summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorYannick Bungers2021-03-29 23:14:14 +0200
committerGitHub2021-03-29 23:14:14 +0200
commit3a60f069cb85f4a1ffbcd19f8ef33073b98994d9 (patch)
treeea58b9a7288a0b13f84e6c5fb40134840b9f8ac8 /lib
parentbede2530cfea4410515ea462d21304f3caecd746 (diff)
parentdcea082286ce5c41e50f70820c065c677a176fc7 (diff)
Merge pull request #1084 from hedgedoc/fix/double-freeurl-note-creation
Diffstat (limited to '')
-rw-r--r--lib/errors.js3
-rw-r--r--lib/web/note/util.js17
2 files changed, 18 insertions, 2 deletions
diff --git a/lib/errors.js b/lib/errors.js
index 950b4cae..599f54b2 100644
--- a/lib/errors.js
+++ b/lib/errors.js
@@ -20,6 +20,9 @@ module.exports = {
errorBadRequest: function (res) {
responseError(res, '400', 'Bad Request', 'something not right.')
},
+ errorConflict: function (res) {
+ responseError(res, '409', 'Conflict', 'This note already exists.')
+ },
errorTooLong: function (res) {
responseError(res, '413', 'Payload Too Large', 'Shorten your note!')
},
diff --git a/lib/web/note/util.js b/lib/web/note/util.js
index effeb41c..5df1e820 100644
--- a/lib/web/note/util.js
+++ b/lib/web/note/util.js
@@ -46,7 +46,7 @@ exports.checkViewPermission = function (req, note) {
}
}
-exports.newNote = function (req, res, body) {
+exports.newNote = async function (req, res, body) {
let owner = null
const noteId = req.params.noteId ? req.params.noteId : null
if (req.isAuthenticated()) {
@@ -60,6 +60,19 @@ exports.newNote = function (req, res, body) {
} else {
return req.method === 'POST' ? errors.errorForbidden(res) : errors.errorNotFound(res)
}
+ try {
+ const count = await models.Note.count({
+ where: {
+ alias: req.alias
+ }
+ })
+ if (count > 0) {
+ return errors.errorConflict(res)
+ }
+ } catch (err) {
+ logger.error('Error while checking for possible duplicate: ' + err)
+ return errors.errorInternalError(res)
+ }
}
models.Note.create({
ownerId: owner,
@@ -69,7 +82,7 @@ exports.newNote = function (req, res, body) {
}).then(function (note) {
return res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id)))
}).catch(function (err) {
- logger.error(err)
+ logger.error('Note could not be created: ' + err)
return errors.errorInternalError(res)
})
}