Fixed issues where community station owners could not edit/control their own room.

backend/logic/actions/hooks/csOwnerRequired.js

@@ -0,0 +1,30 @@
+const cache = require('../../cache');
+const db = require('../../db');
+const stations = require('../../stations');
+
+module.exports = function(next) {
+	return function(session, stationId) {
+		let args = [];
+		for (let prop in arguments) args.push(arguments[prop]);
+		let cb = args[args.length - 1];
+		cache.hget('sessions', session.sessionId, (err, session) => {
+			if (err || !session || !session.userId) return cb({ status: 'failure', message: 'Login required.' });
+			db.models.user.findOne({_id: session.userId}, (err, user) => {
+				if (err || !user) return cb({ status: 'failure', message: 'Login required.' });
+				if (user.role === 'admin') func();
+				else {
+					stations.getStation(stationId, (err, station) => {
+						if (err || !station) return cb({ status: 'failure', message: 'Something went wrong when getting the station.' });
+						else if (station.type === 'community' && station.owner === session.userId) func();
+						else return cb({ status: 'failure', message: 'Invalid permissions.' });
+					});
+				}
+
+				function func() {
+					args.push(session.userId);
+					next.apply(null, args);
+				}
+			});
+		});
+	}
+};

backend/logic/actions/hooks/index.js

@@ -2,5 +2,6 @@
 
 module.exports = {
 	loginRequired: require('./loginRequired'),
-	adminRequired: require('./adminRequired')
+	adminRequired: require('./adminRequired'),
+	csOwnerRequired: require('./csOwnerRequired'),
 };

backend/logic/actions/stations.js

@@ -186,7 +186,8 @@ module.exports = {
 									timePaused: station.timePaused,
 									description: station.description,
 									displayName: station.displayName,
-									privacy: station.privacy
+									privacy: station.privacy,
+									owner: station.owner
 								}
 							});
 						});
@@ -201,7 +202,8 @@ module.exports = {
 								timePaused: station.timePaused,
 								description: station.description,
 								displayName: station.displayName,
-								privacy: station.privacy
+								privacy: station.privacy,
+								owner: station.owner
 							}
 						});
 					}
@@ -248,7 +250,7 @@ module.exports = {
 		});
 	},*/
 
-	forceSkip: hooks.adminRequired((session, stationId, cb) => {
+	forceSkip: hooks.csOwnerRequired((session, stationId, cb) => {
 		stations.getStation(stationId, (err, station) => {
 
 			if (err && err !== true) {
@@ -294,7 +296,7 @@ module.exports = {
 		});
 	},
 
-	updateDisplayName: hooks.adminRequired((session, stationId, newDisplayName, cb) => {
+	updateDisplayName: hooks.csOwnerRequired((session, stationId, newDisplayName, cb) => {
 		db.models.station.update({_id: stationId}, {$set: {displayName: newDisplayName}}, (err) => {
 			if (err) return cb({ status: 'failure', message: 'Something went wrong when saving the station.' });
 			stations.updateStation(stationId, () => {
@@ -304,7 +306,7 @@ module.exports = {
 		});
 	}),
 
-	updateDescription: hooks.adminRequired((session, stationId, newDescription, cb) => {
+	updateDescription: hooks.csOwnerRequired((session, stationId, newDescription, cb) => {
 		db.models.station.update({_id: stationId}, {$set: {description: newDescription}}, (err) => {
 			if (err) return cb({ status: 'failure', message: 'Something went wrong when saving the station.' });
 			stations.updateStation(stationId, () => {
@@ -314,7 +316,7 @@ module.exports = {
 		});
 	}),
 
-	updatePrivacy: hooks.adminRequired((session, stationId, newPrivacy, cb) => {
+	updatePrivacy: hooks.csOwnerRequired((session, stationId, newPrivacy, cb) => {
 		db.models.station.update({_id: stationId}, {$set: {privacy: newPrivacy}}, (err) => {
 			if (err) return cb({ status: 'failure', message: 'Something went wrong when saving the station.' });
 			stations.updateStation(stationId, () => {
@@ -324,7 +326,7 @@ module.exports = {
 		});
 	}),
 
-	pause: hooks.adminRequired((session, stationId, cb) => {
+	pause: hooks.csOwnerRequired((session, stationId, cb) => {
 		stations.getStation(stationId, (err, station) => {
 			if (err && err !== true) {
 				return cb({ status: 'error', message: 'An error occurred while pausing the station' });
@@ -350,7 +352,7 @@ module.exports = {
 		});
 	}),
 
-	resume: hooks.adminRequired((session, stationId, cb) => {
+	resume: hooks.csOwnerRequired((session, stationId, cb) => {
 		stations.getStation(stationId, (err, station) => {
 			if (err && err !== true) {
 				return cb({ status: 'error', message: 'An error occurred while resuming the station' });
@@ -374,7 +376,7 @@ module.exports = {
 		});
 	}),
 
-	remove: hooks.adminRequired((session, stationId, cb) => {
+	remove: hooks.csOwnerRequired((session, stationId, cb) => {
 		db.models.station.remove({ _id: stationId });
 		cache.hdel('stations', stationId, () => {
 			return cb({ status: 'success', message: 'Station successfully removed' });
@@ -505,7 +507,7 @@ module.exports = {
 		});
 	}),
 
-	removeFromQueue: hooks.adminRequired((session, stationId, songId, cb, userId) => {
+	removeFromQueue: hooks.csOwnerRequired((session, stationId, songId, cb, userId) => {
 		stations.getStation(stationId, (err, station) => {
 			if (err) return cb(err);
 			if (station.type === 'community') {

backend/logic/io.js

@@ -92,11 +92,13 @@ module.exports = {
 						db.models.user.findOne({ _id: session.userId }, (err, user) => {
 							let role = '';
 							let username = '';
+							let userId = '';
 							if (user) {
 								role = user.role;
 								username = user.username;
+								userId = session.userId;
 							}
-							socket.emit('ready', true, role, username);
+							socket.emit('ready', true, role, username, userId);
 						});
 					} else socket.emit('ready', false);
 				})

frontend/App.vue

@@ -39,6 +39,7 @@
 				loggedIn: false,
 				role: '',
 				username: '',
+				userId: '',
 				isRegisterActive: false,
 				isLoginActive: false,
 				isCCSActive: false,
@@ -60,11 +61,12 @@
 		},
 		ready() {
 			let _this = this;
-			auth.getStatus((authenticated, role, username) => {
+			auth.getStatus((authenticated, role, username, userId) => {
 				_this.socket = window.socket;
 				_this.loggedIn = authenticated;
 				_this.role = role;
 				_this.username = username;
+				_this.userId = userId;
 			});
 			lofig.get('serverDomain', res => {
 				_this.serverDomain = res;

frontend/auth.js

@@ -5,20 +5,22 @@ export default {
 	ready: false,
 	authenticated: false,
 	username: '',
+	userId: '',
 	role: 'default',
 
 	getStatus: function (cb) {
-		if (this.ready) cb(this.authenticated, this.role, this.username);
+		if (this.ready) cb(this.authenticated, this.role, this.username, this.userId);
 		else callbacks.push(cb);
 	},
 
-	data: function (authenticated, role, username) {
+	data: function (authenticated, role, username, userId) {
 		this.authenticated = authenticated;
 		this.role = role;
 		this.username = username;
+		this.userId = userId;
 		this.ready = true;
 		callbacks.forEach(callback => {
-			callback(authenticated, role, username);
+			callback(authenticated, role, username, userId);
 		});
 		callbacks = [];
 	}

frontend/components/Station/CommunityHeader.vue

@@ -4,37 +4,27 @@
 			<a class="nav-item logo" href="#" v-link="{ path: '/' }" @click="this.$dispatch('leaveStation', title)">
 				Musare
 			</a>
-			<a class="nav-item" href="#" v-if="$parent.$parent.role === 'admin'" @click="$parent.toggleModal('editStation')">
+			<a class="nav-item" href="#" v-if="isOwner()" @click="$parent.toggleModal('editStation')">
 				<span class="icon">
 					<i class="material-icons">settings</i>
 				</span>
 			</a>
-			<a v-if="$parent.$parent.role === 'admin'" class="nav-item" href="#" @click="$parent.skipStation()">
+			<a v-if="isOwner()" class="nav-item" href="#" @click="$parent.skipStation()">
 				<span class="icon">
 					<i class="material-icons">skip_next</i>
 				</span>
 			</a>
-			<a v-if="$parent.$parent.role !== 'admin' && $parent.$parent.loggedIn" class="nav-item" href="#" @click="$parent.voteSkipStation()">
+			<a v-if="!isOwner()' && $parent.$parent.loggedIn" class="nav-item" href="#" @click="$parent.voteSkipStation()">
 				<span class="icon">
 					<i class="material-icons">skip_next</i>
 				</span>
 			</a>
-			<a class="nav-item" href="#" v-if="$parent.$parent.role === 'admin' && $parent.locked" @click="$parent.unlockStation()">
-				<span class="icon">
-					<i class="material-icons">lock_outline</i>
-				</span>
-			</a>
-			<a class="nav-item" href="#" v-if="$parent.$parent.role === 'admin' && !$parent.locked" @click="$parent.lockStation()">
-				<span class="icon">
-					<i class="material-icons">lock_open</i>
-				</span>
-			</a>
-			<a class="nav-item" href="#" v-if="$parent.$parent.role === 'admin' && $parent.paused" @click="$parent.resumeStation()">
+			<a class="nav-item" href="#" v-if="isOwner() && $parent.paused" @click="$parent.resumeStation()">
 				<span class="icon">
 					<i class="material-icons">play_arrow</i>
 				</span>
 			</a>
-			<a class="nav-item" href="#" v-if="$parent.$parent.role === 'admin' && !$parent.paused" @click="$parent.pauseStation()">
+			<a class="nav-item" href="#" v-if="isOwner() && !$parent.paused" @click="$parent.pauseStation()">
 				<span class="icon">
 					<i class="material-icons">pause</i>
 				</span>
@@ -87,6 +77,9 @@
 		methods: {
 			toggleMobileMenu: function() {
 				this.isActive = !this.isActive;
+			},
+			isOwner: function() {
+				return this.$parent.$parent.role === 'admin' || this.$parent.$parent.userId === this.$parent.station.owner
 			}
 		}
 	}

frontend/components/Station/OfficialHeader.vue

@@ -24,16 +24,6 @@
 					<i class="material-icons">skip_next</i>
 				</span>
 			</a>
-			<a class="nav-item" href="#" v-if="$parent.$parent.role === 'admin' && $parent.locked" @click="$parent.unlockStation()">
-				<span class="icon">
-					<i class="material-icons">lock_outline</i>
-				</span>
-			</a>
-			<a class="nav-item" href="#" v-if="$parent.$parent.role === 'admin' && !$parent.locked" @click="$parent.lockStation()">
-				<span class="icon">
-					<i class="material-icons">lock_open</i>
-				</span>
-			</a>
 			<a class="nav-item" href="#" v-if="$parent.$parent.role === 'admin' && $parent.paused" @click="$parent.resumeStation()">
 				<span class="icon">
 					<i class="material-icons">play_arrow</i>

frontend/components/Station/Station.vue

@@ -301,7 +301,8 @@
 							_this.station = {
 								displayName: res.data.displayName,
 								description: res.data.description,
-								privacy: res.data.privacy
+								privacy: res.data.privacy,
+								owner: res.data.owner
 							};
 							_this.currentSong = (res.data.currentSong) ? res.data.currentSong : {};
 							_this.type = res.data.type;

frontend/main.js

@@ -20,8 +20,8 @@ let _this = this;
 lofig.folder = '../config/default.json';
 lofig.get('serverDomain', function(res) {
 	let socket = window.socket = io(res);
-	socket.on("ready", (status, role, username) => {
-		auth.data(status, role, username);
+	socket.on("ready", (status, role, username, userId) => {
+		auth.data(status, role, username, userId);
 	});
 });