From f78540c3fbf109d6ccf2d92c5b1cf0148c88f722 Mon Sep 17 00:00:00 2001 From: David Mehren Date: Sun, 27 Oct 2019 13:51:53 +0100 Subject: Move note actions to their own file. Because of circular import problems, this commit also moves the error messages from response.js to errors.js Signed-off-by: David Mehren --- lib/web/auth/email/index.js | 12 +-- lib/web/auth/ldap/index.js | 4 +- lib/web/baseRouter.js | 8 +- lib/web/imageRouter/index.js | 4 +- lib/web/middleware/checkURIValid.js | 4 +- lib/web/middleware/tooBusy.js | 4 +- lib/web/note/actions.js | 187 ++++++++++++++++++++++++++++++++++++ lib/web/note/router.js | 32 ++++++ lib/web/note/util.js | 67 +++++++++++++ lib/web/noteRouter.js | 30 ------ lib/web/statusRouter.js | 18 ++-- lib/web/userRouter.js | 22 ++--- 12 files changed, 325 insertions(+), 67 deletions(-) create mode 100644 lib/web/note/actions.js create mode 100644 lib/web/note/router.js create mode 100644 lib/web/note/util.js delete mode 100644 lib/web/noteRouter.js (limited to 'lib/web') diff --git a/lib/web/auth/email/index.js b/lib/web/auth/email/index.js index 32e21428..06560545 100644 --- a/lib/web/auth/email/index.js +++ b/lib/web/auth/email/index.js @@ -9,7 +9,7 @@ const models = require('../../../models') const logger = require('../../../logger') const { setReturnToFromReferer } = require('../utils') const { urlencodedParser } = require('../../utils') -const response = require('../../../response') +const errors = require('../../../errors') let emailAuth = module.exports = Router() @@ -39,8 +39,8 @@ passport.use(new LocalStrategy({ if (config.allowEmailRegister) { emailAuth.post('/register', urlencodedParser, function (req, res, next) { - if (!req.body.email || !req.body.password) return response.errorBadRequest(res) - if (!validator.isEmail(req.body.email)) return response.errorBadRequest(res) + if (!req.body.email || !req.body.password) return errors.errorBadRequest(res) + if (!validator.isEmail(req.body.email)) return errors.errorBadRequest(res) models.User.findOrCreate({ where: { email: req.body.email @@ -63,14 +63,14 @@ if (config.allowEmailRegister) { return res.redirect(config.serverURL + '/') }).catch(function (err) { logger.error('auth callback failed: ' + err) - return response.errorInternalError(res) + return errors.errorInternalError(res) }) }) } emailAuth.post('/login', urlencodedParser, function (req, res, next) { - if (!req.body.email || !req.body.password) return response.errorBadRequest(res) - if (!validator.isEmail(req.body.email)) return response.errorBadRequest(res) + if (!req.body.email || !req.body.password) return errors.errorBadRequest(res) + if (!validator.isEmail(req.body.email)) return errors.errorBadRequest(res) setReturnToFromReferer(req) passport.authenticate('local', { successReturnToOrRedirect: config.serverURL + '/', diff --git a/lib/web/auth/ldap/index.js b/lib/web/auth/ldap/index.js index 96143664..28f3e471 100644 --- a/lib/web/auth/ldap/index.js +++ b/lib/web/auth/ldap/index.js @@ -8,7 +8,7 @@ const models = require('../../../models') const logger = require('../../../logger') const { setReturnToFromReferer } = require('../utils') const { urlencodedParser } = require('../../utils') -const response = require('../../../response') +const errors = require('../../../errors') let ldapAuth = module.exports = Router() @@ -81,7 +81,7 @@ passport.use(new LDAPStrategy({ })) ldapAuth.post('/auth/ldap', urlencodedParser, function (req, res, next) { - if (!req.body.username || !req.body.password) return response.errorBadRequest(res) + if (!req.body.username || !req.body.password) return errors.errorBadRequest(res) setReturnToFromReferer(req) passport.authenticate('ldapauth', { successReturnToOrRedirect: config.serverURL + '/', diff --git a/lib/web/baseRouter.js b/lib/web/baseRouter.js index b918ce75..df5e2777 100644 --- a/lib/web/baseRouter.js +++ b/lib/web/baseRouter.js @@ -6,17 +6,19 @@ const response = require('../response') const baseRouter = module.exports = Router() +const errors = require('../errors') + // get index baseRouter.get('/', response.showIndex) // get 403 forbidden baseRouter.get('/403', function (req, res) { - response.errorForbidden(res) + errors.errorForbidden(res) }) // get 404 not found baseRouter.get('/404', function (req, res) { - response.errorNotFound(res) + errors.errorNotFound(res) }) // get 500 internal error baseRouter.get('/500', function (req, res) { - response.errorInternalError(res) + errors.errorInternalError(res) }) diff --git a/lib/web/imageRouter/index.js b/lib/web/imageRouter/index.js index 0b59218b..aa02e9b0 100644 --- a/lib/web/imageRouter/index.js +++ b/lib/web/imageRouter/index.js @@ -5,7 +5,7 @@ const formidable = require('formidable') const config = require('../../config') const logger = require('../../logger') -const response = require('../../response') +const errors = require('../../errors') const imageRouter = module.exports = Router() @@ -22,7 +22,7 @@ imageRouter.post('/uploadimage', function (req, res) { form.parse(req, function (err, fields, files) { if (err || !files.image || !files.image.path) { logger.error(`formidable error: ${err}`) - response.errorForbidden(res) + errors.errorForbidden(res) } else { logger.debug(`SERVER received uploadimage: ${JSON.stringify(files.image)}`) diff --git a/lib/web/middleware/checkURIValid.js b/lib/web/middleware/checkURIValid.js index 88065e79..cd6dabd2 100644 --- a/lib/web/middleware/checkURIValid.js +++ b/lib/web/middleware/checkURIValid.js @@ -1,14 +1,14 @@ 'use strict' const logger = require('../../logger') -const response = require('../../response') +const errors = require('../../errors') module.exports = function (req, res, next) { try { decodeURIComponent(req.path) } catch (err) { logger.error(err) - return response.errorBadRequest(res) + return errors.errorBadRequest(res) } next() } diff --git a/lib/web/middleware/tooBusy.js b/lib/web/middleware/tooBusy.js index 49efbe37..a2101975 100644 --- a/lib/web/middleware/tooBusy.js +++ b/lib/web/middleware/tooBusy.js @@ -2,14 +2,14 @@ const toobusy = require('toobusy-js') -const response = require('../../response') +const errors = require('../../errors') const config = require('../../config') toobusy.maxLag(config.tooBusyLag) module.exports = function (req, res, next) { if (toobusy()) { - response.errorServiceUnavailable(res) + errors.errorServiceUnavailable(res) } else { next() } diff --git a/lib/web/note/actions.js b/lib/web/note/actions.js new file mode 100644 index 00000000..cfefc8d5 --- /dev/null +++ b/lib/web/note/actions.js @@ -0,0 +1,187 @@ +'use strict' + +const models = require('../../models') +const logger = require('../../logger') +const config = require('../../config') +const error = require('../../errors') +const fs = require('fs') +const shortId = require('shortid') +const markdownpdf = require('markdown-pdf') +const moment = require('moment') +const querystring = require('querystring') +const noteUtil = require('./util') + +exports.doAction = function (req, res, next) { + const noteId = req.params.noteId + noteUtil.findNote(req, res, function (note) { + const action = req.params.action + switch (action) { + case 'publish': + case 'pretty': // pretty deprecated + actionPublish(req, res, note) + break + case 'slide': + actionSlide(req, res, note) + break + case 'download': + exports.actionDownload(req, res, note) + break + case 'info': + actionInfo(req, res, note) + break + case 'pdf': + if (config.allowPDFExport) { + actionPDF(req, res, note) + } else { + logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details') + error.errorForbidden(res) + } + break + case 'gist': + actionGist(req, res, note) + break + case 'revision': + actionRevision(req, res, note) + break + default: + return res.redirect(config.serverURL + '/' + noteId) + } + }) +} + +function actionPublish (req, res, note) { + res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid)) +} + +function actionSlide (req, res, note) { + res.redirect(config.serverURL + '/p/' + (note.alias || note.shortid)) +} + +exports.actionDownload = function (req, res, note) { + const body = note.content + let filename = models.Note.decodeTitle(note.title) + filename = encodeURIComponent(filename) + res.set({ + 'Access-Control-Allow-Origin': '*', // allow CORS as API + 'Access-Control-Allow-Headers': 'Range', + 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', + 'Content-Type': 'text/markdown; charset=UTF-8', + 'Cache-Control': 'private', + 'Content-disposition': 'attachment; filename=' + filename + '.md', + 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling + }) + res.send(body) +} + +function actionInfo (req, res, note) { + const body = note.content + const extracted = models.Note.extractMeta(body) + const markdown = extracted.markdown + const meta = models.Note.parseMeta(extracted.meta) + const createtime = note.createdAt + const updatetime = note.lastchangeAt + const title = models.Note.decodeTitle(note.title) + const data = { + title: meta.title || title, + description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null), + viewcount: note.viewcount, + createtime: createtime, + updatetime: updatetime + } + res.set({ + 'Access-Control-Allow-Origin': '*', // allow CORS as API + 'Access-Control-Allow-Headers': 'Range', + 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', + 'Cache-Control': 'private', // only cache by client + 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling + }) + res.send(data) +} + +function actionPDF (req, res, note) { + const url = config.serverURL || 'http://' + req.get('host') + const body = note.content + const extracted = models.Note.extractMeta(body) + let content = extracted.markdown + const title = models.Note.decodeTitle(note.title) + + if (!fs.existsSync(config.tmpPath)) { + fs.mkdirSync(config.tmpPath) + } + const path = config.tmpPath + '/' + Date.now() + '.pdf' + content = content.replace(/\]\(\//g, '](' + url + '/') + markdownpdf().from.string(content).to(path, function () { + if (!fs.existsSync(path)) { + logger.error('PDF seems to not be generated as expected. File doesn\'t exist: ' + path) + return error.errorInternalError(res) + } + const stream = fs.createReadStream(path) + let filename = title + // Be careful of special characters + filename = encodeURIComponent(filename) + // Ideally this should strip them + res.setHeader('Content-disposition', 'attachment; filename="' + filename + '.pdf"') + res.setHeader('Cache-Control', 'private') + res.setHeader('Content-Type', 'application/pdf; charset=UTF-8') + res.setHeader('X-Robots-Tag', 'noindex, nofollow') // prevent crawling + stream.pipe(res) + fs.unlinkSync(path) + }) +} + +function actionGist (req, res, note) { + const data = { + client_id: config.github.clientID, + redirect_uri: config.serverURL + '/auth/github/callback/' + models.Note.encodeNoteId(note.id) + '/gist', + scope: 'gist', + state: shortId.generate() + } + const query = querystring.stringify(data) + res.redirect('https://github.com/login/oauth/authorize?' + query) +} + +function actionRevision (req, res, note) { + const actionId = req.params.actionId + if (actionId) { + const time = moment(parseInt(actionId)) + if (time.isValid()) { + models.Revision.getPatchedNoteRevisionByTime(note, time, function (err, content) { + if (err) { + logger.error(err) + return error.errorInternalError(res) + } + if (!content) { + return error.errorNotFound(res) + } + res.set({ + 'Access-Control-Allow-Origin': '*', // allow CORS as API + 'Access-Control-Allow-Headers': 'Range', + 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', + 'Cache-Control': 'private', // only cache by client + 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling + }) + res.send(content) + }) + } else { + return error.errorNotFound(res) + } + } else { + models.Revision.getNoteRevisions(note, function (err, data) { + if (err) { + logger.error(err) + return error.errorInternalError(res) + } + const out = { + revision: data + } + res.set({ + 'Access-Control-Allow-Origin': '*', // allow CORS as API + 'Access-Control-Allow-Headers': 'Range', + 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', + 'Cache-Control': 'private', // only cache by client + 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling + }) + res.send(out) + }) + } +} diff --git a/lib/web/note/router.js b/lib/web/note/router.js new file mode 100644 index 00000000..e23b7f64 --- /dev/null +++ b/lib/web/note/router.js @@ -0,0 +1,32 @@ +'use strict' + +const Router = require('express').Router + +const response = require('../../response') + +const { markdownParser } = require('../utils') + +const router = module.exports = Router() + +const noteActions = require('./actions') + +// get new note +router.get('/new', response.postNote) +// post new note with content +router.post('/new', markdownParser, response.postNote) +// post new note with content and alias +router.post('/new/:noteId', markdownParser, response.postNote) +// get publish note +router.get('/s/:shortid', response.showPublishNote) +// publish note actions +router.get('/s/:shortid/:action', response.publishNoteActions) +// get publish slide +router.get('/p/:shortid', response.showPublishSlide) +// publish slide actions +router.get('/p/:shortid/:action', response.publishSlideActions) +// get note by id +router.get('/:noteId', response.showNote) +// note actions +router.get('/:noteId/:action', noteActions.doAction) +// note actions with action id +router.get('/:noteId/:action/:actionId', noteActions.doAction) diff --git a/lib/web/note/util.js b/lib/web/note/util.js new file mode 100644 index 00000000..bda74ac4 --- /dev/null +++ b/lib/web/note/util.js @@ -0,0 +1,67 @@ +const models = require('../../models') +const logger = require('../../logger') +const config = require('../../config') +const errors = require('../../errors') + +exports.findNote = function (req, res, callback, include) { + const id = req.params.noteId || req.params.shortid + models.Note.parseNoteId(id, function (err, _id) { + if (err) { + logger.error(err) + return errors.errorInternalError(res) + } + models.Note.findOne({ + where: { + id: _id + }, + include: include || null + }).then(function (note) { + if (!note) { + return exports.newNote(req, res, null) + } + if (!exports.checkViewPermission(req, note)) { + return errors.errorForbidden(res) + } else { + return callback(note) + } + }).catch(function (err) { + logger.error(err) + return errors.errorInternalError(res) + }) + }) +} + +exports.checkViewPermission = function (req, note) { + if (note.permission === 'private') { + return !(!req.isAuthenticated() || note.ownerId !== req.user.id) + } else if (note.permission === 'limited' || note.permission === 'protected') { + return req.isAuthenticated() + } else { + return true + } +} + +exports.newNote = function (req, res, body) { + let owner = null + const noteId = req.params.noteId ? req.params.noteId : null + if (req.isAuthenticated()) { + owner = req.user.id + } else if (!config.allowAnonymous) { + return errors.errorForbidden(res) + } + if (config.allowFreeURL && noteId && !config.forbiddenNoteIDs.includes(noteId)) { + req.alias = noteId + } else if (noteId) { + return req.method === 'POST' ? errors.errorForbidden(res) : errors.errorNotFound(res) + } + models.Note.create({ + ownerId: owner, + alias: req.alias ? req.alias : null, + content: body + }).then(function (note) { + return res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id))) + }).catch(function (err) { + logger.error(err) + return errors.errorInternalError(res) + }) +} diff --git a/lib/web/noteRouter.js b/lib/web/noteRouter.js deleted file mode 100644 index 58e93019..00000000 --- a/lib/web/noteRouter.js +++ /dev/null @@ -1,30 +0,0 @@ -'use strict' - -const Router = require('express').Router - -const response = require('../response') - -const { markdownParser } = require('./utils') - -const noteRouter = module.exports = Router() - -// get new note -noteRouter.get('/new', response.postNote) -// post new note with content -noteRouter.post('/new', markdownParser, response.postNote) -// post new note with content and alias -noteRouter.post('/new/:noteId', markdownParser, response.postNote) -// get publish note -noteRouter.get('/s/:shortid', response.showPublishNote) -// publish note actions -noteRouter.get('/s/:shortid/:action', response.publishNoteActions) -// get publish slide -noteRouter.get('/p/:shortid', response.showPublishSlide) -// publish slide actions -noteRouter.get('/p/:shortid/:action', response.publishSlideActions) -// get note by id -noteRouter.get('/:noteId', response.showNote) -// note actions -noteRouter.get('/:noteId/:action', response.noteActions) -// note actions with action id -noteRouter.get('/:noteId/:action/:actionId', response.noteActions) diff --git a/lib/web/statusRouter.js b/lib/web/statusRouter.js index 1d9a1157..025aafd4 100644 --- a/lib/web/statusRouter.js +++ b/lib/web/statusRouter.js @@ -2,7 +2,7 @@ const Router = require('express').Router -const response = require('../response') +const errors = require('../errors') const realtime = require('../realtime') const config = require('../config') const models = require('../models') @@ -27,11 +27,11 @@ statusRouter.get('/status', function (req, res, next) { statusRouter.get('/temp', function (req, res) { var host = req.get('host') if (config.allowOrigin.indexOf(host) === -1) { - response.errorForbidden(res) + errors.errorForbidden(res) } else { var tempid = req.query.tempid if (!tempid) { - response.errorForbidden(res) + errors.errorForbidden(res) } else { models.Temp.findOne({ where: { @@ -39,7 +39,7 @@ statusRouter.get('/temp', function (req, res) { } }).then(function (temp) { if (!temp) { - response.errorNotFound(res) + errors.errorNotFound(res) } else { res.header('Access-Control-Allow-Origin', '*') res.send({ @@ -53,7 +53,7 @@ statusRouter.get('/temp', function (req, res) { } }).catch(function (err) { logger.error(err) - return response.errorInternalError(res) + return errors.errorInternalError(res) }) } } @@ -62,11 +62,11 @@ statusRouter.get('/temp', function (req, res) { statusRouter.post('/temp', urlencodedParser, function (req, res) { var host = req.get('host') if (config.allowOrigin.indexOf(host) === -1) { - response.errorForbidden(res) + errors.errorForbidden(res) } else { var data = req.body.data if (!data) { - response.errorForbidden(res) + errors.errorForbidden(res) } else { logger.debug(`SERVER received temp from [${host}]: ${req.body.data}`) models.Temp.create({ @@ -79,11 +79,11 @@ statusRouter.post('/temp', urlencodedParser, function (req, res) { id: temp.id }) } else { - response.errorInternalError(res) + errors.errorInternalError(res) } }).catch(function (err) { logger.error(err) - return response.errorInternalError(res) + return errors.errorInternalError(res) }) } } diff --git a/lib/web/userRouter.js b/lib/web/userRouter.js index 73b519ec..f1f999f1 100644 --- a/lib/web/userRouter.js +++ b/lib/web/userRouter.js @@ -4,7 +4,7 @@ const archiver = require('archiver') const async = require('async') const Router = require('express').Router -const response = require('../response') +const errors = require('../errors') const config = require('../config') const models = require('../models') const logger = require('../logger') @@ -20,7 +20,7 @@ UserRouter.get('/me', function (req, res) { id: req.user.id } }).then(function (user) { - if (!user) { return response.errorNotFound(res) } + if (!user) { return errors.errorNotFound(res) } var profile = models.User.getProfile(user) res.send({ status: 'ok', @@ -30,7 +30,7 @@ UserRouter.get('/me', function (req, res) { }) }).catch(function (err) { logger.error('read me failed: ' + err) - return response.errorInternalError(res) + return errors.errorInternalError(res) }) } else { res.send({ @@ -48,21 +48,21 @@ UserRouter.get('/me/delete/:token?', function (req, res) { } }).then(function (user) { if (!user) { - return response.errorNotFound(res) + return errors.errorNotFound(res) } if (user.deleteToken === req.params.token) { user.destroy().then(function () { res.redirect(config.serverURL + '/') }) } else { - return response.errorForbidden(res) + return errors.errorForbidden(res) } }).catch(function (err) { logger.error('delete user failed: ' + err) - return response.errorInternalError(res) + return errors.errorInternalError(res) }) } else { - return response.errorForbidden(res) + return errors.errorForbidden(res) } }) @@ -78,7 +78,7 @@ UserRouter.get('/me/export', function (req, res) { archive.pipe(res) archive.on('error', function (err) { logger.error('export user data failed: ' + err) - return response.errorInternalError(res) + return errors.errorInternalError(res) }) models.User.findOne({ where: { @@ -107,7 +107,7 @@ UserRouter.get('/me/export', function (req, res) { callback(null, null) }, function (err) { if (err) { - return response.errorInternalError(res) + return errors.errorInternalError(res) } archive.finalize() @@ -115,10 +115,10 @@ UserRouter.get('/me/export', function (req, res) { }) }).catch(function (err) { logger.error('export user data failed: ' + err) - return response.errorInternalError(res) + return errors.errorInternalError(res) }) } else { - return response.errorForbidden(res) + return errors.errorForbidden(res) } }) -- cgit v1.2.3 From 9d938c334a5a058e243327c65e15fd6fc56c9403 Mon Sep 17 00:00:00 2001 From: David Mehren Date: Sun, 27 Oct 2019 14:19:46 +0100 Subject: Fix errors constant in note/actions.js Signed-off-by: David Mehren --- lib/web/note/actions.js | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'lib/web') diff --git a/lib/web/note/actions.js b/lib/web/note/actions.js index cfefc8d5..a124277a 100644 --- a/lib/web/note/actions.js +++ b/lib/web/note/actions.js @@ -3,7 +3,7 @@ const models = require('../../models') const logger = require('../../logger') const config = require('../../config') -const error = require('../../errors') +const errors = require('../../errors') const fs = require('fs') const shortId = require('shortid') const markdownpdf = require('markdown-pdf') @@ -34,7 +34,7 @@ exports.doAction = function (req, res, next) { actionPDF(req, res, note) } else { logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details') - error.errorForbidden(res) + errors.errorForbidden(res) } break case 'gist': @@ -113,7 +113,7 @@ function actionPDF (req, res, note) { markdownpdf().from.string(content).to(path, function () { if (!fs.existsSync(path)) { logger.error('PDF seems to not be generated as expected. File doesn\'t exist: ' + path) - return error.errorInternalError(res) + return errors.errorInternalError(res) } const stream = fs.createReadStream(path) let filename = title @@ -148,10 +148,10 @@ function actionRevision (req, res, note) { models.Revision.getPatchedNoteRevisionByTime(note, time, function (err, content) { if (err) { logger.error(err) - return error.errorInternalError(res) + return errors.errorInternalError(res) } if (!content) { - return error.errorNotFound(res) + return errors.errorNotFound(res) } res.set({ 'Access-Control-Allow-Origin': '*', // allow CORS as API @@ -163,13 +163,13 @@ function actionRevision (req, res, note) { res.send(content) }) } else { - return error.errorNotFound(res) + return errors.errorNotFound(res) } } else { models.Revision.getNoteRevisions(note, function (err, data) { if (err) { logger.error(err) - return error.errorInternalError(res) + return errors.errorInternalError(res) } const out = { revision: data -- cgit v1.2.3 From afb317b55155eed2cfcad0fee5aba2107dc0b106 Mon Sep 17 00:00:00 2001 From: David Mehren Date: Sun, 27 Oct 2019 14:27:15 +0100 Subject: Move slide actions to own file Signed-off-by: David Mehren --- lib/web/note/router.js | 5 +-- lib/web/note/slide.js | 83 ++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 86 insertions(+), 2 deletions(-) create mode 100644 lib/web/note/slide.js (limited to 'lib/web') diff --git a/lib/web/note/router.js b/lib/web/note/router.js index e23b7f64..2a6bf2aa 100644 --- a/lib/web/note/router.js +++ b/lib/web/note/router.js @@ -9,6 +9,7 @@ const { markdownParser } = require('../utils') const router = module.exports = Router() const noteActions = require('./actions') +const slide = require('./slide') // get new note router.get('/new', response.postNote) @@ -21,9 +22,9 @@ router.get('/s/:shortid', response.showPublishNote) // publish note actions router.get('/s/:shortid/:action', response.publishNoteActions) // get publish slide -router.get('/p/:shortid', response.showPublishSlide) +router.get('/p/:shortid', slide.showPublishSlide) // publish slide actions -router.get('/p/:shortid/:action', response.publishSlideActions) +router.get('/p/:shortid/:action', slide.publishSlideActions) // get note by id router.get('/:noteId', response.showNote) // note actions diff --git a/lib/web/note/slide.js b/lib/web/note/slide.js new file mode 100644 index 00000000..58e46102 --- /dev/null +++ b/lib/web/note/slide.js @@ -0,0 +1,83 @@ +const noteUtil = require('./util') +const models = require('../../models') +const errors = require('../../errors') +const logger = require('../../logger') +const config = require('../../config') +const fs = require('fs') +const path = require('path') + +exports.publishSlideActions = function (req, res, next) { + noteUtil.findNote(req, res, function (note) { + const action = req.params.action + if (action === 'edit') { + res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id)) + '?both') + } else { res.redirect(config.serverURL + '/p/' + note.shortid) } + }) +} + +exports.showPublishSlide = function (req, res, next) { + const include = [{ + model: models.User, + as: 'owner' + }, { + model: models.User, + as: 'lastchangeuser' + }] + noteUtil.findNote(req, res, function (note) { + // force to use short id + const shortid = req.params.shortid + if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) { + return res.redirect(config.serverURL + '/p/' + (note.alias || note.shortid)) + } + note.increment('viewcount').then(function (note) { + if (!note) { + return errors.errorNotFound(res) + } + const body = note.content + const extracted = models.Note.extractMeta(body) + const markdown = extracted.markdown + const meta = models.Note.parseMeta(extracted.meta) + const createtime = note.createdAt + const updatetime = note.lastchangeAt + let title = models.Note.decodeTitle(note.title) + title = models.Note.generateWebTitle(meta.title || title) + const data = { + title: title, + description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null), + viewcount: note.viewcount, + createtime: createtime, + updatetime: updatetime, + body: markdown, + theme: meta.slideOptions && isRevealTheme(meta.slideOptions.theme), + meta: JSON.stringify(extracted.meta), + owner: note.owner ? note.owner.id : null, + ownerprofile: note.owner ? models.User.getProfile(note.owner) : null, + lastchangeuser: note.lastchangeuser ? note.lastchangeuser.id : null, + lastchangeuserprofile: note.lastchangeuser ? models.User.getProfile(note.lastchangeuser) : null, + robots: meta.robots || false, // default allow robots + GA: meta.GA, + disqus: meta.disqus, + cspNonce: res.locals.nonce, + dnt: req.headers.dnt + } + return renderPublishSlide(data, res) + }).catch(function (err) { + logger.error(err) + return errors.errorInternalError(res) + }) + }, include) +} + +function renderPublishSlide (data, res) { + res.set({ + 'Cache-Control': 'private' // only cache by client + }) + res.render('slide.ejs', data) +} + +function isRevealTheme (theme) { + if (fs.existsSync(path.join(__dirname, '..', 'public', 'build', 'reveal.js', 'css', 'theme', theme + '.css'))) { + return theme + } + return undefined +} -- cgit v1.2.3 From 30487f7c01dc15435d86d95d24257853d7930154 Mon Sep 17 00:00:00 2001 From: David Mehren Date: Sun, 27 Oct 2019 14:40:36 +0100 Subject: Rename actions.js to controller.js and rename functions to be more descriptive Move postNote to NoteController and rename to createFromPost Signed-off-by: David Mehren --- lib/web/note/actions.js | 187 ------------------------------------------ lib/web/note/controller.js | 198 +++++++++++++++++++++++++++++++++++++++++++++ lib/web/note/router.js | 12 +-- 3 files changed, 204 insertions(+), 193 deletions(-) delete mode 100644 lib/web/note/actions.js create mode 100644 lib/web/note/controller.js (limited to 'lib/web') diff --git a/lib/web/note/actions.js b/lib/web/note/actions.js deleted file mode 100644 index a124277a..00000000 --- a/lib/web/note/actions.js +++ /dev/null @@ -1,187 +0,0 @@ -'use strict' - -const models = require('../../models') -const logger = require('../../logger') -const config = require('../../config') -const errors = require('../../errors') -const fs = require('fs') -const shortId = require('shortid') -const markdownpdf = require('markdown-pdf') -const moment = require('moment') -const querystring = require('querystring') -const noteUtil = require('./util') - -exports.doAction = function (req, res, next) { - const noteId = req.params.noteId - noteUtil.findNote(req, res, function (note) { - const action = req.params.action - switch (action) { - case 'publish': - case 'pretty': // pretty deprecated - actionPublish(req, res, note) - break - case 'slide': - actionSlide(req, res, note) - break - case 'download': - exports.actionDownload(req, res, note) - break - case 'info': - actionInfo(req, res, note) - break - case 'pdf': - if (config.allowPDFExport) { - actionPDF(req, res, note) - } else { - logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details') - errors.errorForbidden(res) - } - break - case 'gist': - actionGist(req, res, note) - break - case 'revision': - actionRevision(req, res, note) - break - default: - return res.redirect(config.serverURL + '/' + noteId) - } - }) -} - -function actionPublish (req, res, note) { - res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid)) -} - -function actionSlide (req, res, note) { - res.redirect(config.serverURL + '/p/' + (note.alias || note.shortid)) -} - -exports.actionDownload = function (req, res, note) { - const body = note.content - let filename = models.Note.decodeTitle(note.title) - filename = encodeURIComponent(filename) - res.set({ - 'Access-Control-Allow-Origin': '*', // allow CORS as API - 'Access-Control-Allow-Headers': 'Range', - 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', - 'Content-Type': 'text/markdown; charset=UTF-8', - 'Cache-Control': 'private', - 'Content-disposition': 'attachment; filename=' + filename + '.md', - 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling - }) - res.send(body) -} - -function actionInfo (req, res, note) { - const body = note.content - const extracted = models.Note.extractMeta(body) - const markdown = extracted.markdown - const meta = models.Note.parseMeta(extracted.meta) - const createtime = note.createdAt - const updatetime = note.lastchangeAt - const title = models.Note.decodeTitle(note.title) - const data = { - title: meta.title || title, - description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null), - viewcount: note.viewcount, - createtime: createtime, - updatetime: updatetime - } - res.set({ - 'Access-Control-Allow-Origin': '*', // allow CORS as API - 'Access-Control-Allow-Headers': 'Range', - 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', - 'Cache-Control': 'private', // only cache by client - 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling - }) - res.send(data) -} - -function actionPDF (req, res, note) { - const url = config.serverURL || 'http://' + req.get('host') - const body = note.content - const extracted = models.Note.extractMeta(body) - let content = extracted.markdown - const title = models.Note.decodeTitle(note.title) - - if (!fs.existsSync(config.tmpPath)) { - fs.mkdirSync(config.tmpPath) - } - const path = config.tmpPath + '/' + Date.now() + '.pdf' - content = content.replace(/\]\(\//g, '](' + url + '/') - markdownpdf().from.string(content).to(path, function () { - if (!fs.existsSync(path)) { - logger.error('PDF seems to not be generated as expected. File doesn\'t exist: ' + path) - return errors.errorInternalError(res) - } - const stream = fs.createReadStream(path) - let filename = title - // Be careful of special characters - filename = encodeURIComponent(filename) - // Ideally this should strip them - res.setHeader('Content-disposition', 'attachment; filename="' + filename + '.pdf"') - res.setHeader('Cache-Control', 'private') - res.setHeader('Content-Type', 'application/pdf; charset=UTF-8') - res.setHeader('X-Robots-Tag', 'noindex, nofollow') // prevent crawling - stream.pipe(res) - fs.unlinkSync(path) - }) -} - -function actionGist (req, res, note) { - const data = { - client_id: config.github.clientID, - redirect_uri: config.serverURL + '/auth/github/callback/' + models.Note.encodeNoteId(note.id) + '/gist', - scope: 'gist', - state: shortId.generate() - } - const query = querystring.stringify(data) - res.redirect('https://github.com/login/oauth/authorize?' + query) -} - -function actionRevision (req, res, note) { - const actionId = req.params.actionId - if (actionId) { - const time = moment(parseInt(actionId)) - if (time.isValid()) { - models.Revision.getPatchedNoteRevisionByTime(note, time, function (err, content) { - if (err) { - logger.error(err) - return errors.errorInternalError(res) - } - if (!content) { - return errors.errorNotFound(res) - } - res.set({ - 'Access-Control-Allow-Origin': '*', // allow CORS as API - 'Access-Control-Allow-Headers': 'Range', - 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', - 'Cache-Control': 'private', // only cache by client - 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling - }) - res.send(content) - }) - } else { - return errors.errorNotFound(res) - } - } else { - models.Revision.getNoteRevisions(note, function (err, data) { - if (err) { - logger.error(err) - return errors.errorInternalError(res) - } - const out = { - revision: data - } - res.set({ - 'Access-Control-Allow-Origin': '*', // allow CORS as API - 'Access-Control-Allow-Headers': 'Range', - 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', - 'Cache-Control': 'private', // only cache by client - 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling - }) - res.send(out) - }) - } -} diff --git a/lib/web/note/controller.js b/lib/web/note/controller.js new file mode 100644 index 00000000..c89cc5de --- /dev/null +++ b/lib/web/note/controller.js @@ -0,0 +1,198 @@ +'use strict' + +const models = require('../../models') +const logger = require('../../logger') +const config = require('../../config') +const errors = require('../../errors') +const fs = require('fs') +const shortId = require('shortid') +const markdownpdf = require('markdown-pdf') +const moment = require('moment') +const querystring = require('querystring') +const noteUtil = require('./util') + +exports.createFromPOST = function (req, res, next) { + let body = '' + if (req.body && req.body.length > config.documentMaxLength) { + return errors.errorTooLong(res) + } else if (req.body) { + body = req.body + } + body = body.replace(/[\r]/g, '') + return noteUtil.newNote(req, res, body) +} + +exports.doAction = function (req, res, next) { + const noteId = req.params.noteId + noteUtil.findNote(req, res, function (note) { + const action = req.params.action + switch (action) { + case 'publish': + case 'pretty': // pretty deprecated + publish(req, res, note) + break + case 'slide': + slide(req, res, note) + break + case 'download': + exports.downloadMarkdown(req, res, note) + break + case 'info': + getInfo(req, res, note) + break + case 'pdf': + if (config.allowPDFExport) { + createPDF(req, res, note) + } else { + logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details') + errors.errorForbidden(res) + } + break + case 'gist': + createGist(req, res, note) + break + case 'revision': + getRevision(req, res, note) + break + default: + return res.redirect(config.serverURL + '/' + noteId) + } + }) +} + +function publish (req, res, note) { + res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid)) +} + +function slide (req, res, note) { + res.redirect(config.serverURL + '/p/' + (note.alias || note.shortid)) +} + +exports.downloadMarkdown = function (req, res, note) { + const body = note.content + let filename = models.Note.decodeTitle(note.title) + filename = encodeURIComponent(filename) + res.set({ + 'Access-Control-Allow-Origin': '*', // allow CORS as API + 'Access-Control-Allow-Headers': 'Range', + 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', + 'Content-Type': 'text/markdown; charset=UTF-8', + 'Cache-Control': 'private', + 'Content-disposition': 'attachment; filename=' + filename + '.md', + 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling + }) + res.send(body) +} + +function getInfo (req, res, note) { + const body = note.content + const extracted = models.Note.extractMeta(body) + const markdown = extracted.markdown + const meta = models.Note.parseMeta(extracted.meta) + const createtime = note.createdAt + const updatetime = note.lastchangeAt + const title = models.Note.decodeTitle(note.title) + const data = { + title: meta.title || title, + description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null), + viewcount: note.viewcount, + createtime: createtime, + updatetime: updatetime + } + res.set({ + 'Access-Control-Allow-Origin': '*', // allow CORS as API + 'Access-Control-Allow-Headers': 'Range', + 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', + 'Cache-Control': 'private', // only cache by client + 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling + }) + res.send(data) +} + +function createPDF (req, res, note) { + const url = config.serverURL || 'http://' + req.get('host') + const body = note.content + const extracted = models.Note.extractMeta(body) + let content = extracted.markdown + const title = models.Note.decodeTitle(note.title) + + if (!fs.existsSync(config.tmpPath)) { + fs.mkdirSync(config.tmpPath) + } + const path = config.tmpPath + '/' + Date.now() + '.pdf' + content = content.replace(/\]\(\//g, '](' + url + '/') + markdownpdf().from.string(content).to(path, function () { + if (!fs.existsSync(path)) { + logger.error('PDF seems to not be generated as expected. File doesn\'t exist: ' + path) + return errors.errorInternalError(res) + } + const stream = fs.createReadStream(path) + let filename = title + // Be careful of special characters + filename = encodeURIComponent(filename) + // Ideally this should strip them + res.setHeader('Content-disposition', 'attachment; filename="' + filename + '.pdf"') + res.setHeader('Cache-Control', 'private') + res.setHeader('Content-Type', 'application/pdf; charset=UTF-8') + res.setHeader('X-Robots-Tag', 'noindex, nofollow') // prevent crawling + stream.pipe(res) + fs.unlinkSync(path) + }) +} + +function createGist (req, res, note) { + const data = { + client_id: config.github.clientID, + redirect_uri: config.serverURL + '/auth/github/callback/' + models.Note.encodeNoteId(note.id) + '/gist', + scope: 'gist', + state: shortId.generate() + } + const query = querystring.stringify(data) + res.redirect('https://github.com/login/oauth/authorize?' + query) +} + +function getRevision (req, res, note) { + const actionId = req.params.actionId + if (actionId) { + const time = moment(parseInt(actionId)) + if (time.isValid()) { + models.Revision.getPatchedNoteRevisionByTime(note, time, function (err, content) { + if (err) { + logger.error(err) + return errors.errorInternalError(res) + } + if (!content) { + return errors.errorNotFound(res) + } + res.set({ + 'Access-Control-Allow-Origin': '*', // allow CORS as API + 'Access-Control-Allow-Headers': 'Range', + 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', + 'Cache-Control': 'private', // only cache by client + 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling + }) + res.send(content) + }) + } else { + return errors.errorNotFound(res) + } + } else { + models.Revision.getNoteRevisions(note, function (err, data) { + if (err) { + logger.error(err) + return errors.errorInternalError(res) + } + const out = { + revision: data + } + res.set({ + 'Access-Control-Allow-Origin': '*', // allow CORS as API + 'Access-Control-Allow-Headers': 'Range', + 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', + 'Cache-Control': 'private', // only cache by client + 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling + }) + res.send(out) + }) + } +} diff --git a/lib/web/note/router.js b/lib/web/note/router.js index 2a6bf2aa..39da4c2c 100644 --- a/lib/web/note/router.js +++ b/lib/web/note/router.js @@ -8,15 +8,15 @@ const { markdownParser } = require('../utils') const router = module.exports = Router() -const noteActions = require('./actions') +const noteController = require('./controller') const slide = require('./slide') // get new note -router.get('/new', response.postNote) +router.get('/new', noteController.createFromPOST) // post new note with content -router.post('/new', markdownParser, response.postNote) +router.post('/new', markdownParser, noteController.createFromPOST) // post new note with content and alias -router.post('/new/:noteId', markdownParser, response.postNote) +router.post('/new/:noteId', markdownParser, noteController.createFromPOST) // get publish note router.get('/s/:shortid', response.showPublishNote) // publish note actions @@ -28,6 +28,6 @@ router.get('/p/:shortid/:action', slide.publishSlideActions) // get note by id router.get('/:noteId', response.showNote) // note actions -router.get('/:noteId/:action', noteActions.doAction) +router.get('/:noteId/:action', noteController.doAction) // note actions with action id -router.get('/:noteId/:action/:actionId', noteActions.doAction) +router.get('/:noteId/:action/:actionId', noteController.doAction) -- cgit v1.2.3 From 181d5646cfbde303cf3335c5dea51232d874b0f1 Mon Sep 17 00:00:00 2001 From: David Mehren Date: Sun, 27 Oct 2019 14:57:45 +0100 Subject: Move note actions into their own file Signed-off-by: David Mehren --- lib/web/note/actions.js | 123 +++++++++++++++++++++++++++++++++++++++++++++ lib/web/note/controller.js | 17 +++---- 2 files changed, 131 insertions(+), 9 deletions(-) create mode 100644 lib/web/note/actions.js (limited to 'lib/web') diff --git a/lib/web/note/actions.js b/lib/web/note/actions.js new file mode 100644 index 00000000..a97eebb6 --- /dev/null +++ b/lib/web/note/actions.js @@ -0,0 +1,123 @@ +const models = require('../../models') +const logger = require('../../logger') +const config = require('../../config') +const errors = require('../../errors') +const fs = require('fs') +const shortId = require('shortid') +const markdownpdf = require('markdown-pdf') +const moment = require('moment') +const querystring = require('querystring') + + +exports.getInfo = function getInfo (req, res, note) { + const body = note.content + const extracted = models.Note.extractMeta(body) + const markdown = extracted.markdown + const meta = models.Note.parseMeta(extracted.meta) + const createtime = note.createdAt + const updatetime = note.lastchangeAt + const title = models.Note.decodeTitle(note.title) + const data = { + title: meta.title || title, + description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null), + viewcount: note.viewcount, + createtime: createtime, + updatetime: updatetime + } + res.set({ + 'Access-Control-Allow-Origin': '*', // allow CORS as API + 'Access-Control-Allow-Headers': 'Range', + 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', + 'Cache-Control': 'private', // only cache by client + 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling + }) + res.send(data) +} + +exports.createPDF = function createPDF (req, res, note) { + const url = config.serverURL || 'http://' + req.get('host') + const body = note.content + const extracted = models.Note.extractMeta(body) + let content = extracted.markdown + const title = models.Note.decodeTitle(note.title) + + if (!fs.existsSync(config.tmpPath)) { + fs.mkdirSync(config.tmpPath) + } + const path = config.tmpPath + '/' + Date.now() + '.pdf' + content = content.replace(/\]\(\//g, '](' + url + '/') + markdownpdf().from.string(content).to(path, function () { + if (!fs.existsSync(path)) { + logger.error('PDF seems to not be generated as expected. File doesn\'t exist: ' + path) + return errors.errorInternalError(res) + } + const stream = fs.createReadStream(path) + let filename = title + // Be careful of special characters + filename = encodeURIComponent(filename) + // Ideally this should strip them + res.setHeader('Content-disposition', 'attachment; filename="' + filename + '.pdf"') + res.setHeader('Cache-Control', 'private') + res.setHeader('Content-Type', 'application/pdf; charset=UTF-8') + res.setHeader('X-Robots-Tag', 'noindex, nofollow') // prevent crawling + stream.pipe(res) + fs.unlinkSync(path) + }) +} + +exports.createGist = function createGist (req, res, note) { + const data = { + client_id: config.github.clientID, + redirect_uri: config.serverURL + '/auth/github/callback/' + models.Note.encodeNoteId(note.id) + '/gist', + scope: 'gist', + state: shortId.generate() + } + const query = querystring.stringify(data) + res.redirect('https://github.com/login/oauth/authorize?' + query) +} + +exports.getRevision = function getRevision (req, res, note) { + const actionId = req.params.actionId + if (actionId) { + const time = moment(parseInt(actionId)) + if (time.isValid()) { + models.Revision.getPatchedNoteRevisionByTime(note, time, function (err, content) { + if (err) { + logger.error(err) + return errors.errorInternalError(res) + } + if (!content) { + return errors.errorNotFound(res) + } + res.set({ + 'Access-Control-Allow-Origin': '*', // allow CORS as API + 'Access-Control-Allow-Headers': 'Range', + 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', + 'Cache-Control': 'private', // only cache by client + 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling + }) + res.send(content) + }) + } else { + return errors.errorNotFound(res) + } + } else { + models.Revision.getNoteRevisions(note, function (err, data) { + if (err) { + logger.error(err) + return errors.errorInternalError(res) + } + const out = { + revision: data + } + res.set({ + 'Access-Control-Allow-Origin': '*', // allow CORS as API + 'Access-Control-Allow-Headers': 'Range', + 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', + 'Cache-Control': 'private', // only cache by client + 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling + }) + res.send(out) + }) + } +} diff --git a/lib/web/note/controller.js b/lib/web/note/controller.js index c89cc5de..d6bbe0e7 100644 --- a/lib/web/note/controller.js +++ b/lib/web/note/controller.js @@ -4,12 +4,11 @@ const models = require('../../models') const logger = require('../../logger') const config = require('../../config') const errors = require('../../errors') -const fs = require('fs') -const shortId = require('shortid') -const markdownpdf = require('markdown-pdf') -const moment = require('moment') -const querystring = require('querystring') + const noteUtil = require('./util') +const noteActions = require('./actions') + + exports.createFromPOST = function (req, res, next) { let body = '' @@ -38,21 +37,21 @@ exports.doAction = function (req, res, next) { exports.downloadMarkdown(req, res, note) break case 'info': - getInfo(req, res, note) + noteActions.getInfo(req, res, note) break case 'pdf': if (config.allowPDFExport) { - createPDF(req, res, note) + noteActions.createPDF(req, res, note) } else { logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details') errors.errorForbidden(res) } break case 'gist': - createGist(req, res, note) + noteActions.createGist(req, res, note) break case 'revision': - getRevision(req, res, note) + noteActions.getRevision(req, res, note) break default: return res.redirect(config.serverURL + '/' + noteId) -- cgit v1.2.3 From dee62ce571cc3e33f60499e3ed9cfa4cc5c2f0da Mon Sep 17 00:00:00 2001 From: David Mehren Date: Sun, 27 Oct 2019 14:59:44 +0100 Subject: Move showNote to note controller Signed-off-by: David Mehren --- lib/web/note/controller.js | 122 +++++++-------------------------------------- lib/web/note/router.js | 2 +- 2 files changed, 19 insertions(+), 105 deletions(-) (limited to 'lib/web') diff --git a/lib/web/note/controller.js b/lib/web/note/controller.js index d6bbe0e7..726d3577 100644 --- a/lib/web/note/controller.js +++ b/lib/web/note/controller.js @@ -8,7 +8,17 @@ const errors = require('../../errors') const noteUtil = require('./util') const noteActions = require('./actions') - +exports.showNote = function (req, res, next) { + noteUtil.findNote(req, res, function (note) { + // force to use note id + const noteId = req.params.noteId + const id = models.Note.encodeNoteId(note.id) + if ((note.alias && noteId !== note.alias) || (!note.alias && noteId !== id)) { + return res.redirect(config.serverURL + '/' + (note.alias || id)) + } + return responseCodiMD(res, note) + }) +} exports.createFromPOST = function (req, res, next) { let body = '' @@ -83,115 +93,19 @@ exports.downloadMarkdown = function (req, res, note) { res.send(body) } -function getInfo (req, res, note) { +function responseCodiMD (res, note) { const body = note.content const extracted = models.Note.extractMeta(body) - const markdown = extracted.markdown const meta = models.Note.parseMeta(extracted.meta) - const createtime = note.createdAt - const updatetime = note.lastchangeAt - const title = models.Note.decodeTitle(note.title) - const data = { - title: meta.title || title, - description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null), - viewcount: note.viewcount, - createtime: createtime, - updatetime: updatetime - } + let title = models.Note.decodeTitle(note.title) + title = models.Note.generateWebTitle(meta.title || title) + const opengraph = models.Note.parseOpengraph(meta, title) res.set({ - 'Access-Control-Allow-Origin': '*', // allow CORS as API - 'Access-Control-Allow-Headers': 'Range', - 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', 'Cache-Control': 'private', // only cache by client 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling }) - res.send(data) -} - -function createPDF (req, res, note) { - const url = config.serverURL || 'http://' + req.get('host') - const body = note.content - const extracted = models.Note.extractMeta(body) - let content = extracted.markdown - const title = models.Note.decodeTitle(note.title) - - if (!fs.existsSync(config.tmpPath)) { - fs.mkdirSync(config.tmpPath) - } - const path = config.tmpPath + '/' + Date.now() + '.pdf' - content = content.replace(/\]\(\//g, '](' + url + '/') - markdownpdf().from.string(content).to(path, function () { - if (!fs.existsSync(path)) { - logger.error('PDF seems to not be generated as expected. File doesn\'t exist: ' + path) - return errors.errorInternalError(res) - } - const stream = fs.createReadStream(path) - let filename = title - // Be careful of special characters - filename = encodeURIComponent(filename) - // Ideally this should strip them - res.setHeader('Content-disposition', 'attachment; filename="' + filename + '.pdf"') - res.setHeader('Cache-Control', 'private') - res.setHeader('Content-Type', 'application/pdf; charset=UTF-8') - res.setHeader('X-Robots-Tag', 'noindex, nofollow') // prevent crawling - stream.pipe(res) - fs.unlinkSync(path) + res.render('codimd.ejs', { + title: title, + opengraph: opengraph }) } - -function createGist (req, res, note) { - const data = { - client_id: config.github.clientID, - redirect_uri: config.serverURL + '/auth/github/callback/' + models.Note.encodeNoteId(note.id) + '/gist', - scope: 'gist', - state: shortId.generate() - } - const query = querystring.stringify(data) - res.redirect('https://github.com/login/oauth/authorize?' + query) -} - -function getRevision (req, res, note) { - const actionId = req.params.actionId - if (actionId) { - const time = moment(parseInt(actionId)) - if (time.isValid()) { - models.Revision.getPatchedNoteRevisionByTime(note, time, function (err, content) { - if (err) { - logger.error(err) - return errors.errorInternalError(res) - } - if (!content) { - return errors.errorNotFound(res) - } - res.set({ - 'Access-Control-Allow-Origin': '*', // allow CORS as API - 'Access-Control-Allow-Headers': 'Range', - 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', - 'Cache-Control': 'private', // only cache by client - 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling - }) - res.send(content) - }) - } else { - return errors.errorNotFound(res) - } - } else { - models.Revision.getNoteRevisions(note, function (err, data) { - if (err) { - logger.error(err) - return errors.errorInternalError(res) - } - const out = { - revision: data - } - res.set({ - 'Access-Control-Allow-Origin': '*', // allow CORS as API - 'Access-Control-Allow-Headers': 'Range', - 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', - 'Cache-Control': 'private', // only cache by client - 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling - }) - res.send(out) - }) - } -} diff --git a/lib/web/note/router.js b/lib/web/note/router.js index 39da4c2c..e4f867b2 100644 --- a/lib/web/note/router.js +++ b/lib/web/note/router.js @@ -26,7 +26,7 @@ router.get('/p/:shortid', slide.showPublishSlide) // publish slide actions router.get('/p/:shortid/:action', slide.publishSlideActions) // get note by id -router.get('/:noteId', response.showNote) +router.get('/:noteId', noteController.showNote) // note actions router.get('/:noteId/:action', noteController.doAction) // note actions with action id -- cgit v1.2.3 From 2bc4233ba80346e60ed4840714a9aa347ccdb361 Mon Sep 17 00:00:00 2001 From: David Mehren Date: Sun, 27 Oct 2019 15:22:14 +0100 Subject: Move showPublishNote and publishNoteActions to note controller Signed-off-by: David Mehren --- lib/web/note/actions.js | 1 - lib/web/note/controller.js | 52 ++++++++++++++++++++++++++++++++++++++++++++++ lib/web/note/router.js | 7 ++----- lib/web/note/slide.js | 40 +++-------------------------------- lib/web/note/util.js | 42 +++++++++++++++++++++++++++++++++++++ 5 files changed, 99 insertions(+), 43 deletions(-) (limited to 'lib/web') diff --git a/lib/web/note/actions.js b/lib/web/note/actions.js index a97eebb6..9ff7fedb 100644 --- a/lib/web/note/actions.js +++ b/lib/web/note/actions.js @@ -8,7 +8,6 @@ const markdownpdf = require('markdown-pdf') const moment = require('moment') const querystring = require('querystring') - exports.getInfo = function getInfo (req, res, note) { const body = note.content const extracted = models.Note.extractMeta(body) diff --git a/lib/web/note/controller.js b/lib/web/note/controller.js index 726d3577..991b891d 100644 --- a/lib/web/note/controller.js +++ b/lib/web/note/controller.js @@ -8,6 +8,58 @@ const errors = require('../../errors') const noteUtil = require('./util') const noteActions = require('./actions') +exports.publishNoteActions = function (req, res, next) { + noteUtil.findNote(req, res, function (note) { + const action = req.params.action + switch (action) { + case 'download': + exports.downloadMarkdown(req, res, note) + break + case 'edit': + res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id)) + '?both') + break + default: + res.redirect(config.serverURL + '/s/' + note.shortid) + break + } + }) +} + +exports.showPublishNote = function (req, res, next) { + const include = [{ + model: models.User, + as: 'owner' + }, { + model: models.User, + as: 'lastchangeuser' + }] + noteUtil.findNote(req, res, function (note) { + // force to use short id + const shortid = req.params.shortid + if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) { + return res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid)) + } + note.increment('viewcount').then(function (note) { + if (!note) { + return errors.errorNotFound(res) + } + noteUtil.getPublishData(req, res, note, (data) => { + return renderPublish(data, res) + }) + }).catch(function (err) { + logger.error(err) + return errors.errorInternalError(res) + }) + }, include) +} + +function renderPublish (data, res) { + res.set({ + 'Cache-Control': 'private' // only cache by client + }) + res.render('pretty.ejs', data) +} + exports.showNote = function (req, res, next) { noteUtil.findNote(req, res, function (note) { // force to use note id diff --git a/lib/web/note/router.js b/lib/web/note/router.js index e4f867b2..cf6fdf43 100644 --- a/lib/web/note/router.js +++ b/lib/web/note/router.js @@ -1,9 +1,6 @@ 'use strict' const Router = require('express').Router - -const response = require('../../response') - const { markdownParser } = require('../utils') const router = module.exports = Router() @@ -18,9 +15,9 @@ router.post('/new', markdownParser, noteController.createFromPOST) // post new note with content and alias router.post('/new/:noteId', markdownParser, noteController.createFromPOST) // get publish note -router.get('/s/:shortid', response.showPublishNote) +router.get('/s/:shortid', noteController.showPublishNote) // publish note actions -router.get('/s/:shortid/:action', response.publishNoteActions) +router.get('/s/:shortid/:action', noteController.publishNoteActions) // get publish slide router.get('/p/:shortid', slide.showPublishSlide) // publish slide actions diff --git a/lib/web/note/slide.js b/lib/web/note/slide.js index 58e46102..e6ac9dd0 100644 --- a/lib/web/note/slide.js +++ b/lib/web/note/slide.js @@ -3,8 +3,6 @@ const models = require('../../models') const errors = require('../../errors') const logger = require('../../logger') const config = require('../../config') -const fs = require('fs') -const path = require('path') exports.publishSlideActions = function (req, res, next) { noteUtil.findNote(req, res, function (note) { @@ -33,34 +31,9 @@ exports.showPublishSlide = function (req, res, next) { if (!note) { return errors.errorNotFound(res) } - const body = note.content - const extracted = models.Note.extractMeta(body) - const markdown = extracted.markdown - const meta = models.Note.parseMeta(extracted.meta) - const createtime = note.createdAt - const updatetime = note.lastchangeAt - let title = models.Note.decodeTitle(note.title) - title = models.Note.generateWebTitle(meta.title || title) - const data = { - title: title, - description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null), - viewcount: note.viewcount, - createtime: createtime, - updatetime: updatetime, - body: markdown, - theme: meta.slideOptions && isRevealTheme(meta.slideOptions.theme), - meta: JSON.stringify(extracted.meta), - owner: note.owner ? note.owner.id : null, - ownerprofile: note.owner ? models.User.getProfile(note.owner) : null, - lastchangeuser: note.lastchangeuser ? note.lastchangeuser.id : null, - lastchangeuserprofile: note.lastchangeuser ? models.User.getProfile(note.lastchangeuser) : null, - robots: meta.robots || false, // default allow robots - GA: meta.GA, - disqus: meta.disqus, - cspNonce: res.locals.nonce, - dnt: req.headers.dnt - } - return renderPublishSlide(data, res) + noteUtil.getPublishData(req, res, note, (data) => { + return renderPublishSlide(data, res) + }) }).catch(function (err) { logger.error(err) return errors.errorInternalError(res) @@ -74,10 +47,3 @@ function renderPublishSlide (data, res) { }) res.render('slide.ejs', data) } - -function isRevealTheme (theme) { - if (fs.existsSync(path.join(__dirname, '..', 'public', 'build', 'reveal.js', 'css', 'theme', theme + '.css'))) { - return theme - } - return undefined -} diff --git a/lib/web/note/util.js b/lib/web/note/util.js index bda74ac4..eadfb1a3 100644 --- a/lib/web/note/util.js +++ b/lib/web/note/util.js @@ -2,6 +2,8 @@ const models = require('../../models') const logger = require('../../logger') const config = require('../../config') const errors = require('../../errors') +const fs = require('fs') +const path = require('path') exports.findNote = function (req, res, callback, include) { const id = req.params.noteId || req.params.shortid @@ -65,3 +67,43 @@ exports.newNote = function (req, res, body) { return errors.errorInternalError(res) }) } + +exports.getPublishData = function (req, res, note, callback) { + const body = note.content + const extracted = models.Note.extractMeta(body) + const markdown = extracted.markdown + const meta = models.Note.parseMeta(extracted.meta) + const createtime = note.createdAt + const updatetime = note.lastchangeAt + let title = models.Note.decodeTitle(note.title) + title = models.Note.generateWebTitle(meta.title || title) + const ogdata = models.Note.parseOpengraph(meta, title) + const data = { + title: title, + description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null), + viewcount: note.viewcount, + createtime: createtime, + updatetime: updatetime, + body: markdown, + theme: meta.slideOptions && isRevealTheme(meta.slideOptions.theme), + meta: JSON.stringify(extracted.meta), + owner: note.owner ? note.owner.id : null, + ownerprofile: note.owner ? models.User.getProfile(note.owner) : null, + lastchangeuser: note.lastchangeuser ? note.lastchangeuser.id : null, + lastchangeuserprofile: note.lastchangeuser ? models.User.getProfile(note.lastchangeuser) : null, + robots: meta.robots || false, // default allow robots + GA: meta.GA, + disqus: meta.disqus, + cspNonce: res.locals.nonce, + dnt: req.headers.dnt, + opengraph: ogdata + } + callback(data) +} + +function isRevealTheme (theme) { + if (fs.existsSync(path.join(__dirname, '..', 'public', 'build', 'reveal.js', 'css', 'theme', theme + '.css'))) { + return theme + } + return undefined +} -- cgit v1.2.3 From 25a540ebbc3805bc3225b84e91d683ef8fa9e3ed Mon Sep 17 00:00:00 2001 From: David Mehren Date: Sun, 27 Oct 2019 15:26:50 +0100 Subject: Inline renderPublish Signed-off-by: David Mehren --- lib/web/note/controller.js | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) (limited to 'lib/web') diff --git a/lib/web/note/controller.js b/lib/web/note/controller.js index 991b891d..1395825f 100644 --- a/lib/web/note/controller.js +++ b/lib/web/note/controller.js @@ -44,7 +44,10 @@ exports.showPublishNote = function (req, res, next) { return errors.errorNotFound(res) } noteUtil.getPublishData(req, res, note, (data) => { - return renderPublish(data, res) + res.set({ + 'Cache-Control': 'private' // only cache by client + }) + return res.render('pretty.ejs', data) }) }).catch(function (err) { logger.error(err) @@ -53,13 +56,6 @@ exports.showPublishNote = function (req, res, next) { }, include) } -function renderPublish (data, res) { - res.set({ - 'Cache-Control': 'private' // only cache by client - }) - res.render('pretty.ejs', data) -} - exports.showNote = function (req, res, next) { noteUtil.findNote(req, res, function (note) { // force to use note id -- cgit v1.2.3 From ca9e6e49c9c80ecdd1f79635062f1cef4c931ffb Mon Sep 17 00:00:00 2001 From: David Mehren Date: Sun, 27 Oct 2019 15:27:48 +0100 Subject: Inline publish and slide Signed-off-by: David Mehren --- lib/web/note/controller.js | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) (limited to 'lib/web') diff --git a/lib/web/note/controller.js b/lib/web/note/controller.js index 1395825f..3641f6b1 100644 --- a/lib/web/note/controller.js +++ b/lib/web/note/controller.js @@ -86,10 +86,10 @@ exports.doAction = function (req, res, next) { switch (action) { case 'publish': case 'pretty': // pretty deprecated - publish(req, res, note) + res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid)) break case 'slide': - slide(req, res, note) + res.redirect(config.serverURL + '/p/' + (note.alias || note.shortid)) break case 'download': exports.downloadMarkdown(req, res, note) @@ -117,14 +117,6 @@ exports.doAction = function (req, res, next) { }) } -function publish (req, res, note) { - res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid)) -} - -function slide (req, res, note) { - res.redirect(config.serverURL + '/p/' + (note.alias || note.shortid)) -} - exports.downloadMarkdown = function (req, res, note) { const body = note.content let filename = models.Note.decodeTitle(note.title) -- cgit v1.2.3 From 3c39d07723e20cbd7facb68253ef1aead8da753c Mon Sep 17 00:00:00 2001 From: David Mehren Date: Sun, 27 Oct 2019 15:29:10 +0100 Subject: Inline responseCodiMD Signed-off-by: David Mehren --- lib/web/note/controller.js | 32 ++++++++++++++------------------ 1 file changed, 14 insertions(+), 18 deletions(-) (limited to 'lib/web') diff --git a/lib/web/note/controller.js b/lib/web/note/controller.js index 3641f6b1..e537fe08 100644 --- a/lib/web/note/controller.js +++ b/lib/web/note/controller.js @@ -64,7 +64,20 @@ exports.showNote = function (req, res, next) { if ((note.alias && noteId !== note.alias) || (!note.alias && noteId !== id)) { return res.redirect(config.serverURL + '/' + (note.alias || id)) } - return responseCodiMD(res, note) + const body = note.content + const extracted = models.Note.extractMeta(body) + const meta = models.Note.parseMeta(extracted.meta) + let title = models.Note.decodeTitle(note.title) + title = models.Note.generateWebTitle(meta.title || title) + const opengraph = models.Note.parseOpengraph(meta, title) + res.set({ + 'Cache-Control': 'private', // only cache by client + 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling + }) + return res.render('codimd.ejs', { + title: title, + opengraph: opengraph + }) }) } @@ -132,20 +145,3 @@ exports.downloadMarkdown = function (req, res, note) { }) res.send(body) } - -function responseCodiMD (res, note) { - const body = note.content - const extracted = models.Note.extractMeta(body) - const meta = models.Note.parseMeta(extracted.meta) - let title = models.Note.decodeTitle(note.title) - title = models.Note.generateWebTitle(meta.title || title) - const opengraph = models.Note.parseOpengraph(meta, title) - res.set({ - 'Cache-Control': 'private', // only cache by client - 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling - }) - res.render('codimd.ejs', { - title: title, - opengraph: opengraph - }) -} -- cgit v1.2.3 From b5ccceff59002034fbb089935076f40b8aa16e58 Mon Sep 17 00:00:00 2001 From: David Mehren Date: Sun, 27 Oct 2019 15:44:23 +0100 Subject: Inline renderPublishSlide Signed-off-by: David Mehren --- lib/web/note/slide.js | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) (limited to 'lib/web') diff --git a/lib/web/note/slide.js b/lib/web/note/slide.js index e6ac9dd0..d2d2ccfc 100644 --- a/lib/web/note/slide.js +++ b/lib/web/note/slide.js @@ -32,7 +32,10 @@ exports.showPublishSlide = function (req, res, next) { return errors.errorNotFound(res) } noteUtil.getPublishData(req, res, note, (data) => { - return renderPublishSlide(data, res) + res.set({ + 'Cache-Control': 'private' // only cache by client + }) + return res.render('slide.ejs', data) }) }).catch(function (err) { logger.error(err) @@ -40,10 +43,3 @@ exports.showPublishSlide = function (req, res, next) { }) }, include) } - -function renderPublishSlide (data, res) { - res.set({ - 'Cache-Control': 'private' // only cache by client - }) - res.render('slide.ejs', data) -} -- cgit v1.2.3