status-im/codimd
2
0
Fork 0
mirror of https://github.com/status-im/codimd.git synced 2025-02-17 09:56:25 +00:00
Code Issues Projects Releases Wiki Activity

fix: change errorForbidden function signature, add req into function parameter

Browse Source 
avoid incorrect function parameter passing

Signed-off-by: BoHong Li <raccoon@hackmd.io>
This commit is contained in:
BoHong Li 2020-02-26 11:13:45 +08:00
parent 7870b82249
commit 6b1ce381df
No known key found for this signature in database
GPG Key ID: 06770355DC9ECD38
5 changed files with 19 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
lib/history/index.js
View File

@ -123,7 +123,7 @@ function historyGet (req, res) {
}) })
}) })
} else { } else {
return response.errorForbidden(res) return response.errorForbidden(req, res)
} }
} }
@ -164,7 +164,7 @@ function historyPost (req, res) {
}) })
} }
} else { } else {
return response.errorForbidden(res) return response.errorForbidden(req, res)
} }
} }
@ -188,7 +188,7 @@ function historyDelete (req, res) {
}) })
} }
} else { } else {
return response.errorForbidden(res) return response.errorForbidden(req, res)
} }
} }

2
lib/imageRouter/index.js
View File

@ -21,7 +21,7 @@ imageRouter.post('/uploadimage', function (req, res) {
form.parse(req, function (err, fields, files) { form.parse(req, function (err, fields, files) {
if (err || !files.image || !files.image.path) { if (err || !files.image || !files.image.path) {
response.errorForbidden(res) response.errorForbidden(req, res)
} else { } else {
if (config.debug) { if (config.debug) {
logger.info('SERVER received uploadimage: ' + JSON.stringify(files.image)) logger.info('SERVER received uploadimage: ' + JSON.stringify(files.image))

8
lib/note/index.js
View File

@ -66,7 +66,7 @@ async function showNote (req, res) {
} }
if (!newCheckViewPermission(note, req.isAuthenticated(), userId)) { if (!newCheckViewPermission(note, req.isAuthenticated(), userId)) {
return errorForbidden(res) return errorForbidden(req, res)
} }
// force to use note id // force to use note id
@ -99,7 +99,7 @@ async function showPublishNote (req, res) {
} }
if (!canViewNote(note, req.isAuthenticated(), req.user ? req.user.id : null)) { if (!canViewNote(note, req.isAuthenticated(), req.user ? req.user.id : null)) {
return errorForbidden(req) return errorForbidden(req, res)
} }
if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) { if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) {
@ -150,7 +150,7 @@ async function noteActions (req, res) {
} }
if (!canViewNote(note, req.isAuthenticated(), req.user ? req.user.id : null)) { if (!canViewNote(note, req.isAuthenticated(), req.user ? req.user.id : null)) {
return errorForbidden(req) return errorForbidden(req, res)
} }
const action = req.params.action const action = req.params.action
@ -171,7 +171,7 @@ async function noteActions (req, res) {
actionPDF(req, res, note) actionPDF(req, res, note)
} else { } else {
logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details') logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details')
errorForbidden(res) errorForbidden(req, res)
} }
break break
case 'gist': case 'gist':

17
lib/response.js
View File

@ -28,8 +28,7 @@ exports.checkViewPermission = checkViewPermission
exports.newCheckViewPermission = newCheckViewPermission exports.newCheckViewPermission = newCheckViewPermission
exports.responseCodiMD = responseCodiMD exports.responseCodiMD = responseCodiMD
function errorForbidden (res) { function errorForbidden (req, res) {
const { req } = res
if (req.user) { if (req.user) {
responseError(res, '403', 'Forbidden', 'oh no.') responseError(res, '403', 'Forbidden', 'oh no.')
} else { } else {
@ -100,7 +99,7 @@ function newNote (req, res, next) {
if (req.isAuthenticated()) { if (req.isAuthenticated()) {
owner = req.user.id owner = req.user.id
} else if (!config.allowAnonymous) { } else if (!config.allowAnonymous) {
return errorForbidden(res) return errorForbidden(req, res)
} }
models.Note.create({ models.Note.create({
ownerId: owner, ownerId: owner,
@ -161,7 +160,7 @@ function findNote (req, res, callback, include) {
} }
} }
if (!checkViewPermission(req, note)) { if (!checkViewPermission(req, note)) {
return errorForbidden(res) return errorForbidden(req, res)
} else { } else {
return callback(note) return callback(note)
} }
@ -239,7 +238,7 @@ function githubActionGist (req, res, note) {
var code = req.query.code var code = req.query.code
var state = req.query.state var state = req.query.state
if (!code || !state) { if (!code || !state) {
return errorForbidden(res) return errorForbidden(req, res)
} else { } else {
var data = { var data = {
client_id: config.github.clientID, client_id: config.github.clientID,
@ -279,14 +278,14 @@ function githubActionGist (req, res, note) {
res.setHeader('referer', '') res.setHeader('referer', '')
res.redirect(body.html_url) res.redirect(body.html_url)
} else { } else {
return errorForbidden(res) return errorForbidden(req, res)
} }
}) })
} else { } else {
return errorForbidden(res) return errorForbidden(req, res)
} }
} else { } else {
return errorForbidden(res) return errorForbidden(req, res)
} }
}) })
} }
@ -334,7 +333,7 @@ function gitlabActionProjects (req, res, note) {
return errorInternalError(res) return errorInternalError(res)
}) })
} else { } else {
return errorForbidden(res) return errorForbidden(req, res)
} }
} }

6
lib/user/index.js
View File

@ -37,7 +37,7 @@ exports.getMe = async (req, res) => {
exports.deleteUser = async (req, res) => { exports.deleteUser = async (req, res) => {
if (!req.isAuthenticated()) { if (!req.isAuthenticated()) {
return response.errorForbidden(res) return response.errorForbidden(req, res)
} }
const user = await models.User.findOne({ const user = await models.User.findOne({
@ -51,7 +51,7 @@ exports.deleteUser = async (req, res) => {
} }
if (user.deleteToken !== req.params.token) { if (user.deleteToken !== req.params.token) {
return response.errorForbidden(res) return response.errorForbidden(req, res)
} }
await user.destroy() await user.destroy()
@ -60,7 +60,7 @@ exports.deleteUser = async (req, res) => {
exports.exportMyData = (req, res) => { exports.exportMyData = (req, res) => {
if (!req.isAuthenticated()) { if (!req.isAuthenticated()) {
return response.errorForbidden(res) return response.errorForbidden(req, res)
} }
const archive = archiver('zip', { const archive = archiver('zip', {