From 6e5e6696ad5c336be700641caf94676a281fc181 Mon Sep 17 00:00:00 2001 From: Erik Michelson Date: Wed, 4 Sep 2019 20:25:32 +0200 Subject: Refactored note-creation with given noteId Known bugs/features: - pushing towards an existing note results in an error 500 Signed-off-by: Erik Michelson --- lib/response.js | 26 +++++++++++++++----------- lib/web/noteRouter.js | 6 +++--- 2 files changed, 18 insertions(+), 14 deletions(-) diff --git a/lib/response.js b/lib/response.js index cf4b5c1d..81d732a5 100644 --- a/lib/response.js +++ b/lib/response.js @@ -41,12 +41,12 @@ var response = { errorServiceUnavailable: function (res) { res.status(503).send("I'm busy right now, try again later.") }, - newNote: newNote, showNote: showNote, showPublishNote: showPublishNote, showPublishSlide: showPublishSlide, showIndex: showIndex, noteActions: noteActions, + postNote: postNote, publishNoteActions: publishNoteActions, publishSlideActions: publishSlideActions, githubActions: githubActions, @@ -107,8 +107,7 @@ function responseCodiMD (res, note) { }) } -function newNote (req, res, next) { - var owner = null +function postNote (req, res, next) { var body = '' if (req.body && req.body.length > config.documentMaxLength) { return response.errorTooLong(res) @@ -116,14 +115,25 @@ function newNote (req, res, next) { body = req.body } body = body.replace(/[\r]/g, '') + return newNote(req, res, body) +} + +function newNote (req, res, body) { + var owner = null + var noteId = req.params.noteId ? req.params.noteId : null if (req.isAuthenticated()) { owner = req.user.id } else if (!config.allowAnonymous) { return response.errorForbidden(res) } + if (config.allowFreeURL && noteId && !config.forbiddenNoteIDs.includes(noteId)) { + req.alias = noteId + } else if (noteId) { + return req.method === 'POST' ? response.errorForbidden(res) : response.errorNotFound(res) + } models.Note.create({ ownerId: owner, - alias: req.alias ? req.alias : (config.allowFreeURL ? (req.params.alias ? req.params.alias : null) : null), + alias: req.alias ? req.alias : null, content: body }).then(function (note) { return res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id))) @@ -144,7 +154,6 @@ function checkViewPermission (req, note) { } function findNote (req, res, callback, include) { - var noteId = req.params.noteId var id = req.params.noteId || req.params.shortid models.Note.parseNoteId(id, function (err, _id) { if (err) { @@ -158,12 +167,7 @@ function findNote (req, res, callback, include) { include: include || null }).then(function (note) { if (!note) { - if (config.allowFreeURL && noteId && !config.forbiddenNoteIDs.includes(noteId)) { - req.alias = noteId - return newNote(req, res) - } else { - return response.errorNotFound(res) - } + return newNote(req, res, null) } if (!checkViewPermission(req, note)) { return response.errorForbidden(res) diff --git a/lib/web/noteRouter.js b/lib/web/noteRouter.js index 78cb69e5..58e93019 100644 --- a/lib/web/noteRouter.js +++ b/lib/web/noteRouter.js @@ -9,11 +9,11 @@ const { markdownParser } = require('./utils') const noteRouter = module.exports = Router() // get new note -noteRouter.get('/new', response.newNote) +noteRouter.get('/new', response.postNote) // post new note with content -noteRouter.post('/new', markdownParser, response.newNote) +noteRouter.post('/new', markdownParser, response.postNote) // post new note with content and alias -noteRouter.post('/new/:alias', markdownParser, response.newNote) +noteRouter.post('/new/:noteId', markdownParser, response.postNote) // get publish note noteRouter.get('/s/:shortid', response.showPublishNote) // publish note actions -- cgit v1.2.3