summaryrefslogtreecommitdiff
path: root/lib/response.js
diff options
context:
space:
mode:
Diffstat (limited to 'lib/response.js')
-rw-r--r--lib/response.js493
1 files changed, 11 insertions, 482 deletions
diff --git a/lib/response.js b/lib/response.js
index 74d71d52..2e944e32 100644
--- a/lib/response.js
+++ b/lib/response.js
@@ -3,66 +3,21 @@
// external modules
var fs = require('fs')
var path = require('path')
-var markdownpdf = require('markdown-pdf')
-var shortId = require('shortid')
-var querystring = require('querystring')
var request = require('request')
-var moment = require('moment')
-
// core
var config = require('./config')
var logger = require('./logger')
var models = require('./models')
-var utils = require('./utils')
+const noteUtil = require('./web/note/util')
+const errors = require('./errors')
// public
var response = {
- errorForbidden: function (res) {
- const { req } = res
- if (req.user) {
- responseError(res, '403', 'Forbidden', 'oh no.')
- } else {
- req.flash('error', 'You are not allowed to access this page. Maybe try logging in?')
- res.redirect(config.serverURL + '/')
- }
- },
- errorNotFound: function (res) {
- responseError(res, '404', 'Not Found', 'oops.')
- },
- errorBadRequest: function (res) {
- responseError(res, '400', 'Bad Request', 'something not right.')
- },
- errorTooLong: function (res) {
- responseError(res, '413', 'Payload Too Large', 'Shorten your note!')
- },
- errorInternalError: function (res) {
- responseError(res, '500', 'Internal Error', 'wtf.')
- },
- errorServiceUnavailable: function (res) {
- res.status(503).send("I'm busy right now, try again later.")
- },
- showNote: showNote,
- showPublishNote: showPublishNote,
- showPublishSlide: showPublishSlide,
showIndex: showIndex,
- noteActions: noteActions,
- postNote: postNote,
- publishNoteActions: publishNoteActions,
- publishSlideActions: publishSlideActions,
githubActions: githubActions,
gitlabActions: gitlabActions
}
-function responseError (res, code, detail, msg) {
- res.status(code).render('error.ejs', {
- title: code + ' ' + detail + ' ' + msg,
- code: code,
- detail: detail,
- msg: msg,
- opengraph: []
- })
-}
-
function showIndex (req, res, next) {
var authStatus = req.isAuthenticated()
var deleteToken = ''
@@ -93,377 +48,9 @@ function showIndex (req, res, next) {
}
}
-function responseCodiMD (res, note) {
- var body = note.content
- var extracted = models.Note.extractMeta(body)
- var meta = models.Note.parseMeta(extracted.meta)
- var title = models.Note.decodeTitle(note.title)
- title = models.Note.generateWebTitle(meta.title || title)
- var opengraph = models.Note.parseOpengraph(meta, title)
- res.set({
- 'Cache-Control': 'private', // only cache by client
- 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling
- })
- res.render('codimd.ejs', {
- title: title,
- opengraph: opengraph
- })
-}
-
-function postNote (req, res, next) {
- var body = ''
- if (req.body && req.body.length > config.documentMaxLength) {
- return response.errorTooLong(res)
- } else if (req.body) {
- body = req.body
- }
- body = body.replace(/[\r]/g, '')
- return newNote(req, res, body)
-}
-
-function newNote (req, res, body) {
- var owner = null
- var noteId = req.params.noteId ? req.params.noteId : null
- if (req.isAuthenticated()) {
- owner = req.user.id
- } else if (!config.allowAnonymous) {
- return response.errorForbidden(res)
- }
- if (config.allowFreeURL && noteId && !config.forbiddenNoteIDs.includes(noteId)) {
- req.alias = noteId
- } else if (noteId) {
- return req.method === 'POST' ? response.errorForbidden(res) : response.errorNotFound(res)
- }
- models.Note.create({
- ownerId: owner,
- alias: req.alias ? req.alias : null,
- content: body
- }).then(function (note) {
- return res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id)))
- }).catch(function (err) {
- logger.error(err)
- return response.errorInternalError(res)
- })
-}
-
-function checkViewPermission (req, note) {
- if (note.permission === 'private') {
- if (!req.isAuthenticated() || note.ownerId !== req.user.id) { return false } else { return true }
- } else if (note.permission === 'limited' || note.permission === 'protected') {
- if (!req.isAuthenticated()) { return false } else { return true }
- } else {
- return true
- }
-}
-
-function findNote (req, res, callback, include) {
- var id = req.params.noteId || req.params.shortid
- models.Note.parseNoteId(id, function (err, _id) {
- if (err) {
- logger.error(err)
- return response.errorInternalError(res)
- }
- models.Note.findOne({
- where: {
- id: _id
- },
- include: include || null
- }).then(function (note) {
- if (!note) {
- return newNote(req, res, null)
- }
- if (!checkViewPermission(req, note)) {
- return response.errorForbidden(res)
- } else {
- return callback(note)
- }
- }).catch(function (err) {
- logger.error(err)
- return response.errorInternalError(res)
- })
- })
-}
-
-function showNote (req, res, next) {
- findNote(req, res, function (note) {
- // force to use note id
- var noteId = req.params.noteId
- var id = models.Note.encodeNoteId(note.id)
- if ((note.alias && noteId !== note.alias) || (!note.alias && noteId !== id)) { return res.redirect(config.serverURL + '/' + (note.alias || id)) }
- return responseCodiMD(res, note)
- })
-}
-
-function showPublishNote (req, res, next) {
- var include = [{
- model: models.User,
- as: 'owner'
- }, {
- model: models.User,
- as: 'lastchangeuser'
- }]
- findNote(req, res, function (note) {
- // force to use short id
- var shortid = req.params.shortid
- if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) {
- return res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid))
- }
- note.increment('viewcount').then(function (note) {
- if (!note) {
- return response.errorNotFound(res)
- }
- var body = note.content
- var extracted = models.Note.extractMeta(body)
- var markdown = extracted.markdown
- var meta = models.Note.parseMeta(extracted.meta)
- var createtime = note.createdAt
- var updatetime = note.lastchangeAt
- var title = models.Note.decodeTitle(note.title)
- title = models.Note.generateWebTitle(meta.title || title)
- var ogdata = models.Note.parseOpengraph(meta, title)
- var data = {
- title: title,
- description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null),
- viewcount: note.viewcount,
- createtime: createtime,
- updatetime: updatetime,
- body: body,
- owner: note.owner ? note.owner.id : null,
- ownerprofile: note.owner ? models.User.getProfile(note.owner) : null,
- lastchangeuser: note.lastchangeuser ? note.lastchangeuser.id : null,
- lastchangeuserprofile: note.lastchangeuser ? models.User.getProfile(note.lastchangeuser) : null,
- robots: meta.robots || false, // default allow robots
- GA: meta.GA,
- disqus: meta.disqus,
- cspNonce: res.locals.nonce,
- dnt: req.headers.dnt,
- opengraph: ogdata
- }
- return renderPublish(data, res)
- }).catch(function (err) {
- logger.error(err)
- return response.errorInternalError(res)
- })
- }, include)
-}
-
-function renderPublish (data, res) {
- res.set({
- 'Cache-Control': 'private' // only cache by client
- })
- res.render('pretty.ejs', data)
-}
-
-function actionPublish (req, res, note) {
- res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid))
-}
-
-function actionSlide (req, res, note) {
- res.redirect(config.serverURL + '/p/' + (note.alias || note.shortid))
-}
-
-function actionDownload (req, res, note) {
- var body = note.content
- var title = models.Note.decodeTitle(note.title)
- var filename = title
- filename = encodeURIComponent(filename)
- res.set({
- 'Access-Control-Allow-Origin': '*', // allow CORS as API
- 'Access-Control-Allow-Headers': 'Range',
- 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range',
- 'Content-Type': 'text/markdown; charset=UTF-8',
- 'Cache-Control': 'private',
- 'Content-disposition': 'attachment; filename=' + filename + '.md',
- 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling
- })
- res.send(body)
-}
-
-function actionInfo (req, res, note) {
- var body = note.content
- var extracted = models.Note.extractMeta(body)
- var markdown = extracted.markdown
- var meta = models.Note.parseMeta(extracted.meta)
- var createtime = note.createdAt
- var updatetime = note.lastchangeAt
- var title = models.Note.decodeTitle(note.title)
- var data = {
- title: meta.title || title,
- description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null),
- viewcount: note.viewcount,
- createtime: createtime,
- updatetime: updatetime
- }
- res.set({
- 'Access-Control-Allow-Origin': '*', // allow CORS as API
- 'Access-Control-Allow-Headers': 'Range',
- 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range',
- 'Cache-Control': 'private', // only cache by client
- 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling
- })
- res.send(data)
-}
-
-function actionPDF (req, res, note) {
- var url = config.serverURL || 'http://' + req.get('host')
- var body = note.content
- var extracted = models.Note.extractMeta(body)
- var content = extracted.markdown
- var title = models.Note.decodeTitle(note.title)
-
- if (!fs.existsSync(config.tmpPath)) {
- fs.mkdirSync(config.tmpPath)
- }
- var path = config.tmpPath + '/' + Date.now() + '.pdf'
- content = content.replace(/\]\(\//g, '](' + url + '/')
- markdownpdf().from.string(content).to(path, function () {
- if (!fs.existsSync(path)) {
- logger.error('PDF seems to not be generated as expected. File doesn\'t exist: ' + path)
- return response.errorInternalError(res)
- }
- var stream = fs.createReadStream(path)
- var filename = title
- // Be careful of special characters
- filename = encodeURIComponent(filename)
- // Ideally this should strip them
- res.setHeader('Content-disposition', 'attachment; filename="' + filename + '.pdf"')
- res.setHeader('Cache-Control', 'private')
- res.setHeader('Content-Type', 'application/pdf; charset=UTF-8')
- res.setHeader('X-Robots-Tag', 'noindex, nofollow') // prevent crawling
- stream.pipe(res)
- fs.unlinkSync(path)
- })
-}
-
-function actionGist (req, res, note) {
- var data = {
- client_id: config.github.clientID,
- redirect_uri: config.serverURL + '/auth/github/callback/' + models.Note.encodeNoteId(note.id) + '/gist',
- scope: 'gist',
- state: shortId.generate()
- }
- var query = querystring.stringify(data)
- res.redirect('https://github.com/login/oauth/authorize?' + query)
-}
-
-function actionRevision (req, res, note) {
- var actionId = req.params.actionId
- if (actionId) {
- var time = moment(parseInt(actionId))
- if (time.isValid()) {
- models.Revision.getPatchedNoteRevisionByTime(note, time, function (err, content) {
- if (err) {
- logger.error(err)
- return response.errorInternalError(res)
- }
- if (!content) {
- return response.errorNotFound(res)
- }
- res.set({
- 'Access-Control-Allow-Origin': '*', // allow CORS as API
- 'Access-Control-Allow-Headers': 'Range',
- 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range',
- 'Cache-Control': 'private', // only cache by client
- 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling
- })
- res.send(content)
- })
- } else {
- return response.errorNotFound(res)
- }
- } else {
- models.Revision.getNoteRevisions(note, function (err, data) {
- if (err) {
- logger.error(err)
- return response.errorInternalError(res)
- }
- var out = {
- revision: data
- }
- res.set({
- 'Access-Control-Allow-Origin': '*', // allow CORS as API
- 'Access-Control-Allow-Headers': 'Range',
- 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range',
- 'Cache-Control': 'private', // only cache by client
- 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling
- })
- res.send(out)
- })
- }
-}
-
-function noteActions (req, res, next) {
- var noteId = req.params.noteId
- findNote(req, res, function (note) {
- var action = req.params.action
- switch (action) {
- case 'publish':
- case 'pretty': // pretty deprecated
- actionPublish(req, res, note)
- break
- case 'slide':
- actionSlide(req, res, note)
- break
- case 'download':
- actionDownload(req, res, note)
- break
- case 'info':
- actionInfo(req, res, note)
- break
- case 'pdf':
- if (config.allowPDFExport) {
- actionPDF(req, res, note)
- } else {
- logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details')
- response.errorForbidden(res)
- }
- break
- case 'gist':
- actionGist(req, res, note)
- break
- case 'revision':
- actionRevision(req, res, note)
- break
- default:
- return res.redirect(config.serverURL + '/' + noteId)
- }
- })
-}
-
-function publishNoteActions (req, res, next) {
- findNote(req, res, function (note) {
- var action = req.params.action
- switch (action) {
- case 'download':
- actionDownload(req, res, note)
- break
- case 'edit':
- res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id)) + '?both')
- break
- default:
- res.redirect(config.serverURL + '/s/' + note.shortid)
- break
- }
- })
-}
-
-function publishSlideActions (req, res, next) {
- findNote(req, res, function (note) {
- var action = req.params.action
- switch (action) {
- case 'edit':
- res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id)) + '?both')
- break
- default:
- res.redirect(config.serverURL + '/p/' + note.shortid)
- break
- }
- })
-}
-
function githubActions (req, res, next) {
var noteId = req.params.noteId
- findNote(req, res, function (note) {
+ noteUtil.findNote(req, res, function (note) {
var action = req.params.action
switch (action) {
case 'gist':
@@ -480,7 +67,7 @@ function githubActionGist (req, res, note) {
var code = req.query.code
var state = req.query.state
if (!code || !state) {
- return response.errorForbidden(res)
+ return errors.errorForbidden(res)
} else {
var data = {
client_id: config.github.clientID,
@@ -520,14 +107,14 @@ function githubActionGist (req, res, note) {
res.setHeader('referer', '')
res.redirect(body.html_url)
} else {
- return response.errorForbidden(res)
+ return errors.errorForbidden(res)
}
})
} else {
- return response.errorForbidden(res)
+ return errors.errorForbidden(res)
}
} else {
- return response.errorForbidden(res)
+ return errors.errorForbidden(res)
}
})
}
@@ -535,7 +122,7 @@ function githubActionGist (req, res, note) {
function gitlabActions (req, res, next) {
var noteId = req.params.noteId
- findNote(req, res, function (note) {
+ noteUtil.findNote(req, res, function (note) {
var action = req.params.action
switch (action) {
case 'projects':
@@ -555,7 +142,7 @@ function gitlabActionProjects (req, res, note) {
id: req.user.id
}
}).then(function (user) {
- if (!user) { return response.errorNotFound(res) }
+ if (!user) { return errors.errorNotFound(res) }
var ret = { baseURL: config.gitlab.baseURL, version: config.gitlab.version }
ret.accesstoken = user.accessToken
ret.profileid = user.profileid
@@ -572,69 +159,11 @@ function gitlabActionProjects (req, res, note) {
)
}).catch(function (err) {
logger.error('gitlab action projects failed: ' + err)
- return response.errorInternalError(res)
+ return errors.errorInternalError(res)
})
} else {
- return response.errorForbidden(res)
+ return errors.errorForbidden(res)
}
}
-function showPublishSlide (req, res, next) {
- var include = [{
- model: models.User,
- as: 'owner'
- }, {
- model: models.User,
- as: 'lastchangeuser'
- }]
- findNote(req, res, function (note) {
- // force to use short id
- var shortid = req.params.shortid
- if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) { return res.redirect(config.serverURL + '/p/' + (note.alias || note.shortid)) }
- note.increment('viewcount').then(function (note) {
- if (!note) {
- return response.errorNotFound(res)
- }
- var body = note.content
- var extracted = models.Note.extractMeta(body)
- var markdown = extracted.markdown
- var meta = models.Note.parseMeta(extracted.meta)
- var createtime = note.createdAt
- var updatetime = note.lastchangeAt
- var title = models.Note.decodeTitle(note.title)
- title = models.Note.generateWebTitle(meta.title || title)
- var data = {
- title: title,
- description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null),
- viewcount: note.viewcount,
- createtime: createtime,
- updatetime: updatetime,
- body: markdown,
- theme: meta.slideOptions && utils.isRevealTheme(meta.slideOptions.theme),
- meta: JSON.stringify(extracted.meta),
- owner: note.owner ? note.owner.id : null,
- ownerprofile: note.owner ? models.User.getProfile(note.owner) : null,
- lastchangeuser: note.lastchangeuser ? note.lastchangeuser.id : null,
- lastchangeuserprofile: note.lastchangeuser ? models.User.getProfile(note.lastchangeuser) : null,
- robots: meta.robots || false, // default allow robots
- GA: meta.GA,
- disqus: meta.disqus,
- cspNonce: res.locals.nonce,
- dnt: req.headers.dnt
- }
- return renderPublishSlide(data, res)
- }).catch(function (err) {
- logger.error(err)
- return response.errorInternalError(res)
- })
- }, include)
-}
-
-function renderPublishSlide (data, res) {
- res.set({
- 'Cache-Control': 'private' // only cache by client
- })
- res.render('slide.ejs', data)
-}
-
module.exports = response
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-29 05:22:54 +0000