diff options
author | Yannick Bungers | 2021-03-29 23:14:14 +0200 |
---|---|---|
committer | GitHub | 2021-03-29 23:14:14 +0200 |
commit | 3a60f069cb85f4a1ffbcd19f8ef33073b98994d9 (patch) | |
tree | ea58b9a7288a0b13f84e6c5fb40134840b9f8ac8 /lib | |
parent | bede2530cfea4410515ea462d21304f3caecd746 (diff) | |
parent | dcea082286ce5c41e50f70820c065c677a176fc7 (diff) |
Merge pull request #1084 from hedgedoc/fix/double-freeurl-note-creation
Diffstat (limited to '')
-rw-r--r-- | lib/errors.js | 3 | ||||
-rw-r--r-- | lib/web/note/util.js | 17 |
2 files changed, 18 insertions, 2 deletions
diff --git a/lib/errors.js b/lib/errors.js index 950b4cae..599f54b2 100644 --- a/lib/errors.js +++ b/lib/errors.js @@ -20,6 +20,9 @@ module.exports = { errorBadRequest: function (res) { responseError(res, '400', 'Bad Request', 'something not right.') }, + errorConflict: function (res) { + responseError(res, '409', 'Conflict', 'This note already exists.') + }, errorTooLong: function (res) { responseError(res, '413', 'Payload Too Large', 'Shorten your note!') }, diff --git a/lib/web/note/util.js b/lib/web/note/util.js index effeb41c..5df1e820 100644 --- a/lib/web/note/util.js +++ b/lib/web/note/util.js @@ -46,7 +46,7 @@ exports.checkViewPermission = function (req, note) { } } -exports.newNote = function (req, res, body) { +exports.newNote = async function (req, res, body) { let owner = null const noteId = req.params.noteId ? req.params.noteId : null if (req.isAuthenticated()) { @@ -60,6 +60,19 @@ exports.newNote = function (req, res, body) { } else { return req.method === 'POST' ? errors.errorForbidden(res) : errors.errorNotFound(res) } + try { + const count = await models.Note.count({ + where: { + alias: req.alias + } + }) + if (count > 0) { + return errors.errorConflict(res) + } + } catch (err) { + logger.error('Error while checking for possible duplicate: ' + err) + return errors.errorInternalError(res) + } } models.Note.create({ ownerId: owner, @@ -69,7 +82,7 @@ exports.newNote = function (req, res, body) { }).then(function (note) { return res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id))) }).catch(function (err) { - logger.error(err) + logger.error('Note could not be created: ' + err) return errors.errorInternalError(res) }) } |