WIP first partially working version without mongodb, using sqlite/sequelize

2025-12-16 18:07:31 +01:00 · 2018-04-11 19:59:18 +02:00
parent 8e0bc69a11
commit 960a4d6866
42 changed files with 1124 additions and 1701 deletions
--- a/middlewares/space_helpers.js
+++ b/middlewares/space_helpers.js
@@ -1,6 +1,6 @@
 'use strict';

-require('../models/schema');
+const db = require('../models/db');
 var config = require('config');

 module.exports = (req, res, next) => {
@@ -19,50 +19,6 @@ module.exports = (req, res, next) => {
    }
  };

-  var rolePerUser = (originalSpace, user, cb) => {
-    originalSpace.path = [];
-
-    if (originalSpace._id.equals(req.user.home_folder_id) || (originalSpace.creator && originalSpace.creator._id.equals(req.user._id))) {
-      cb("admin");
-    } else {
-      var findMembershipsForSpace = function(space, allMemberships, prevRole) {
-        Membership.find({
-          "space": space._id
-        }, function(err, parentMemberships) {
-          var currentMemberships = parentMemberships.concat(allMemberships);
-
-          if (space.parent_space_id) {
-            Space.findOne({
-              "_id": space.parent_space_id
-            }, function(err, parentSpace) {
-              findMembershipsForSpace(parentSpace, currentMemberships, prevRole);
-            });
-          } else {
-            // reached the top
-
-            var role = prevRole;
-            space.memberships = currentMemberships;
-
-            if(role == "none"){
-              if(originalSpace.access_mode == "public") {
-                role = "viewer";
-              }
-            }
-
-            currentMemberships.forEach(function(m, i) {
-              if (m.user && m.user.equals(user._id)) {
-                role = m.role;
-              }
-            });
-
-            cb(role);
-          }
-        });
-      };
-      findMembershipsForSpace(originalSpace, [], "none");
-    }
-  };
-
  var finalizeAnonymousLogin = function(space, spaceAuth) {
    var role = "none";

@@ -77,7 +33,7 @@ module.exports = (req, res, next) => {
    }

    if (req.user) {
-      rolePerUser(space, req.user, function(newRole) {
+      db.getUserRoleInSpace(space, req.user, function(newRole) {
        if (newRole == "admin" && (role == "editor" || role == "viewer")) {
          finalizeReq(space, newRole);
        } else if (newRole == "editor" && (role == "viewer")) {
@@ -97,64 +53,66 @@ module.exports = (req, res, next) => {
    'email': 1
  };

-  Space.findOne({
+  db.Space.findOne({where: {
    "_id": spaceId
-  }).populate("creator", userMapping).exec(function(err, space) {
-    if (err) {
-      res.status(400).json(err);
-    } else {
-      if (space) {
+  }}).then(function(space) {

-        if (space.access_mode == "public") {
+    //.populate("creator", userMapping)
+    //if (err) {
+    //  res.status(400).json(err);
+    //} else {

-          if (space.password) {
-            if (req.spacePassword) {
-              if (req.spacePassword === space.password) {
-                finalizeAnonymousLogin(space, req["spaceAuth"]);
-              } else {
-                res.status(403).json({
-                  "error": "password_wrong"
-                });
-              }
-            } else {
-              res.status(401).json({
-                "error": "password_required"
-              });
-            }
-          } else {
-            finalizeAnonymousLogin(space, req["spaceAuth"]);
-          }
-
-        } else {
-          // special permission for screenshot/pdf export from backend
-          if (req.query['api_token'] && req.query['api_token'] == config.get('phantom_api_secret')) {
-            finalizeReq(space, "viewer");
-            return;
-          }
-
-          if (req.user) {
-            rolePerUser(space, req.user, function(role) {
-              if (role == "none") {
-                finalizeAnonymousLogin(space, req["spaceAuth"]);
-              } else {
-                finalizeReq(space, role);
-              }
-            });
-          } else {
-            if (req.spaceAuth && space.edit_hash) {
+    if (space) {
+      if (space.access_mode == "public") {
+        if (space.password) {
+          if (req.spacePassword) {
+            if (req.spacePassword === space.password) {
              finalizeAnonymousLogin(space, req["spaceAuth"]);
            } else {
              res.status(403).json({
-                "error": "auth_required"
+                "error": "password_wrong"
              });
            }
+          } else {
+            res.status(401).json({
+              "error": "password_required"
+            });
+          }
+        } else {
+          finalizeAnonymousLogin(space, req["spaceAuth"]);
+        }
+
+      } else {
+        // space is private
+        
+        // special permission for screenshot/pdf export from backend
+        if (req.query['api_token'] && req.query['api_token'] == config.get('phantom_api_secret')) {
+          finalizeReq(space, "viewer");
+          return;
+        }
+
+        if (req.user) {
+          db.getUserRoleInSpace(space, req.user, function(role) {
+            if (role == "none") {
+              finalizeAnonymousLogin(space, req["spaceAuth"]);
+            } else {
+              finalizeReq(space, role);
+            }
+          });
+        } else {
+          if (req.spaceAuth && space.edit_hash) {
+            finalizeAnonymousLogin(space, req["spaceAuth"]);
+          } else {
+            res.status(403).json({
+              "error": "auth_required"
+            });
          }
        }
-      } else {
-        res.status(404).json({
-          "error": "space_not_found"
-        });
      }
+    } else {
+      res.status(404).json({
+        "error": "space_not_found"
+      });
    }
  });
 }