});
});
function respondForum (req, res) {
var forum = expose(keys)(req.forum);
if (req.user) {
forum.privileges = privileges.all(req.forum, req.user);
} else {
forum.privileges = {};
}
return res.status(200).json(forum);
}
app.get('/forum',
middlewares.findForumByName,
middlewares.privileges('canView'),
respondForum
);
app.get('/forum/:id',
middlewares.findForum,
middlewares.privileges('canView'),
respondForum
);
app.get('/forum/:id/permissions',
restrict,
middlewares.findForum,
middlewares.privileges('canEdit'),
function (req, res) {
if (!mongoose.Types.ObjectId.isValid(req.params.id)) {
if (!topic.forum) {
log('Error finding forum of comment: %s', topic.forum)
return res.status(500).send()
}
api.forum.findById(topic.forum, function (_err, forum) {
if (_err || !forum) return _handleError(_err, req, res)
req.forum = forum
next()
})
})
})
})
app.post('/comment/:id/reply', restrict, privileges('canVoteAndComment'), function (req, res) {
log('Request /comment/%s/reply %j', req.params.id, req.body.reply)
var reply = req.body.reply
reply.author = req.user
api.comment.reply(req.params.id, reply, function (err, replyDoc) {
if (err) return _handleError(err, req, res)
log('Serving reply %j', replyDoc)
var keys = [
'id createdAt text',
'author.id author.fullName author.avatar'
].join(' ')
res.json(expose(keys)(replyDoc))