From f78540c3fbf109d6ccf2d92c5b1cf0148c88f722 Mon Sep 17 00:00:00 2001
From: David Mehren
Date: Sun, 27 Oct 2019 13:51:53 +0100
Subject: Move note actions to their own file.

Because of circular import problems, this commit also moves the error messages from response.js to errors.js

Signed-off-by: David Mehren <dmehren1@gmail.com>
---
 lib/web/note/util.js | 67 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 67 insertions(+)
 create mode 100644 lib/web/note/util.js

(limited to 'lib/web/note/util.js')

diff --git a/lib/web/note/util.js b/lib/web/note/util.js
new file mode 100644
index 00000000..bda74ac4
--- /dev/null
+++ b/lib/web/note/util.js
@@ -0,0 +1,67 @@
+const models = require('../../models')
+const logger = require('../../logger')
+const config = require('../../config')
+const errors = require('../../errors')
+
+exports.findNote = function (req, res, callback, include) {
+  const id = req.params.noteId || req.params.shortid
+  models.Note.parseNoteId(id, function (err, _id) {
+    if (err) {
+      logger.error(err)
+      return errors.errorInternalError(res)
+    }
+    models.Note.findOne({
+      where: {
+        id: _id
+      },
+      include: include || null
+    }).then(function (note) {
+      if (!note) {
+        return exports.newNote(req, res, null)
+      }
+      if (!exports.checkViewPermission(req, note)) {
+        return errors.errorForbidden(res)
+      } else {
+        return callback(note)
+      }
+    }).catch(function (err) {
+      logger.error(err)
+      return errors.errorInternalError(res)
+    })
+  })
+}
+
+exports.checkViewPermission = function (req, note) {
+  if (note.permission === 'private') {
+    return !(!req.isAuthenticated() || note.ownerId !== req.user.id)
+  } else if (note.permission === 'limited' || note.permission === 'protected') {
+    return req.isAuthenticated()
+  } else {
+    return true
+  }
+}
+
+exports.newNote = function (req, res, body) {
+  let owner = null
+  const noteId = req.params.noteId ? req.params.noteId : null
+  if (req.isAuthenticated()) {
+    owner = req.user.id
+  } else if (!config.allowAnonymous) {
+    return errors.errorForbidden(res)
+  }
+  if (config.allowFreeURL && noteId && !config.forbiddenNoteIDs.includes(noteId)) {
+    req.alias = noteId
+  } else if (noteId) {
+    return req.method === 'POST' ? errors.errorForbidden(res) : errors.errorNotFound(res)
+  }
+  models.Note.create({
+    ownerId: owner,
+    alias: req.alias ? req.alias : null,
+    content: body
+  }).then(function (note) {
+    return res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id)))
+  }).catch(function (err) {
+    logger.error(err)
+    return errors.errorInternalError(res)
+  })
+}
-- 
cgit v1.2.3