diff --git a/src/controllers/PostsController.ts b/src/controllers/PostsController.ts index 0fe50dc..8d967ed 100644 --- a/src/controllers/PostsController.ts +++ b/src/controllers/PostsController.ts @@ -78,6 +78,19 @@ export class PostsController { await this.SendMultiplePosts(h, posts); } + /** + * Get information about a single post + * + * @param h Request handler + */ + public static async GetSingle(h: RequestHandler) { + const postID = await h.postPostIDWithAccess("postID"); + + const post = await PostsHelper.GetSingle(postID); + + h.send(await this.PostToAPI(h, post)); + } + /** * Send multiple posts to the API diff --git a/src/controllers/Routes.ts b/src/controllers/Routes.ts index 8752a40..0b41584 100644 --- a/src/controllers/Routes.ts +++ b/src/controllers/Routes.ts @@ -190,6 +190,8 @@ export const Routes : Route[] = [ {path: "/posts/get_latest", cb: (h) => PostsController.GetLatest(h)}, + {path: "/posts/get_single", cb: (h) => PostsController.GetSingle(h), needLogin: false}, + // Notifications controller diff --git a/src/entities/RequestHandler.ts b/src/entities/RequestHandler.ts index 9948aef..d639a49 100644 --- a/src/entities/RequestHandler.ts +++ b/src/entities/RequestHandler.ts @@ -11,6 +11,8 @@ import { GroupsAccessLevel } from "./Group"; import { GroupsHelper } from "../helpers/GroupsHelper"; import { checkVirtualDirectory } from "../utils/VirtualDirsUtils"; import { FriendsHelper } from "../helpers/FriendsHelper"; +import { PostsHelper } from "../helpers/PostsHelper"; +import { PostAccessLevel } from "./Post"; /** * Response to a request @@ -274,6 +276,37 @@ export class RequestHandler { return groupID; } + /** + * Get the ID of post included in a POST request + * + * @param name The name of the POST field containing the id of the target post + */ + public async postPostID(name: string) : Promise { + const postID = this.postInt(name); + + if(postID < 1) + this.error(400, "Invalid post ID!"); + + if(!await PostsHelper.Exists(postID)) + this.error(404, "Specified post does not exists!"); + + return postID; + } + + /** + * Get the ID of a post a user has access to + * + * @param name The name of the POST field containing the ID of the target post + */ + public async postPostIDWithAccess(name: string) : Promise { + const postID = await this.postPostID(name); + + if(await PostsHelper.GetAccessLevelFromPostID(this.optionnalUserID, postID) == PostAccessLevel.NO_ACCESS) + this.error(401, "Your are not allowed to access this post information!"); + + return postID; + } + /** * Get a virtual directory included in a POST request * diff --git a/src/helpers/PostsHelper.ts b/src/helpers/PostsHelper.ts index 352ed96..714d049 100644 --- a/src/helpers/PostsHelper.ts +++ b/src/helpers/PostsHelper.ts @@ -230,6 +230,37 @@ export class PostsHelper { return results.map((r) => this.DBToPost(r)); } + /** + * Get information about a single post + * + * @param postID Target post ID + */ + public static async GetSingle(postID: number) : Promise { + const row = await DatabaseHelper.QueryRow({ + table: TABLE_NAME, + where: { + ID: postID + } + }); + + if(row == null) + throw new Error("Post " + postID + " not found!"); + + return this.DBToPost(row); + } + + /** + * Get the access level of a user over a post + * + * This is a convenience function + * + * @param userID Target user ID + * @param postID Target post ID + */ + public static async GetAccessLevelFromPostID(userID: number, postID: number) : Promise { + return await this.GetAccessLevel(userID, await this.GetSingle(postID)); + } + /** * Get the access level of a user over a post * @@ -312,6 +343,20 @@ export class PostsHelper { return !post.isUserPage || await UserHelper.AllowComments(post.userPageID); } + /** + * Check out whether a post exists or not + * + * @param postID The id of the post to check + */ + public static async Exists(postID: number) : Promise { + return await DatabaseHelper.Count({ + table: TABLE_NAME, + where: { + ID: postID + } + }) > 0; + } + /** * Turn a database entry into a row object *