1 files changed, 25 insertions, 56 deletions

diff --git a/lib/response.js b/lib/response.js
index 37211998..671aa120 100644
--- a/lib/response.js
+++ b/lib/response.js
@@ -32,6 +32,9 @@ var response = {
   errorBadRequest: function (res) {
     responseError(res, '400', 'Bad Request', 'something not right.')
   },
+  errorTooLong: function (res) {
+    responseError(res, '413', 'Payload Too Large', 'Shorten your note!')
+  },
   errorInternalError: function (res) {
     responseError(res, '500', 'Internal Error', 'wtf.')
   },
@@ -51,13 +54,11 @@ var response = {
 }
 
 function responseError (res, code, detail, msg) {
-  res.status(code).render(config.errorPath, {
-    url: config.serverURL,
+  res.status(code).render('error.ejs', {
     title: code + ' ' + detail + ' ' + msg,
     code: code,
     detail: detail,
-    msg: msg,
-    useCDN: config.useCDN
+    msg: msg
   })
 }
 
@@ -66,25 +67,6 @@ function showIndex (req, res, next) {
   var deleteToken = ''
 
   var data = {
-    url: config.serverURL,
-    useCDN: config.useCDN,
-    allowAnonymous: config.allowAnonymous,
-    allowAnonymousEdits: config.allowAnonymousEdits,
-    facebook: config.isFacebookEnable,
-    twitter: config.isTwitterEnable,
-    github: config.isGitHubEnable,
-    gitlab: config.isGitLabEnable,
-    mattermost: config.isMattermostEnable,
-    dropbox: config.isDropboxEnable,
-    google: config.isGoogleEnable,
-    ldap: config.isLDAPEnable,
-    ldapProviderName: config.ldap.providerName,
-    saml: config.isSAMLEnable,
-    oauth2: config.isOAuth2Enable,
-    oauth2ProviderName: config.oauth2.providerName,
-    email: config.isEmailEnable,
-    allowEmailRegister: config.allowEmailRegister,
-    allowPDFExport: config.allowPDFExport,
     signin: authStatus,
     infoMessage: req.flash('info'),
     errorMessage: req.flash('error'),
@@ -101,11 +83,11 @@ function showIndex (req, res, next) {
     }).then(function (user) {
       if (user) {
         data.deleteToken = user.deleteToken
-        res.render(config.indexPath, data)
+        res.render('index.ejs', data)
       }
     })
   } else {
-    res.render(config.indexPath, data)
+    res.render('index.ejs', data)
   }
 }
 
@@ -119,33 +101,19 @@ function responseCodiMD (res, note) {
     'Cache-Control': 'private', // only cache by client
     'X-Robots-Tag': 'noindex, nofollow' // prevent crawling
   })
-  res.render(config.codimdPath, {
-    url: config.serverURL,
-    title: title,
-    useCDN: config.useCDN,
-    allowAnonymous: config.allowAnonymous,
-    allowAnonymousEdits: config.allowAnonymousEdits,
-    facebook: config.isFacebookEnable,
-    twitter: config.isTwitterEnable,
-    github: config.isGitHubEnable,
-    gitlab: config.isGitLabEnable,
-    mattermost: config.isMattermostEnable,
-    dropbox: config.isDropboxEnable,
-    google: config.isGoogleEnable,
-    ldap: config.isLDAPEnable,
-    ldapProviderName: config.ldap.providerName,
-    oauth2ProviderName: config.oauth2.providerName,
-    saml: config.isSAMLEnable,
-    oauth2: config.isOAuth2Enable,
-    email: config.isEmailEnable,
-    allowEmailRegister: config.allowEmailRegister,
-    allowPDFExport: config.allowPDFExport
+  res.render('codimd.ejs', {
+    title: title
   })
 }
 
 function newNote (req, res, next) {
   var owner = null
-  var body = req.body ? req.body : ''
+  var body = ''
+  if (req.body && req.body.length > config.documentMaxLength) {
+    return response.errorTooLong(res)
+  } else if (req.body) {
+    body = req.body
+  }
   body = body.replace(/[\r]/g, '')
   if (req.isAuthenticated()) {
     owner = req.user.id
@@ -244,16 +212,13 @@ function showPublishNote (req, res, next) {
       var updatetime = note.lastchangeAt
       var title = models.Note.decodeTitle(note.title)
       title = models.Note.generateWebTitle(meta.title || title)
-      var origin = config.serverURL
       var data = {
         title: title,
         description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null),
         viewcount: note.viewcount,
         createtime: createtime,
         updatetime: updatetime,
-        url: origin,
         body: body,
-        useCDN: config.useCDN,
         owner: note.owner ? note.owner.id : null,
         ownerprofile: note.owner ? models.User.getProfile(note.owner) : null,
         lastchangeuser: note.lastchangeuser ? note.lastchangeuser.id : null,
@@ -275,7 +240,7 @@ function renderPublish (data, res) {
   res.set({
     'Cache-Control': 'private' // only cache by client
   })
-  res.render(config.prettyPath, data)
+  res.render('pretty.ejs', data)
 }
 
 function actionPublish (req, res, note) {
@@ -341,6 +306,10 @@ function actionPDF (req, res, note) {
   var path = config.tmpPath + '/' + Date.now() + '.pdf'
   content = content.replace(/\]\(\//g, '](' + url + '/')
   markdownpdf().from.string(content).to(path, function () {
+    if (!fs.existsSync(path)) {
+      logger.error('PDF seems to not be generated as expected. File doesn\'t exist: ' + path)
+      return response.errorInternalError(res)
+    }
     var stream = fs.createReadStream(path)
     var filename = title
     // Be careful of special characters
@@ -454,6 +423,9 @@ function publishNoteActions (req, res, next) {
   findNote(req, res, function (note) {
     var action = req.params.action
     switch (action) {
+      case 'download':
+        actionDownload(req, res, note)
+        break
       case 'edit':
         res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id)))
         break
@@ -577,7 +549,7 @@ function gitlabActionProjects (req, res, note) {
       ret.accesstoken = user.accessToken
       ret.profileid = user.profileid
       request(
-                config.gitlab.baseURL + '/api/' + config.gitlab.version + '/projects?access_token=' + user.accessToken,
+                config.gitlab.baseURL + '/api/' + config.gitlab.version + '/projects?membership=yes&per_page=100&access_token=' + user.accessToken,
                 function (error, httpResponse, body) {
                   if (!error && httpResponse.statusCode === 200) {
                     ret.projects = JSON.parse(body)
@@ -620,18 +592,15 @@ function showPublishSlide (req, res, next) {
       var updatetime = note.lastchangeAt
       var title = models.Note.decodeTitle(note.title)
       title = models.Note.generateWebTitle(meta.title || title)
-      var origin = config.serverURL
       var data = {
         title: title,
         description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null),
         viewcount: note.viewcount,
         createtime: createtime,
         updatetime: updatetime,
-        url: origin,
         body: markdown,
         theme: meta.slideOptions && utils.isRevealTheme(meta.slideOptions.theme),
         meta: JSON.stringify(extracted.meta),
-        useCDN: config.useCDN,
         owner: note.owner ? note.owner.id : null,
         ownerprofile: note.owner ? models.User.getProfile(note.owner) : null,
         lastchangeuser: note.lastchangeuser ? note.lastchangeuser.id : null,
@@ -653,7 +622,7 @@ function renderPublishSlide (data, res) {
   res.set({
     'Cache-Control': 'private' // only cache by client
   })
-  res.render(config.slidePath, data)
+  res.render('slide.ejs', data)
 }
 
 module.exports = response