summaryrefslogtreecommitdiff
path: root/lib/web/note
diff options
context:
space:
mode:
authorDavid Mehren2019-10-27 13:51:53 +0100
committerDavid Mehren2019-10-27 13:51:53 +0100
commitf78540c3fbf109d6ccf2d92c5b1cf0148c88f722 (patch)
tree7f8b968b925b8b262cca0f4cd180027abc4b745e /lib/web/note
parent20a67e3446723231961043bffeb5a7b974e891c0 (diff)
Move note actions to their own file.
Because of circular import problems, this commit also moves the error messages from response.js to errors.js Signed-off-by: David Mehren <dmehren1@gmail.com>
Diffstat (limited to 'lib/web/note')
-rw-r--r--lib/web/note/actions.js187
-rw-r--r--lib/web/note/router.js32
-rw-r--r--lib/web/note/util.js67
3 files changed, 286 insertions, 0 deletions
diff --git a/lib/web/note/actions.js b/lib/web/note/actions.js
new file mode 100644
index 00000000..cfefc8d5
--- /dev/null
+++ b/lib/web/note/actions.js
@@ -0,0 +1,187 @@
+'use strict'
+
+const models = require('../../models')
+const logger = require('../../logger')
+const config = require('../../config')
+const error = require('../../errors')
+const fs = require('fs')
+const shortId = require('shortid')
+const markdownpdf = require('markdown-pdf')
+const moment = require('moment')
+const querystring = require('querystring')
+const noteUtil = require('./util')
+
+exports.doAction = function (req, res, next) {
+ const noteId = req.params.noteId
+ noteUtil.findNote(req, res, function (note) {
+ const action = req.params.action
+ switch (action) {
+ case 'publish':
+ case 'pretty': // pretty deprecated
+ actionPublish(req, res, note)
+ break
+ case 'slide':
+ actionSlide(req, res, note)
+ break
+ case 'download':
+ exports.actionDownload(req, res, note)
+ break
+ case 'info':
+ actionInfo(req, res, note)
+ break
+ case 'pdf':
+ if (config.allowPDFExport) {
+ actionPDF(req, res, note)
+ } else {
+ logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details')
+ error.errorForbidden(res)
+ }
+ break
+ case 'gist':
+ actionGist(req, res, note)
+ break
+ case 'revision':
+ actionRevision(req, res, note)
+ break
+ default:
+ return res.redirect(config.serverURL + '/' + noteId)
+ }
+ })
+}
+
+function actionPublish (req, res, note) {
+ res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid))
+}
+
+function actionSlide (req, res, note) {
+ res.redirect(config.serverURL + '/p/' + (note.alias || note.shortid))
+}
+
+exports.actionDownload = function (req, res, note) {
+ const body = note.content
+ let filename = models.Note.decodeTitle(note.title)
+ filename = encodeURIComponent(filename)
+ res.set({
+ 'Access-Control-Allow-Origin': '*', // allow CORS as API
+ 'Access-Control-Allow-Headers': 'Range',
+ 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range',
+ 'Content-Type': 'text/markdown; charset=UTF-8',
+ 'Cache-Control': 'private',
+ 'Content-disposition': 'attachment; filename=' + filename + '.md',
+ 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling
+ })
+ res.send(body)
+}
+
+function actionInfo (req, res, note) {
+ const body = note.content
+ const extracted = models.Note.extractMeta(body)
+ const markdown = extracted.markdown
+ const meta = models.Note.parseMeta(extracted.meta)
+ const createtime = note.createdAt
+ const updatetime = note.lastchangeAt
+ const title = models.Note.decodeTitle(note.title)
+ const data = {
+ title: meta.title || title,
+ description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null),
+ viewcount: note.viewcount,
+ createtime: createtime,
+ updatetime: updatetime
+ }
+ res.set({
+ 'Access-Control-Allow-Origin': '*', // allow CORS as API
+ 'Access-Control-Allow-Headers': 'Range',
+ 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range',
+ 'Cache-Control': 'private', // only cache by client
+ 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling
+ })
+ res.send(data)
+}
+
+function actionPDF (req, res, note) {
+ const url = config.serverURL || 'http://' + req.get('host')
+ const body = note.content
+ const extracted = models.Note.extractMeta(body)
+ let content = extracted.markdown
+ const title = models.Note.decodeTitle(note.title)
+
+ if (!fs.existsSync(config.tmpPath)) {
+ fs.mkdirSync(config.tmpPath)
+ }
+ const path = config.tmpPath + '/' + Date.now() + '.pdf'
+ content = content.replace(/\]\(\//g, '](' + url + '/')
+ markdownpdf().from.string(content).to(path, function () {
+ if (!fs.existsSync(path)) {
+ logger.error('PDF seems to not be generated as expected. File doesn\'t exist: ' + path)
+ return error.errorInternalError(res)
+ }
+ const stream = fs.createReadStream(path)
+ let filename = title
+ // Be careful of special characters
+ filename = encodeURIComponent(filename)
+ // Ideally this should strip them
+ res.setHeader('Content-disposition', 'attachment; filename="' + filename + '.pdf"')
+ res.setHeader('Cache-Control', 'private')
+ res.setHeader('Content-Type', 'application/pdf; charset=UTF-8')
+ res.setHeader('X-Robots-Tag', 'noindex, nofollow') // prevent crawling
+ stream.pipe(res)
+ fs.unlinkSync(path)
+ })
+}
+
+function actionGist (req, res, note) {
+ const data = {
+ client_id: config.github.clientID,
+ redirect_uri: config.serverURL + '/auth/github/callback/' + models.Note.encodeNoteId(note.id) + '/gist',
+ scope: 'gist',
+ state: shortId.generate()
+ }
+ const query = querystring.stringify(data)
+ res.redirect('https://github.com/login/oauth/authorize?' + query)
+}
+
+function actionRevision (req, res, note) {
+ const actionId = req.params.actionId
+ if (actionId) {
+ const time = moment(parseInt(actionId))
+ if (time.isValid()) {
+ models.Revision.getPatchedNoteRevisionByTime(note, time, function (err, content) {
+ if (err) {
+ logger.error(err)
+ return error.errorInternalError(res)
+ }
+ if (!content) {
+ return error.errorNotFound(res)
+ }
+ res.set({
+ 'Access-Control-Allow-Origin': '*', // allow CORS as API
+ 'Access-Control-Allow-Headers': 'Range',
+ 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range',
+ 'Cache-Control': 'private', // only cache by client
+ 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling
+ })
+ res.send(content)
+ })
+ } else {
+ return error.errorNotFound(res)
+ }
+ } else {
+ models.Revision.getNoteRevisions(note, function (err, data) {
+ if (err) {
+ logger.error(err)
+ return error.errorInternalError(res)
+ }
+ const out = {
+ revision: data
+ }
+ res.set({
+ 'Access-Control-Allow-Origin': '*', // allow CORS as API
+ 'Access-Control-Allow-Headers': 'Range',
+ 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range',
+ 'Cache-Control': 'private', // only cache by client
+ 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling
+ })
+ res.send(out)
+ })
+ }
+}
diff --git a/lib/web/note/router.js b/lib/web/note/router.js
new file mode 100644
index 00000000..e23b7f64
--- /dev/null
+++ b/lib/web/note/router.js
@@ -0,0 +1,32 @@
+'use strict'
+
+const Router = require('express').Router
+
+const response = require('../../response')
+
+const { markdownParser } = require('../utils')
+
+const router = module.exports = Router()
+
+const noteActions = require('./actions')
+
+// get new note
+router.get('/new', response.postNote)
+// post new note with content
+router.post('/new', markdownParser, response.postNote)
+// post new note with content and alias
+router.post('/new/:noteId', markdownParser, response.postNote)
+// get publish note
+router.get('/s/:shortid', response.showPublishNote)
+// publish note actions
+router.get('/s/:shortid/:action', response.publishNoteActions)
+// get publish slide
+router.get('/p/:shortid', response.showPublishSlide)
+// publish slide actions
+router.get('/p/:shortid/:action', response.publishSlideActions)
+// get note by id
+router.get('/:noteId', response.showNote)
+// note actions
+router.get('/:noteId/:action', noteActions.doAction)
+// note actions with action id
+router.get('/:noteId/:action/:actionId', noteActions.doAction)
diff --git a/lib/web/note/util.js b/lib/web/note/util.js
new file mode 100644
index 00000000..bda74ac4
--- /dev/null
+++ b/lib/web/note/util.js
@@ -0,0 +1,67 @@
+const models = require('../../models')
+const logger = require('../../logger')
+const config = require('../../config')
+const errors = require('../../errors')
+
+exports.findNote = function (req, res, callback, include) {
+ const id = req.params.noteId || req.params.shortid
+ models.Note.parseNoteId(id, function (err, _id) {
+ if (err) {
+ logger.error(err)
+ return errors.errorInternalError(res)
+ }
+ models.Note.findOne({
+ where: {
+ id: _id
+ },
+ include: include || null
+ }).then(function (note) {
+ if (!note) {
+ return exports.newNote(req, res, null)
+ }
+ if (!exports.checkViewPermission(req, note)) {
+ return errors.errorForbidden(res)
+ } else {
+ return callback(note)
+ }
+ }).catch(function (err) {
+ logger.error(err)
+ return errors.errorInternalError(res)
+ })
+ })
+}
+
+exports.checkViewPermission = function (req, note) {
+ if (note.permission === 'private') {
+ return !(!req.isAuthenticated() || note.ownerId !== req.user.id)
+ } else if (note.permission === 'limited' || note.permission === 'protected') {
+ return req.isAuthenticated()
+ } else {
+ return true
+ }
+}
+
+exports.newNote = function (req, res, body) {
+ let owner = null
+ const noteId = req.params.noteId ? req.params.noteId : null
+ if (req.isAuthenticated()) {
+ owner = req.user.id
+ } else if (!config.allowAnonymous) {
+ return errors.errorForbidden(res)
+ }
+ if (config.allowFreeURL && noteId && !config.forbiddenNoteIDs.includes(noteId)) {
+ req.alias = noteId
+ } else if (noteId) {
+ return req.method === 'POST' ? errors.errorForbidden(res) : errors.errorNotFound(res)
+ }
+ models.Note.create({
+ ownerId: owner,
+ alias: req.alias ? req.alias : null,
+ content: body
+ }).then(function (note) {
+ return res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id)))
+ }).catch(function (err) {
+ logger.error(err)
+ return errors.errorInternalError(res)
+ })
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 05:38:22 +0000