fix: change errorForbidden function signature, add req into function parameter

avoid incorrect function parameter passing

Signed-off-by: BoHong Li <raccoon@hackmd.io>
This commit is contained in:
BoHong Li 2020-02-26 11:13:45 +08:00
parent 7870b82249
commit 6b1ce381df
No known key found for this signature in database
GPG Key ID: 06770355DC9ECD38
5 changed files with 19 additions and 20 deletions

View File

@ -123,7 +123,7 @@ function historyGet (req, res) {
})
})
} else {
return response.errorForbidden(res)
return response.errorForbidden(req, res)
}
}
@ -164,7 +164,7 @@ function historyPost (req, res) {
})
}
} else {
return response.errorForbidden(res)
return response.errorForbidden(req, res)
}
}
@ -188,7 +188,7 @@ function historyDelete (req, res) {
})
}
} else {
return response.errorForbidden(res)
return response.errorForbidden(req, res)
}
}

View File

@ -21,7 +21,7 @@ imageRouter.post('/uploadimage', function (req, res) {
form.parse(req, function (err, fields, files) {
if (err || !files.image || !files.image.path) {
response.errorForbidden(res)
response.errorForbidden(req, res)
} else {
if (config.debug) {
logger.info('SERVER received uploadimage: ' + JSON.stringify(files.image))

View File

@ -66,7 +66,7 @@ async function showNote (req, res) {
}
if (!newCheckViewPermission(note, req.isAuthenticated(), userId)) {
return errorForbidden(res)
return errorForbidden(req, res)
}
// force to use note id
@ -99,7 +99,7 @@ async function showPublishNote (req, res) {
}
if (!canViewNote(note, req.isAuthenticated(), req.user ? req.user.id : null)) {
return errorForbidden(req)
return errorForbidden(req, res)
}
if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) {
@ -150,7 +150,7 @@ async function noteActions (req, res) {
}
if (!canViewNote(note, req.isAuthenticated(), req.user ? req.user.id : null)) {
return errorForbidden(req)
return errorForbidden(req, res)
}
const action = req.params.action
@ -171,7 +171,7 @@ async function noteActions (req, res) {
actionPDF(req, res, note)
} else {
logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details')
errorForbidden(res)
errorForbidden(req, res)
}
break
case 'gist':

View File

@ -28,8 +28,7 @@ exports.checkViewPermission = checkViewPermission
exports.newCheckViewPermission = newCheckViewPermission
exports.responseCodiMD = responseCodiMD
function errorForbidden (res) {
const { req } = res
function errorForbidden (req, res) {
if (req.user) {
responseError(res, '403', 'Forbidden', 'oh no.')
} else {
@ -100,7 +99,7 @@ function newNote (req, res, next) {
if (req.isAuthenticated()) {
owner = req.user.id
} else if (!config.allowAnonymous) {
return errorForbidden(res)
return errorForbidden(req, res)
}
models.Note.create({
ownerId: owner,
@ -161,7 +160,7 @@ function findNote (req, res, callback, include) {
}
}
if (!checkViewPermission(req, note)) {
return errorForbidden(res)
return errorForbidden(req, res)
} else {
return callback(note)
}
@ -239,7 +238,7 @@ function githubActionGist (req, res, note) {
var code = req.query.code
var state = req.query.state
if (!code || !state) {
return errorForbidden(res)
return errorForbidden(req, res)
} else {
var data = {
client_id: config.github.clientID,
@ -279,14 +278,14 @@ function githubActionGist (req, res, note) {
res.setHeader('referer', '')
res.redirect(body.html_url)
} else {
return errorForbidden(res)
return errorForbidden(req, res)
}
})
} else {
return errorForbidden(res)
return errorForbidden(req, res)
}
} else {
return errorForbidden(res)
return errorForbidden(req, res)
}
})
}
@ -334,7 +333,7 @@ function gitlabActionProjects (req, res, note) {
return errorInternalError(res)
})
} else {
return errorForbidden(res)
return errorForbidden(req, res)
}
}

View File

@ -37,7 +37,7 @@ exports.getMe = async (req, res) => {
exports.deleteUser = async (req, res) => {
if (!req.isAuthenticated()) {
return response.errorForbidden(res)
return response.errorForbidden(req, res)
}
const user = await models.User.findOne({
@ -51,7 +51,7 @@ exports.deleteUser = async (req, res) => {
}
if (user.deleteToken !== req.params.token) {
return response.errorForbidden(res)
return response.errorForbidden(req, res)
}
await user.destroy()
@ -60,7 +60,7 @@ exports.deleteUser = async (req, res) => {
exports.exportMyData = (req, res) => {
if (!req.isAuthenticated()) {
return response.errorForbidden(res)
return response.errorForbidden(req, res)
}
const archive = archiver('zip', {