diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/response.js | 26 | ||||
-rw-r--r-- | lib/web/noteRouter.js | 6 |
2 files changed, 19 insertions, 13 deletions
diff --git a/lib/response.js b/lib/response.js index 6450bdf5..81d732a5 100644 --- a/lib/response.js +++ b/lib/response.js @@ -41,12 +41,12 @@ var response = { errorServiceUnavailable: function (res) { res.status(503).send("I'm busy right now, try again later.") }, - newNote: newNote, showNote: showNote, showPublishNote: showPublishNote, showPublishSlide: showPublishSlide, showIndex: showIndex, noteActions: noteActions, + postNote: postNote, publishNoteActions: publishNoteActions, publishSlideActions: publishSlideActions, githubActions: githubActions, @@ -107,8 +107,7 @@ function responseCodiMD (res, note) { }) } -function newNote (req, res, next) { - var owner = null +function postNote (req, res, next) { var body = '' if (req.body && req.body.length > config.documentMaxLength) { return response.errorTooLong(res) @@ -116,17 +115,28 @@ function newNote (req, res, next) { body = req.body } body = body.replace(/[\r]/g, '') + return newNote(req, res, body) +} + +function newNote (req, res, body) { + var owner = null + var noteId = req.params.noteId ? req.params.noteId : null if (req.isAuthenticated()) { owner = req.user.id } else if (!config.allowAnonymous) { return response.errorForbidden(res) } + if (config.allowFreeURL && noteId && !config.forbiddenNoteIDs.includes(noteId)) { + req.alias = noteId + } else if (noteId) { + return req.method === 'POST' ? response.errorForbidden(res) : response.errorNotFound(res) + } models.Note.create({ ownerId: owner, alias: req.alias ? req.alias : null, content: body }).then(function (note) { - return res.redirect(config.serverURL + '/' + models.Note.encodeNoteId(note.id)) + return res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id))) }).catch(function (err) { logger.error(err) return response.errorInternalError(res) @@ -144,7 +154,6 @@ function checkViewPermission (req, note) { } function findNote (req, res, callback, include) { - var noteId = req.params.noteId var id = req.params.noteId || req.params.shortid models.Note.parseNoteId(id, function (err, _id) { if (err) { @@ -158,12 +167,7 @@ function findNote (req, res, callback, include) { include: include || null }).then(function (note) { if (!note) { - if (config.allowFreeURL && noteId && !config.forbiddenNoteIDs.includes(noteId)) { - req.alias = noteId - return newNote(req, res) - } else { - return response.errorNotFound(res) - } + return newNote(req, res, null) } if (!checkViewPermission(req, note)) { return response.errorForbidden(res) diff --git a/lib/web/noteRouter.js b/lib/web/noteRouter.js index bac2cf88..58e93019 100644 --- a/lib/web/noteRouter.js +++ b/lib/web/noteRouter.js @@ -9,9 +9,11 @@ const { markdownParser } = require('./utils') const noteRouter = module.exports = Router() // get new note -noteRouter.get('/new', response.newNote) +noteRouter.get('/new', response.postNote) // post new note with content -noteRouter.post('/new', markdownParser, response.newNote) +noteRouter.post('/new', markdownParser, response.postNote) +// post new note with content and alias +noteRouter.post('/new/:noteId', markdownParser, response.postNote) // get publish note noteRouter.get('/s/:shortid', response.showPublishNote) // publish note actions |