diff options
Diffstat (limited to '')
-rw-r--r-- | lib/web/auth/dropbox/index.js | 2 | ||||
-rw-r--r-- | lib/web/auth/email/index.js | 2 | ||||
-rw-r--r-- | lib/web/auth/facebook/index.js | 2 | ||||
-rw-r--r-- | lib/web/auth/github/index.js | 2 | ||||
-rw-r--r-- | lib/web/auth/gitlab/index.js | 2 | ||||
-rw-r--r-- | lib/web/auth/google/index.js | 4 | ||||
-rw-r--r-- | lib/web/auth/ldap/index.js | 12 | ||||
-rw-r--r-- | lib/web/auth/mattermost/index.js | 4 | ||||
-rw-r--r-- | lib/web/auth/oauth2/index.js | 10 | ||||
-rw-r--r-- | lib/web/auth/openid/index.js | 6 | ||||
-rw-r--r-- | lib/web/auth/saml/index.js | 28 | ||||
-rw-r--r-- | lib/web/auth/twitter/index.js | 2 | ||||
-rw-r--r-- | lib/web/auth/utils.js | 4 | ||||
-rw-r--r-- | lib/web/imageRouter/azure.js | 2 | ||||
-rw-r--r-- | lib/web/imageRouter/index.js | 40 | ||||
-rw-r--r-- | lib/web/imageRouter/minio.js | 8 | ||||
-rw-r--r-- | lib/web/imageRouter/s3.js | 2 | ||||
-rw-r--r-- | lib/web/statusRouter.js | 10 | ||||
-rw-r--r-- | lib/web/userRouter.js | 10 |
19 files changed, 86 insertions, 66 deletions
diff --git a/lib/web/auth/dropbox/index.js b/lib/web/auth/dropbox/index.js index aef011cb..c35f04e3 100644 --- a/lib/web/auth/dropbox/index.js +++ b/lib/web/auth/dropbox/index.js @@ -6,7 +6,7 @@ const DropboxStrategy = require('passport-dropbox-oauth2').Strategy const config = require('../../../config') const { passportGeneralCallback } = require('../utils') -let dropboxAuth = module.exports = Router() +const dropboxAuth = module.exports = Router() passport.use(new DropboxStrategy({ apiVersion: '2', diff --git a/lib/web/auth/email/index.js b/lib/web/auth/email/index.js index 78ca933b..74922966 100644 --- a/lib/web/auth/email/index.js +++ b/lib/web/auth/email/index.js @@ -10,7 +10,7 @@ const logger = require('../../../logger') const { urlencodedParser } = require('../../utils') const errors = require('../../../errors') -let emailAuth = module.exports = Router() +const emailAuth = module.exports = Router() passport.use(new LocalStrategy({ usernameField: 'email' diff --git a/lib/web/auth/facebook/index.js b/lib/web/auth/facebook/index.js index 0ba948bb..acf566eb 100644 --- a/lib/web/auth/facebook/index.js +++ b/lib/web/auth/facebook/index.js @@ -7,7 +7,7 @@ const FacebookStrategy = require('passport-facebook').Strategy const config = require('../../../config') const { passportGeneralCallback } = require('../utils') -let facebookAuth = module.exports = Router() +const facebookAuth = module.exports = Router() passport.use(new FacebookStrategy({ clientID: config.facebook.clientID, diff --git a/lib/web/auth/github/index.js b/lib/web/auth/github/index.js index 3a3a84c6..c7f7e5d1 100644 --- a/lib/web/auth/github/index.js +++ b/lib/web/auth/github/index.js @@ -7,7 +7,7 @@ const config = require('../../../config') const response = require('../../../response') const { passportGeneralCallback } = require('../utils') -let githubAuth = module.exports = Router() +const githubAuth = module.exports = Router() passport.use(new GithubStrategy({ clientID: config.github.clientID, diff --git a/lib/web/auth/gitlab/index.js b/lib/web/auth/gitlab/index.js index 1b628e81..11579bd1 100644 --- a/lib/web/auth/gitlab/index.js +++ b/lib/web/auth/gitlab/index.js @@ -7,7 +7,7 @@ const config = require('../../../config') const response = require('../../../response') const { passportGeneralCallback } = require('../utils') -let gitlabAuth = module.exports = Router() +const gitlabAuth = module.exports = Router() passport.use(new GitlabStrategy({ baseURL: config.gitlab.baseURL, diff --git a/lib/web/auth/google/index.js b/lib/web/auth/google/index.js index 6edf07a9..0262dedf 100644 --- a/lib/web/auth/google/index.js +++ b/lib/web/auth/google/index.js @@ -2,11 +2,11 @@ const Router = require('express').Router const passport = require('passport') -var GoogleStrategy = require('passport-google-oauth20').Strategy +const GoogleStrategy = require('passport-google-oauth20').Strategy const config = require('../../../config') const { passportGeneralCallback } = require('../utils') -let googleAuth = module.exports = Router() +const googleAuth = module.exports = Router() passport.use(new GoogleStrategy({ clientID: config.google.clientID, diff --git a/lib/web/auth/ldap/index.js b/lib/web/auth/ldap/index.js index b501106d..4142194f 100644 --- a/lib/web/auth/ldap/index.js +++ b/lib/web/auth/ldap/index.js @@ -9,7 +9,7 @@ const logger = require('../../../logger') const { urlencodedParser } = require('../../utils') const errors = require('../../../errors') -let ldapAuth = module.exports = Router() +const ldapAuth = module.exports = Router() passport.use(new LDAPStrategy({ server: { @@ -22,7 +22,7 @@ passport.use(new LDAPStrategy({ tlsOptions: config.ldap.tlsOptions || null } }, function (user, done) { - var uuid = user.uidNumber || user.uid || user.sAMAccountName || undefined + let uuid = user.uidNumber || user.uid || user.sAMAccountName || undefined if (config.ldap.useridField && user[config.ldap.useridField]) { uuid = user[config.ldap.useridField] } @@ -34,12 +34,12 @@ passport.use(new LDAPStrategy({ '"useridField" option in ldap settings.') } - var username = uuid + let username = uuid if (config.ldap.usernameField && user[config.ldap.usernameField]) { username = user[config.ldap.usernameField] } - var profile = { + const profile = { id: 'LDAP-' + uuid, username: username, displayName: user.displayName, @@ -48,7 +48,7 @@ passport.use(new LDAPStrategy({ profileUrl: null, provider: 'ldap' } - var stringifiedProfile = JSON.stringify(profile) + const stringifiedProfile = JSON.stringify(profile) models.User.findOrCreate({ where: { profileid: profile.id.toString() @@ -58,7 +58,7 @@ passport.use(new LDAPStrategy({ } }).spread(function (user, created) { if (user) { - var needSave = false + let needSave = false if (user.profile !== stringifiedProfile) { user.profile = stringifiedProfile needSave = true diff --git a/lib/web/auth/mattermost/index.js b/lib/web/auth/mattermost/index.js index 78eca2af..2f15c812 100644 --- a/lib/web/auth/mattermost/index.js +++ b/lib/web/auth/mattermost/index.js @@ -9,9 +9,9 @@ const { passportGeneralCallback } = require('../utils') const mattermost = new Mattermost.Client() -let mattermostAuth = module.exports = Router() +const mattermostAuth = module.exports = Router() -let mattermostStrategy = new OAuthStrategy({ +const mattermostStrategy = new OAuthStrategy({ authorizationURL: config.mattermost.baseURL + '/oauth/authorize', tokenURL: config.mattermost.baseURL + '/oauth/access_token', clientID: config.mattermost.clientID, diff --git a/lib/web/auth/oauth2/index.js b/lib/web/auth/oauth2/index.js index 9cb17f26..e9032e0b 100644 --- a/lib/web/auth/oauth2/index.js +++ b/lib/web/auth/oauth2/index.js @@ -7,7 +7,7 @@ const config = require('../../../config') const logger = require('../../../logger') const { passportGeneralCallback } = require('../utils') -let oauth2Auth = module.exports = Router() +const oauth2Auth = module.exports = Router() class OAuth2CustomStrategy extends Strategy { constructor (options, verify) { @@ -20,7 +20,7 @@ class OAuth2CustomStrategy extends Strategy { userProfile (accessToken, done) { this._oauth2.get(this._userProfileURL, accessToken, function (err, body, res) { - var json + let json if (err) { return done(new InternalOAuthError('Failed to fetch user profile', err)) @@ -33,7 +33,7 @@ class OAuth2CustomStrategy extends Strategy { } checkAuthorization(json, done) - let profile = parseProfile(json) + const profile = parseProfile(json) profile.provider = 'oauth2' done(null, profile) @@ -91,7 +91,7 @@ function checkAuthorization (data, done) { OAuth2CustomStrategy.prototype.userProfile = function (accessToken, done) { this._oauth2.get(this._userProfileURL, accessToken, function (err, body, res) { - var json + let json if (err) { return done(new InternalOAuthError('Failed to fetch user profile', err)) @@ -104,7 +104,7 @@ OAuth2CustomStrategy.prototype.userProfile = function (accessToken, done) { } checkAuthorization(json, done) - let profile = parseProfile(json) + const profile = parseProfile(json) profile.provider = 'oauth2' done(null, profile) diff --git a/lib/web/auth/openid/index.js b/lib/web/auth/openid/index.js index 28e164f5..84d0970c 100644 --- a/lib/web/auth/openid/index.js +++ b/lib/web/auth/openid/index.js @@ -8,14 +8,14 @@ const models = require('../../../models') const logger = require('../../../logger') const { urlencodedParser } = require('../../utils') -let openIDAuth = module.exports = Router() +const openIDAuth = module.exports = Router() passport.use(new OpenIDStrategy({ returnURL: config.serverURL + '/auth/openid/callback', realm: config.serverURL, profile: true }, function (openid, profile, done) { - var stringifiedProfile = JSON.stringify(profile) + const stringifiedProfile = JSON.stringify(profile) models.User.findOrCreate({ where: { profileid: openid @@ -25,7 +25,7 @@ passport.use(new OpenIDStrategy({ } }).spread(function (user, created) { if (user) { - var needSave = false + let needSave = false if (user.profile !== stringifiedProfile) { user.profile = stringifiedProfile needSave = true diff --git a/lib/web/auth/saml/index.js b/lib/web/auth/saml/index.js index c48b93e2..deb04007 100644 --- a/lib/web/auth/saml/index.js +++ b/lib/web/auth/saml/index.js @@ -10,19 +10,21 @@ const { urlencodedParser } = require('../../utils') const fs = require('fs') const intersection = function (array1, array2) { return array1.filter((n) => array2.includes(n)) } -let samlAuth = module.exports = Router() +const samlAuth = module.exports = Router() passport.use(new SamlStrategy({ callbackUrl: config.serverURL + '/auth/saml/callback', entryPoint: config.saml.idpSsoUrl, issuer: config.saml.issuer || config.serverURL, - privateCert: config.saml.clientCert === undefined ? undefined : (function () { - try { - return fs.readFileSync(config.saml.clientCert, 'utf-8') - } catch (e) { - logger.error(`SAML client certificate: ${e.message}`) - } - }()), + privateCert: config.saml.clientCert === undefined + ? undefined + : (function () { + try { + return fs.readFileSync(config.saml.clientCert, 'utf-8') + } catch (e) { + logger.error(`SAML client certificate: ${e.message}`) + } + }()), cert: (function () { try { return fs.readFileSync(config.saml.idpCert, 'utf-8') @@ -36,7 +38,7 @@ passport.use(new SamlStrategy({ }, function (user, done) { // check authorization if needed if (config.saml.externalGroups && config.saml.groupAttribute) { - var externalGroups = intersection(config.saml.externalGroups, user[config.saml.groupAttribute]) + const externalGroups = intersection(config.saml.externalGroups, user[config.saml.groupAttribute]) if (externalGroups.length > 0) { logger.error('saml permission denied: ' + externalGroups.join(', ')) return done('Permission denied', null) @@ -49,8 +51,8 @@ passport.use(new SamlStrategy({ } } // user creation - var uuid = user[config.saml.attribute.id] || user.nameID - var profile = { + const uuid = user[config.saml.attribute.id] || user.nameID + const profile = { provider: 'saml', id: 'SAML-' + uuid, username: user[config.saml.attribute.username] || user.nameID, @@ -59,7 +61,7 @@ passport.use(new SamlStrategy({ if (profile.emails.length === 0 && config.saml.identifierFormat === 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress') { profile.emails.push(user.nameID) } - var stringifiedProfile = JSON.stringify(profile) + const stringifiedProfile = JSON.stringify(profile) models.User.findOrCreate({ where: { profileid: profile.id.toString() @@ -69,7 +71,7 @@ passport.use(new SamlStrategy({ } }).spread(function (user, created) { if (user) { - var needSave = false + let needSave = false if (user.profile !== stringifiedProfile) { user.profile = stringifiedProfile needSave = true diff --git a/lib/web/auth/twitter/index.js b/lib/web/auth/twitter/index.js index 56389f84..76744e09 100644 --- a/lib/web/auth/twitter/index.js +++ b/lib/web/auth/twitter/index.js @@ -7,7 +7,7 @@ const TwitterStrategy = require('passport-twitter').Strategy const config = require('../../../config') const { passportGeneralCallback } = require('../utils') -let twitterAuth = module.exports = Router() +const twitterAuth = module.exports = Router() passport.use(new TwitterStrategy({ consumerKey: config.twitter.consumerKey, diff --git a/lib/web/auth/utils.js b/lib/web/auth/utils.js index fb69f08c..bb69f15f 100644 --- a/lib/web/auth/utils.js +++ b/lib/web/auth/utils.js @@ -4,7 +4,7 @@ const models = require('../../models') const logger = require('../../logger') exports.passportGeneralCallback = function callback (accessToken, refreshToken, profile, done) { - var stringifiedProfile = JSON.stringify(profile) + const stringifiedProfile = JSON.stringify(profile) models.User.findOrCreate({ where: { profileid: profile.id.toString() @@ -16,7 +16,7 @@ exports.passportGeneralCallback = function callback (accessToken, refreshToken, } }).spread(function (user, created) { if (user) { - var needSave = false + let needSave = false if (user.profile !== stringifiedProfile) { user.profile = stringifiedProfile needSave = true diff --git a/lib/web/imageRouter/azure.js b/lib/web/imageRouter/azure.js index 22ee5585..c56ac860 100644 --- a/lib/web/imageRouter/azure.js +++ b/lib/web/imageRouter/azure.js @@ -17,7 +17,7 @@ exports.uploadImage = function (imagePath, callback) { return } - var azureBlobService = azure.createBlobService(config.azure.connectionString) + const azureBlobService = azure.createBlobService(config.azure.connectionString) azureBlobService.createContainerIfNotExists(config.azure.container, { publicAccessLevel: 'blob' }, function (err, result, response) { if (err) { diff --git a/lib/web/imageRouter/index.js b/lib/web/imageRouter/index.js index afa9bbf6..0a72c65c 100644 --- a/lib/web/imageRouter/index.js +++ b/lib/web/imageRouter/index.js @@ -12,20 +12,28 @@ const config = require('../../config') const logger = require('../../logger') const errors = require('../../errors') -const imageRouter = module.exports = Router() +const imageRouter = (module.exports = Router()) async function checkUploadType (filePath) { const typeFromMagic = await FileType.fromFile(filePath) if (typeFromMagic === undefined) { - logger.error(`Image upload error: Could not determine MIME-type`) + logger.error('Image upload error: Could not determine MIME-type') return false } if (path.extname(filePath) !== '.' + typeFromMagic.ext) { - logger.error(`Image upload error: Provided file extension does not match MIME-type`) + logger.error( + 'Image upload error: Provided file extension does not match MIME-type' + ) return false } if (!config.allowedUploadMimeTypes.includes(typeFromMagic.mime)) { - logger.error(`Image upload error: MIME-type "${typeFromMagic.mime}" of uploaded file not allowed, only "${config.allowedUploadMimeTypes.join(', ')}" are allowed`) + logger.error( + `Image upload error: MIME-type "${ + typeFromMagic.mime + }" of uploaded file not allowed, only "${config.allowedUploadMimeTypes.join( + ', ' + )}" are allowed` + ) return false } return true @@ -33,12 +41,18 @@ async function checkUploadType (filePath) { // upload image imageRouter.post('/uploadimage', function (req, res) { - if (!req.isAuthenticated() && !config.allowAnonymous && !config.allowAnonymousEdits) { - logger.error(`Image upload error: Anonymous edits and therefore uploads are not allowed)`) + if ( + !req.isAuthenticated() && + !config.allowAnonymous && + !config.allowAnonymousEdits + ) { + logger.error( + 'Image upload error: Anonymous edits and therefore uploads are not allowed' + ) return errors.errorForbidden(res) } - var form = new formidable.IncomingForm() + const form = new formidable.IncomingForm() form.keepExtensions = true const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'hedgedoc-')) form.uploadDir = tmpDir @@ -49,17 +63,21 @@ imageRouter.post('/uploadimage', function (req, res) { rimraf(tmpDir) return errors.errorForbidden(res) } else if (!files.image || !files.image.path) { - logger.error(`Image upload error: Upload didn't contain file)`) + logger.error("Image upload error: Upload didn't contain file)") rimraf.sync(tmpDir) return errors.errorBadRequest(res) - } else if (!await checkUploadType(files.image.path)) { + } else if (!(await checkUploadType(files.image.path))) { rimraf.sync(tmpDir) return errors.errorBadRequest(res) } else { - logger.debug(`SERVER received uploadimage: ${JSON.stringify(files.image)}`) + logger.debug( + `SERVER received uploadimage: ${JSON.stringify(files.image)}` + ) const uploadProvider = require('./' + config.imageUploadType) - logger.debug(`imageRouter: Uploading ${files.image.path} using ${config.imageUploadType}`) + logger.debug( + `imageRouter: Uploading ${files.image.path} using ${config.imageUploadType}` + ) uploadProvider.uploadImage(files.image.path, function (err, url) { rimraf.sync(tmpDir) if (err !== null) { diff --git a/lib/web/imageRouter/minio.js b/lib/web/imageRouter/minio.js index 91de5ff1..3ced94e2 100644 --- a/lib/web/imageRouter/minio.js +++ b/lib/web/imageRouter/minio.js @@ -32,16 +32,16 @@ exports.uploadImage = function (imagePath, callback) { return } - let key = path.join('uploads', path.basename(imagePath)) - let protocol = config.minio.secure ? 'https' : 'http' + const key = path.join('uploads', path.basename(imagePath)) + const protocol = config.minio.secure ? 'https' : 'http' minioClient.putObject(config.s3bucket, key, buffer, buffer.size, getImageMimeType(imagePath), function (err, data) { if (err) { callback(new Error(err), null) return } - let hidePort = [80, 443].includes(config.minio.port) - let urlPort = hidePort ? '' : `:${config.minio.port}` + const hidePort = [80, 443].includes(config.minio.port) + const urlPort = hidePort ? '' : `:${config.minio.port}` callback(null, `${protocol}://${config.minio.endPoint}${urlPort}/${config.s3bucket}/${key}`) }) }) diff --git a/lib/web/imageRouter/s3.js b/lib/web/imageRouter/s3.js index 2bf08cc7..5bb8e160 100644 --- a/lib/web/imageRouter/s3.js +++ b/lib/web/imageRouter/s3.js @@ -26,7 +26,7 @@ exports.uploadImage = function (imagePath, callback) { callback(new Error(err), null) return } - let params = { + const params = { Bucket: config.s3bucket, Key: path.join('uploads', path.basename(imagePath)), Body: buffer diff --git a/lib/web/statusRouter.js b/lib/web/statusRouter.js index febe2df3..d939a3fe 100644 --- a/lib/web/statusRouter.js +++ b/lib/web/statusRouter.js @@ -25,11 +25,11 @@ statusRouter.get('/status', function (req, res, next) { }) // get status statusRouter.get('/temp', function (req, res) { - var host = req.get('host') + const host = req.get('host') if (config.allowOrigin.indexOf(host) === -1) { errors.errorForbidden(res) } else { - var tempid = req.query.tempid + const tempid = req.query.tempid if (!tempid) { errors.errorForbidden(res) } else { @@ -60,11 +60,11 @@ statusRouter.get('/temp', function (req, res) { }) // post status statusRouter.post('/temp', urlencodedParser, function (req, res) { - var host = req.get('host') + const host = req.get('host') if (config.allowOrigin.indexOf(host) === -1) { errors.errorForbidden(res) } else { - var data = req.body.data + const data = req.body.data if (!data) { errors.errorForbidden(res) } else { @@ -90,7 +90,7 @@ statusRouter.post('/temp', urlencodedParser, function (req, res) { }) statusRouter.get('/config', function (req, res) { - var data = { + const data = { domain: config.domain, urlpath: config.urlPath, debug: config.debug, diff --git a/lib/web/userRouter.js b/lib/web/userRouter.js index f1f999f1..117668fa 100644 --- a/lib/web/userRouter.js +++ b/lib/web/userRouter.js @@ -21,7 +21,7 @@ UserRouter.get('/me', function (req, res) { } }).then(function (user) { if (!user) { return errors.errorNotFound(res) } - var profile = models.User.getProfile(user) + const profile = models.User.getProfile(user) res.send({ status: 'ok', id: req.user.id, @@ -70,7 +70,7 @@ UserRouter.get('/me/delete/:token?', function (req, res) { UserRouter.get('/me/export', function (req, res) { if (req.isAuthenticated()) { // let output = fs.createWriteStream(__dirname + '/example.zip'); - let archive = archiver('zip', { + const archive = archiver('zip', { zlib: { level: 3 } // Sets the compression level. }) res.setHeader('Content-Type', 'application/zip') @@ -90,13 +90,13 @@ UserRouter.get('/me/export', function (req, res) { ownerId: user.id } }).then(function (notes) { - let filenames = {} + const filenames = {} async.each(notes, function (note, callback) { - let basename = note.title.replace(/\//g, '-') // Prevent subdirectories + const basename = note.title.replace(/\//g, '-') // Prevent subdirectories let filename let suffix = '' do { - let seperator = typeof suffix === 'number' ? '-' : '' + const seperator = typeof suffix === 'number' ? '-' : '' filename = basename + seperator + suffix + '.md' suffix++ } while (filenames[filename]) |