mirror/spacedeck-open
1
0
Fork 0
mirror of https://github.com/spacedeck/spacedeck-open.git synced 2025-12-16 18:07:31 +01:00
Code Issues Projects Releases Wiki Activity

WIP first partially working version without mongodb, using sqlite/sequelize

Browse Source
This commit is contained in:
Lukas F. Hartmann
2018-04-11 19:59:18 +02:00
parent 8e0bc69a11
commit 960a4d6866
42 changed files with 1124 additions and 1701 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
middlewares/404.js
View File

@@ -1,6 +1,6 @@
'use strict';
require('../models/schema');
require('../models/db');
var config = require('config');
module.exports = (req, res, next) => {
@@ -16,4 +16,4 @@ module.exports = (req, res, next) => {
} else {
res.status(404).send("Not Found.");
}
}
}

20
middlewares/api_helpers.js
View File

@@ -1,9 +1,11 @@
'use strict';
require('../models/schema');
require('../models/db');
var config = require('config');
const redis = require('../helpers/redis');
// FIXME TODO object.toJSON()
var saveAction = (actionKey, object) => {
if (object.constructor.modelName == "Space")
return;
@@ -13,14 +15,14 @@ var saveAction = (actionKey, object) => {
space: object.space_id || object.space,
user: object.user_id || object.user,
editor_name: object.editor_name,
object: object.toJSON()
object: object
};
let action = new Action(attr);
/*let action = new Action(attr);
action.save(function(err) {
if (err)
console.error("saved create action err:", err);
});
});*/
};
module.exports = (req, res, next) => {
@@ -32,21 +34,21 @@ module.exports = (req, res, next) => {
res['distributeCreate'] = function(model, object) {
if (!object) return;
redis.sendMessage("create", model, object.toJSON(), req.channelId);
this.status(201).json(object.toJSON());
redis.sendMessage("create", model, object, req.channelId);
this.status(201).json(object);
saveAction("create", object);
};
res['distributeUpdate'] = function(model, object) {
if (!object) return;
redis.sendMessage("update", model, object.toJSON(), req.channelId);
this.status(200).json(object.toJSON());
redis.sendMessage("update", model, object, req.channelId);
this.status(200).json(object);
saveAction("update", object);
};
res['distributeDelete'] = function(model, object) {
if (!object) return;
redis.sendMessage("delete", model, object.toJSON(), req.channelId);
redis.sendMessage("delete", model, object, req.channelId);
this.sendStatus(204);
saveAction("delete", object);
};

22
middlewares/artifact_helpers.js
View File

@@ -1,22 +1,20 @@
'use strict';
const db = require('../models/db');
const Sequelize = require('sequelize');
const Op = Sequelize.Op;
require('../models/schema');
var config = require('config');
module.exports = (req, res, next) => {
var artifactId = req.params.artifact_id;
Artifact.findOne({
db.Artifact.findOne({where: {
"_id": artifactId
}, (err, artifact) => {
if (err) {
res.status(400).json(err);
}}).then(artifact => {
if (artifact) {
req['artifact'] = artifact;
next();
} else {
if (artifact) {
req['artifact'] = artifact;
next();
} else {
res.sendStatus(404);
}
res.sendStatus(404);
}
});
};
};

14
middlewares/cors.js
View File

@@ -1,6 +1,6 @@
'use strict';
require('../models/schema');
require('../models/db');
const config = require('config');
const url = require('url');
@@ -26,20 +26,20 @@ module.exports = (req, res, next) => {
const parsedUrl = url.parse(origin, true, true);
// FIXME
if (parsedUrl.hostname == "cdn.spacedeck.com") {
if (parsedUrl.hostname == "cdn.spacedeck.com") {
res.header('Cache-Control', "max-age");
res.header('Expires', "30d");
res.removeHeader("Pragma");
respond(origin, req, res, next);
} else {
Team.getTeamForHost(parsedUrl.hostname, (err, team, subdomain) => {
if (team) {
//Team.getTeamForHost(parsedUrl.hostname, (err, team, subdomain) => {
//if (team) {
respond(origin, req, res, next);
} else {
//} else {
next();
}
});
//}
//});
}
} else {

4
middlewares/i18n.js
View File

@@ -1,6 +1,6 @@
'use strict';
require('../models/schema');
require('../models/db');
var config = require('config');
module.exports = (req, res, next) => {
@@ -14,4 +14,4 @@ module.exports = (req, res, next) => {
req.i18n.setLocale(req.user.preferences.language);
}
next();
}
}

46
middlewares/session.js Normal file
View File

@@ -0,0 +1,46 @@
'use strict';
const db = require('../models/db');
var config = require('config');
module.exports = (req, res, next) => {
const token = req.cookies["sdsession"];
if (token && token != "null" && token != null) {
db.Session.findOne({where: {token: token}})
.then(session => {
if (!session) {
// session not found
next();
}
else db.User.findOne({where: {_id: session.user_id}})
.then(user => {
if (!user) {
res.clearCookie('sdsession');
if (req.accepts("text/html")) {
res.send("Please clear your cookies and try again.");
} else if (req.accepts('application/json')) {
res.status(403).json({
"error": "token_not_found"
});
} else {
res.send("Please clear your cookies and try again.");
}
} else {
req["token"] = token;
req["user"] = user;
next();
}
});
})
.error(err => {
console.error("Session resolve error",err);
next();
});
} else {
next();
}
}

35
middlewares/setuser.js
View File

@@ -1,35 +0,0 @@
'use strict';
require('../models/schema');
var config = require('config');
module.exports = (req, res, next) => {
const token = req.cookies["sdsession"];
if (token && token != "null" && token !== null) {
User.findOne({
"sessions.token": token
}).populate('team').exec((err, user) => {
if (err) console.error("session.token lookup error:",err);
if (!user) {
res.clearCookie('sdsession');
if (req.accepts("text/html")) {
res.send("Please clear your cookies and try again.");
} else if (req.accepts('application/json')) {
res.status(403).json({
"error": "token_not_found"
});
} else {
res.send("Please clear your cookies and try again.");
}
} else {
req["token"] = token;
req["user"] = user;
next();
}
});
} else {
next();
}
}

144
middlewares/space_helpers.js
View File

@@ -1,6 +1,6 @@
'use strict';
require('../models/schema');
const db = require('../models/db');
var config = require('config');
module.exports = (req, res, next) => {
@@ -19,50 +19,6 @@ module.exports = (req, res, next) => {
}
};
var rolePerUser = (originalSpace, user, cb) => {
originalSpace.path = [];
if (originalSpace._id.equals(req.user.home_folder_id) || (originalSpace.creator && originalSpace.creator._id.equals(req.user._id))) {
cb("admin");
} else {
var findMembershipsForSpace = function(space, allMemberships, prevRole) {
Membership.find({
"space": space._id
}, function(err, parentMemberships) {
var currentMemberships = parentMemberships.concat(allMemberships);
if (space.parent_space_id) {
Space.findOne({
"_id": space.parent_space_id
}, function(err, parentSpace) {
findMembershipsForSpace(parentSpace, currentMemberships, prevRole);
});
} else {
// reached the top
var role = prevRole;
space.memberships = currentMemberships;
if(role == "none"){
if(originalSpace.access_mode == "public") {
role = "viewer";
}
}
currentMemberships.forEach(function(m, i) {
if (m.user && m.user.equals(user._id)) {
role = m.role;
}
});
cb(role);
}
});
};
findMembershipsForSpace(originalSpace, [], "none");
}
};
var finalizeAnonymousLogin = function(space, spaceAuth) {
var role = "none";
@@ -77,7 +33,7 @@ module.exports = (req, res, next) => {
}
if (req.user) {
rolePerUser(space, req.user, function(newRole) {
db.getUserRoleInSpace(space, req.user, function(newRole) {
if (newRole == "admin" && (role == "editor" || role == "viewer")) {
finalizeReq(space, newRole);
} else if (newRole == "editor" && (role == "viewer")) {
@@ -97,64 +53,66 @@ module.exports = (req, res, next) => {
'email': 1
};
Space.findOne({
db.Space.findOne({where: {
"_id": spaceId
}).populate("creator", userMapping).exec(function(err, space) {
if (err) {
res.status(400).json(err);
} else {
if (space) {
}}).then(function(space) {
if (space.access_mode == "public") {
//.populate("creator", userMapping)
//if (err) {
// res.status(400).json(err);
//} else {
if (space.password) {
if (req.spacePassword) {
if (req.spacePassword === space.password) {
finalizeAnonymousLogin(space, req["spaceAuth"]);
} else {
res.status(403).json({
"error": "password_wrong"
});
}
} else {
res.status(401).json({
"error": "password_required"
});
}
} else {
finalizeAnonymousLogin(space, req["spaceAuth"]);
}
} else {
// special permission for screenshot/pdf export from backend
if (req.query['api_token'] && req.query['api_token'] == config.get('phantom_api_secret')) {
finalizeReq(space, "viewer");
return;
}
if (req.user) {
rolePerUser(space, req.user, function(role) {
if (role == "none") {
finalizeAnonymousLogin(space, req["spaceAuth"]);
} else {
finalizeReq(space, role);
}
});
} else {
if (req.spaceAuth && space.edit_hash) {
if (space) {
if (space.access_mode == "public") {
if (space.password) {
if (req.spacePassword) {
if (req.spacePassword === space.password) {
finalizeAnonymousLogin(space, req["spaceAuth"]);
} else {
res.status(403).json({
"error": "auth_required"
"error": "password_wrong"
});
}
} else {
res.status(401).json({
"error": "password_required"
});
}
} else {
finalizeAnonymousLogin(space, req["spaceAuth"]);
}
} else {
// space is private
// special permission for screenshot/pdf export from backend
if (req.query['api_token'] && req.query['api_token'] == config.get('phantom_api_secret')) {
finalizeReq(space, "viewer");
return;
}
if (req.user) {
db.getUserRoleInSpace(space, req.user, function(role) {
if (role == "none") {
finalizeAnonymousLogin(space, req["spaceAuth"]);
} else {
finalizeReq(space, role);
}
});
} else {
if (req.spaceAuth && space.edit_hash) {
finalizeAnonymousLogin(space, req["spaceAuth"]);
} else {
res.status(403).json({
"error": "auth_required"
});
}
}
} else {
res.status(404).json({
"error": "space_not_found"
});
}
} else {
res.status(404).json({
"error": "space_not_found"
});
}
});
}

33
middlewares/subdomain.js
View File

@@ -1,33 +0,0 @@
'use strict';
require('../models/schema');
var config = require('config');
module.exports = (req, res, next) => {
let host = req.headers.host;
Team.getTeamForHost(host, (err, team, subdomain) => {
if (subdomain) {
if (!err && team) {
req.subdomainTeam = team;
req.subdomain = subdomain;
next()
} else {
if (req.accepts('text/html')) {
res.status(404).render('not_found', {
title: 'Page Not Found.'
});
} else if (req.accepts('application/json')) {
res.status(404).json({
"error": "not_found"
});
} else {
res.status(404).render('not_found', {
title: 'Page Not Found.'
});
}
}
} else {
next();
}
});
}

23
middlewares/team_helpers.js
View File

@@ -1,23 +0,0 @@
'use strict';
require('../models/schema');
var config = require('config');
module.exports = (req, res, next) => {
if (req.user) {
var isAdmin = req.user.team.admins.indexOf(req.user._id) >= 0;
var correctMethod = req.method == "GET" || (req.method == "DELETE" || req.method == "PUT" || req.method == "POST");
if (correctMethod && isAdmin) {
next();
} else {
res.status(403, {
"error": "not authorized"
});
}
} else {
res.status(403, {
"error": "not logged in"
});
}
}

31
middlewares/templates.js
View File

@@ -1,31 +0,0 @@
'use strict';
require('../models/schema');
var config = require('config');
var _ = require('underscore');
module.exports = (req, res, next) => {
res.oldRender = res.render;
res.render = function(template, params) {
var team = req.subdomainTeam;
if (team) {
team = _.pick(team.toObject(), ['_id', 'name', 'subdomain', 'avatar_original_uri']);
} else {
team = null;
}
const addParams = {
locale: req.i18n.locale,
config: config,
subdomain_team: team,
user: req.user,
csrf_token: "",
socket_auth: req.token
};
const all = _.extend(params, addParams);
res.oldRender(template, all);
};
next();
}