From 63c96e7359fff1cbb6198ac0d684cff0cc675667 Mon Sep 17 00:00:00 2001 From: BoHong Li Date: Fri, 12 Apr 2019 12:05:32 +0800 Subject: fix: upgrade sequelize to latest version to fix CVE Signed-off-by: BoHong Li --- lib/models/revision.js | 374 ++++++++++++++++++++++++------------------------- 1 file changed, 187 insertions(+), 187 deletions(-) (limited to 'lib/models/revision.js') diff --git a/lib/models/revision.js b/lib/models/revision.js index 69a2bf96..dbd76e4e 100644 --- a/lib/models/revision.js +++ b/lib/models/revision.js @@ -7,6 +7,8 @@ var childProcess = require('child_process') var shortId = require('shortid') var path = require('path') +var Op = Sequelize.Op + // core var logger = require('../logger') @@ -96,214 +98,212 @@ module.exports = function (sequelize, DataTypes) { this.setDataValue('authorship', value ? JSON.stringify(value) : value) } } - }, { - classMethods: { - associate: function (models) { - Revision.belongsTo(models.Note, { - foreignKey: 'noteId', - as: 'note', - constraints: false, - onDelete: 'CASCADE', - hooks: true - }) - }, - getNoteRevisions: function (note, callback) { - Revision.findAll({ - where: { - noteId: note.id - }, - order: [['createdAt', 'DESC']] - }).then(function (revisions) { - var data = [] - for (var i = 0, l = revisions.length; i < l; i++) { - var revision = revisions[i] - data.push({ - time: moment(revision.createdAt).valueOf(), - length: revision.length - }) - } - callback(null, data) - }).catch(function (err) { - callback(err, null) - }) + }) + + Revision.associate = function (models) { + Revision.belongsTo(models.Note, { + foreignKey: 'noteId', + as: 'note', + constraints: false, + onDelete: 'CASCADE', + hooks: true + }) + } + Revision.getNoteRevisions = function (note, callback) { + Revision.findAll({ + where: { + noteId: note.id }, - getPatchedNoteRevisionByTime: function (note, time, callback) { - // find all revisions to prepare for all possible calculation - Revision.findAll({ - where: { - noteId: note.id - }, - order: [['createdAt', 'DESC']] - }).then(function (revisions) { - if (revisions.length <= 0) return callback(null, null) - // measure target revision position - Revision.count({ - where: { - noteId: note.id, - createdAt: { - $gte: time - } - }, - order: [['createdAt', 'DESC']] - }).then(function (count) { - if (count <= 0) return callback(null, null) - sendDmpWorker({ - msg: 'get revision', - revisions: revisions, - count: count - }, callback) - }).catch(function (err) { - return callback(err, null) - }) - }).catch(function (err) { - return callback(err, null) + order: [['createdAt', 'DESC']] + }).then(function (revisions) { + var data = [] + for (var i = 0, l = revisions.length; i < l; i++) { + var revision = revisions[i] + data.push({ + time: moment(revision.createdAt).valueOf(), + length: revision.length }) + } + callback(null, data) + }).catch(function (err) { + callback(err, null) + }) + } + Revision.getPatchedNoteRevisionByTime = function (note, time, callback) { + // find all revisions to prepare for all possible calculation + Revision.findAll({ + where: { + noteId: note.id }, - checkAllNotesRevision: function (callback) { - Revision.saveAllNotesRevision(function (err, notes) { - if (err) return callback(err, null) - if (!notes || notes.length <= 0) { - return callback(null, notes) - } else { - Revision.checkAllNotesRevision(callback) + order: [['createdAt', 'DESC']] + }).then(function (revisions) { + if (revisions.length <= 0) return callback(null, null) + // measure target revision position + Revision.count({ + where: { + noteId: note.id, + createdAt: { + [Op.gte]: time } - }) - }, - saveAllNotesRevision: function (callback) { - sequelize.models.Note.findAll({ - // query all notes that need to save for revision - where: { - $and: [ - { - lastchangeAt: { - $or: { - $eq: null, - $and: { - $ne: null, - $gt: sequelize.col('createdAt') - } - } - } - }, - { - savedAt: { - $or: { - $eq: null, - $lt: sequelize.col('lastchangeAt') - } + }, + order: [['createdAt', 'DESC']] + }).then(function (count) { + if (count <= 0) return callback(null, null) + sendDmpWorker({ + msg: 'get revision', + revisions: revisions, + count: count + }, callback) + }).catch(function (err) { + return callback(err, null) + }) + }).catch(function (err) { + return callback(err, null) + }) + } + Revision.checkAllNotesRevision = function (callback) { + Revision.saveAllNotesRevision(function (err, notes) { + if (err) return callback(err, null) + if (!notes || notes.length <= 0) { + return callback(null, notes) + } else { + Revision.checkAllNotesRevision(callback) + } + }) + } + Revision.saveAllNotesRevision = function (callback) { + sequelize.models.Note.findAll({ + // query all notes that need to save for revision + where: { + [Op.and]: [ + { + lastchangeAt: { + [Op.or]: { + [Op.eq]: null, + [Op.and]: { + [Op.ne]: null, + [Op.gt]: sequelize.col('createdAt') } } - ] - } - }).then(function (notes) { - if (notes.length <= 0) return callback(null, notes) - var savedNotes = [] - async.each(notes, function (note, _callback) { - // revision saving policy: note not been modified for 5 mins or not save for 10 mins - if (note.lastchangeAt && note.savedAt) { - var lastchangeAt = moment(note.lastchangeAt) - var savedAt = moment(note.savedAt) - if (moment().isAfter(lastchangeAt.add(5, 'minutes'))) { - savedNotes.push(note) - Revision.saveNoteRevision(note, _callback) - } else if (lastchangeAt.isAfter(savedAt.add(10, 'minutes'))) { - savedNotes.push(note) - Revision.saveNoteRevision(note, _callback) - } else { - return _callback(null, null) - } - } else { - savedNotes.push(note) - Revision.saveNoteRevision(note, _callback) } - }, function (err) { - if (err) { - return callback(err, null) + }, + { + savedAt: { + [Op.or]: { + [Op.eq]: null, + [Op.lt]: sequelize.col('lastchangeAt') + } } - // return null when no notes need saving at this moment but have delayed tasks to be done - var result = ((savedNotes.length === 0) && (notes.length > savedNotes.length)) ? null : savedNotes - return callback(null, result) - }) + } + ] + } + }).then(function (notes) { + if (notes.length <= 0) return callback(null, notes) + var savedNotes = [] + async.each(notes, function (note, _callback) { + // revision saving policy: note not been modified for 5 mins or not save for 10 mins + if (note.lastchangeAt && note.savedAt) { + var lastchangeAt = moment(note.lastchangeAt) + var savedAt = moment(note.savedAt) + if (moment().isAfter(lastchangeAt.add(5, 'minutes'))) { + savedNotes.push(note) + Revision.saveNoteRevision(note, _callback) + } else if (lastchangeAt.isAfter(savedAt.add(10, 'minutes'))) { + savedNotes.push(note) + Revision.saveNoteRevision(note, _callback) + } else { + return _callback(null, null) + } + } else { + savedNotes.push(note) + Revision.saveNoteRevision(note, _callback) + } + }, function (err) { + if (err) { + return callback(err, null) + } + // return null when no notes need saving at this moment but have delayed tasks to be done + var result = ((savedNotes.length === 0) && (notes.length > savedNotes.length)) ? null : savedNotes + return callback(null, result) + }) + }).catch(function (err) { + return callback(err, null) + }) + } + Revision.saveNoteRevision = function (note, callback) { + Revision.findAll({ + where: { + noteId: note.id + }, + order: [['createdAt', 'DESC']] + }).then(function (revisions) { + if (revisions.length <= 0) { + // if no revision available + Revision.create({ + noteId: note.id, + lastContent: note.content ? note.content : '', + length: note.content ? note.content.length : 0, + authorship: note.authorship + }).then(function (revision) { + Revision.finishSaveNoteRevision(note, revision, callback) }).catch(function (err) { return callback(err, null) }) - }, - saveNoteRevision: function (note, callback) { - Revision.findAll({ - where: { - noteId: note.id - }, - order: [['createdAt', 'DESC']] - }).then(function (revisions) { - if (revisions.length <= 0) { - // if no revision available - Revision.create({ - noteId: note.id, - lastContent: note.content ? note.content : '', - length: note.content ? note.content.length : 0, - authorship: note.authorship + } else { + var latestRevision = revisions[0] + var lastContent = latestRevision.content || latestRevision.lastContent + var content = note.content + sendDmpWorker({ + msg: 'create patch', + lastDoc: lastContent, + currDoc: content + }, function (err, patch) { + if (err) logger.error('save note revision error', err) + if (!patch) { + // if patch is empty (means no difference) then just update the latest revision updated time + latestRevision.changed('updatedAt', true) + latestRevision.update({ + updatedAt: Date.now() }).then(function (revision) { Revision.finishSaveNoteRevision(note, revision, callback) }).catch(function (err) { return callback(err, null) }) } else { - var latestRevision = revisions[0] - var lastContent = latestRevision.content || latestRevision.lastContent - var content = note.content - sendDmpWorker({ - msg: 'create patch', - lastDoc: lastContent, - currDoc: content - }, function (err, patch) { - if (err) logger.error('save note revision error', err) - if (!patch) { - // if patch is empty (means no difference) then just update the latest revision updated time - latestRevision.changed('updatedAt', true) - latestRevision.update({ - updatedAt: Date.now() - }).then(function (revision) { - Revision.finishSaveNoteRevision(note, revision, callback) - }).catch(function (err) { - return callback(err, null) - }) - } else { - Revision.create({ - noteId: note.id, - patch: patch, - content: note.content, - length: note.content.length, - authorship: note.authorship - }).then(function (revision) { - // clear last revision content to reduce db size - latestRevision.update({ - content: null - }).then(function () { - Revision.finishSaveNoteRevision(note, revision, callback) - }).catch(function (err) { - return callback(err, null) - }) - }).catch(function (err) { - return callback(err, null) - }) - } + Revision.create({ + noteId: note.id, + patch: patch, + content: note.content, + length: note.content.length, + authorship: note.authorship + }).then(function (revision) { + // clear last revision content to reduce db size + latestRevision.update({ + content: null + }).then(function () { + Revision.finishSaveNoteRevision(note, revision, callback) + }).catch(function (err) { + return callback(err, null) + }) + }).catch(function (err) { + return callback(err, null) }) } - }).catch(function (err) { - return callback(err, null) - }) - }, - finishSaveNoteRevision: function (note, revision, callback) { - note.update({ - savedAt: revision.updatedAt - }).then(function () { - return callback(null, revision) - }).catch(function (err) { - return callback(err, null) }) } - } - }) + }).catch(function (err) { + return callback(err, null) + }) + } + Revision.finishSaveNoteRevision = function (note, revision, callback) { + note.update({ + savedAt: revision.updatedAt + }).then(function () { + return callback(null, revision) + }).catch(function (err) { + return callback(err, null) + }) + } return Revision } -- cgit v1.2.3