, "Post not found");
+
+  return _r(true, null, { biography_content: biography_content, user: user.data, biography: biography.data });
 }
 
 //  Helper functions --------------------
@@ -68,4 +78,4 @@ function _r(s, m, d) {
   return { success: s, message: m ? m || "Unknown error" : undefined, data: d };
 }
 
-module.exports = { newUser, patchPost };
+module.exports = { newUser, patchPost, patchBiography };