mirror of https://github.com/status-im/codimd.git
fix: change errorForbidden function signature, add req into function parameter
avoid incorrect function parameter passing Signed-off-by: BoHong Li <raccoon@hackmd.io>
This commit is contained in:
parent
7870b82249
commit
6b1ce381df
|
@ -123,7 +123,7 @@ function historyGet (req, res) {
|
|||
})
|
||||
})
|
||||
} else {
|
||||
return response.errorForbidden(res)
|
||||
return response.errorForbidden(req, res)
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -164,7 +164,7 @@ function historyPost (req, res) {
|
|||
})
|
||||
}
|
||||
} else {
|
||||
return response.errorForbidden(res)
|
||||
return response.errorForbidden(req, res)
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -188,7 +188,7 @@ function historyDelete (req, res) {
|
|||
})
|
||||
}
|
||||
} else {
|
||||
return response.errorForbidden(res)
|
||||
return response.errorForbidden(req, res)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -21,7 +21,7 @@ imageRouter.post('/uploadimage', function (req, res) {
|
|||
|
||||
form.parse(req, function (err, fields, files) {
|
||||
if (err || !files.image || !files.image.path) {
|
||||
response.errorForbidden(res)
|
||||
response.errorForbidden(req, res)
|
||||
} else {
|
||||
if (config.debug) {
|
||||
logger.info('SERVER received uploadimage: ' + JSON.stringify(files.image))
|
||||
|
|
|
@ -66,7 +66,7 @@ async function showNote (req, res) {
|
|||
}
|
||||
|
||||
if (!newCheckViewPermission(note, req.isAuthenticated(), userId)) {
|
||||
return errorForbidden(res)
|
||||
return errorForbidden(req, res)
|
||||
}
|
||||
|
||||
// force to use note id
|
||||
|
@ -99,7 +99,7 @@ async function showPublishNote (req, res) {
|
|||
}
|
||||
|
||||
if (!canViewNote(note, req.isAuthenticated(), req.user ? req.user.id : null)) {
|
||||
return errorForbidden(req)
|
||||
return errorForbidden(req, res)
|
||||
}
|
||||
|
||||
if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) {
|
||||
|
@ -150,7 +150,7 @@ async function noteActions (req, res) {
|
|||
}
|
||||
|
||||
if (!canViewNote(note, req.isAuthenticated(), req.user ? req.user.id : null)) {
|
||||
return errorForbidden(req)
|
||||
return errorForbidden(req, res)
|
||||
}
|
||||
|
||||
const action = req.params.action
|
||||
|
@ -171,7 +171,7 @@ async function noteActions (req, res) {
|
|||
actionPDF(req, res, note)
|
||||
} else {
|
||||
logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details')
|
||||
errorForbidden(res)
|
||||
errorForbidden(req, res)
|
||||
}
|
||||
break
|
||||
case 'gist':
|
||||
|
|
|
@ -28,8 +28,7 @@ exports.checkViewPermission = checkViewPermission
|
|||
exports.newCheckViewPermission = newCheckViewPermission
|
||||
exports.responseCodiMD = responseCodiMD
|
||||
|
||||
function errorForbidden (res) {
|
||||
const { req } = res
|
||||
function errorForbidden (req, res) {
|
||||
if (req.user) {
|
||||
responseError(res, '403', 'Forbidden', 'oh no.')
|
||||
} else {
|
||||
|
@ -100,7 +99,7 @@ function newNote (req, res, next) {
|
|||
if (req.isAuthenticated()) {
|
||||
owner = req.user.id
|
||||
} else if (!config.allowAnonymous) {
|
||||
return errorForbidden(res)
|
||||
return errorForbidden(req, res)
|
||||
}
|
||||
models.Note.create({
|
||||
ownerId: owner,
|
||||
|
@ -161,7 +160,7 @@ function findNote (req, res, callback, include) {
|
|||
}
|
||||
}
|
||||
if (!checkViewPermission(req, note)) {
|
||||
return errorForbidden(res)
|
||||
return errorForbidden(req, res)
|
||||
} else {
|
||||
return callback(note)
|
||||
}
|
||||
|
@ -239,7 +238,7 @@ function githubActionGist (req, res, note) {
|
|||
var code = req.query.code
|
||||
var state = req.query.state
|
||||
if (!code || !state) {
|
||||
return errorForbidden(res)
|
||||
return errorForbidden(req, res)
|
||||
} else {
|
||||
var data = {
|
||||
client_id: config.github.clientID,
|
||||
|
@ -279,14 +278,14 @@ function githubActionGist (req, res, note) {
|
|||
res.setHeader('referer', '')
|
||||
res.redirect(body.html_url)
|
||||
} else {
|
||||
return errorForbidden(res)
|
||||
return errorForbidden(req, res)
|
||||
}
|
||||
})
|
||||
} else {
|
||||
return errorForbidden(res)
|
||||
return errorForbidden(req, res)
|
||||
}
|
||||
} else {
|
||||
return errorForbidden(res)
|
||||
return errorForbidden(req, res)
|
||||
}
|
||||
})
|
||||
}
|
||||
|
@ -334,7 +333,7 @@ function gitlabActionProjects (req, res, note) {
|
|||
return errorInternalError(res)
|
||||
})
|
||||
} else {
|
||||
return errorForbidden(res)
|
||||
return errorForbidden(req, res)
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -37,7 +37,7 @@ exports.getMe = async (req, res) => {
|
|||
|
||||
exports.deleteUser = async (req, res) => {
|
||||
if (!req.isAuthenticated()) {
|
||||
return response.errorForbidden(res)
|
||||
return response.errorForbidden(req, res)
|
||||
}
|
||||
|
||||
const user = await models.User.findOne({
|
||||
|
@ -51,7 +51,7 @@ exports.deleteUser = async (req, res) => {
|
|||
}
|
||||
|
||||
if (user.deleteToken !== req.params.token) {
|
||||
return response.errorForbidden(res)
|
||||
return response.errorForbidden(req, res)
|
||||
}
|
||||
|
||||
await user.destroy()
|
||||
|
@ -60,7 +60,7 @@ exports.deleteUser = async (req, res) => {
|
|||
|
||||
exports.exportMyData = (req, res) => {
|
||||
if (!req.isAuthenticated()) {
|
||||
return response.errorForbidden(res)
|
||||
return response.errorForbidden(req, res)
|
||||
}
|
||||
|
||||
const archive = archiver('zip', {
|
||||
|
|
Loading…
Reference in New Issue