@@ -6,13 +6,12 @@ const ModelPath = '../../models/'; | |||||
const Invite = require(ModelPath + 'Invite.js'); | const Invite = require(ModelPath + 'Invite.js'); | ||||
const User = require(ModelPath + 'User.js'); | const User = require(ModelPath + 'User.js'); | ||||
const wrap = require('../../util/wrap.js'); | |||||
const requireAuth = require('../../util/auth').requireAuth; | const requireAuth = require('../../util/auth').requireAuth; | ||||
const verifyScope = require('../../util/verifyScope'); | const verifyScope = require('../../util/verifyScope'); | ||||
const verifyBody = require('../../util/verifyBody'); | const verifyBody = require('../../util/verifyBody'); | ||||
const createParams = [{name: 'scope', instance: Array}]; | const createParams = [{name: 'scope', instance: Array}]; | ||||
router.post('/create', requireAuth('invite.create'), verifyBody(createParams), wrap(async (req, res, next) => { | |||||
router.post('/create', requireAuth('invite.create'), verifyBody(createParams), async (req, res, next) => { | |||||
const scope = req.body.scope; | const scope = req.body.scope; | ||||
if (!scope.every(scope => verifyScope(req.scope, scope))) | if (!scope.every(scope => verifyScope(req.scope, scope))) | ||||
return res.status(403).json({message: 'Requested scope exceeds own scope.'}); | return res.status(403).json({message: 'Requested scope exceeds own scope.'}); | ||||
@@ -34,10 +33,10 @@ router.post('/create', requireAuth('invite.create'), verifyBody(createParams), w | |||||
message: 'Invite created.', | message: 'Invite created.', | ||||
code: invite.code | code: invite.code | ||||
}); | }); | ||||
})); | |||||
}); | |||||
const deleteParams = [{name: 'code', type: 'string'}]; | const deleteParams = [{name: 'code', type: 'string'}]; | ||||
router.post('/delete', requireAuth('invite.delete'), verifyBody(deleteParams), wrap(async (req, res, next) => { | |||||
router.post('/delete', requireAuth('invite.delete'), verifyBody(deleteParams), async (req, res, next) => { | |||||
let query = {code: req.body.code}; | let query = {code: req.body.code}; | ||||
// Users need a permission to delete invites other than their own | // Users need a permission to delete invites other than their own | ||||
@@ -55,10 +54,10 @@ router.post('/delete', requireAuth('invite.delete'), verifyBody(deleteParams), w | |||||
await Invite.deleteOne({_id: invite._id}).catch(next); | await Invite.deleteOne({_id: invite._id}).catch(next); | ||||
res.status(200).json({message: 'Invite deleted.'}); | res.status(200).json({message: 'Invite deleted.'}); | ||||
})); | |||||
}); | |||||
const getParams = [{name: 'code', type: 'string', optional: true}, {name: 'issuer', type: 'string', optional: true}]; | const getParams = [{name: 'code', type: 'string', optional: true}, {name: 'issuer', type: 'string', optional: true}]; | ||||
router.get('/get', requireAuth('invite.get'), verifyBody(getParams), wrap(async (req, res, next) => { | |||||
router.get('/get', requireAuth('invite.get'), verifyBody(getParams), async (req, res, next) => { | |||||
let query = {}; | let query = {}; | ||||
// Users need a permission to list invites other than their own | // Users need a permission to list invites other than their own | ||||
@@ -73,6 +72,6 @@ router.get('/get', requireAuth('invite.get'), verifyBody(getParams), wrap(async | |||||
const invites = await Invite.find(query).catch(next); | const invites = await Invite.find(query).catch(next); | ||||
res.status(200).json(invites); | res.status(200).json(invites); | ||||
})); | |||||
}); | |||||
module.exports = router; | module.exports = router; |
@@ -6,7 +6,6 @@ const crypto = require('crypto'); | |||||
const ModelPath = '../../models/'; | const ModelPath = '../../models/'; | ||||
const Key = require(ModelPath + 'Key.js'); | const Key = require(ModelPath + 'Key.js'); | ||||
const wrap = require('../../util/wrap'); | |||||
const verifyBody = require('../../util/verifyBody'); | const verifyBody = require('../../util/verifyBody'); | ||||
const verifyScope = require('../../util/verifyScope'); | const verifyScope = require('../../util/verifyScope'); | ||||
const requireAuth = require('../../util/auth').requireAuth; | const requireAuth = require('../../util/auth').requireAuth; | ||||
@@ -14,7 +13,7 @@ const requireAuth = require('../../util/auth').requireAuth; | |||||
const createParams = [ | const createParams = [ | ||||
{name: 'identifier', type: 'string', sanitize: true}, | {name: 'identifier', type: 'string', sanitize: true}, | ||||
{name: 'scope', instance: Array}]; | {name: 'scope', instance: Array}]; | ||||
router.post('/create', requireAuth('key.create'), verifyBody(createParams), wrap(async (req, res) => { | |||||
router.post('/create', requireAuth('key.create'), verifyBody(createParams), async (req, res) => { | |||||
const keyCount = await Key.countDocuments({issuer: req.username}); | const keyCount = await Key.countDocuments({issuer: req.username}); | ||||
if (keyCount >= config.get('Key.limit')) | if (keyCount >= config.get('Key.limit')) | ||||
return res.status(403).json({message: 'Key limit reached.'}); | return res.status(403).json({message: 'Key limit reached.'}); | ||||
@@ -37,12 +36,12 @@ router.post('/create', requireAuth('key.create'), verifyBody(createParams), wrap | |||||
message: 'Key created.', | message: 'Key created.', | ||||
key: key.key | key: key.key | ||||
}); | }); | ||||
})); | |||||
}); | |||||
const getProps = [ | const getProps = [ | ||||
{name: 'identifier', type: 'string', optional: true}, | {name: 'identifier', type: 'string', optional: true}, | ||||
{name: 'issuer', type: 'string', optional: true}]; | {name: 'issuer', type: 'string', optional: true}]; | ||||
router.get('/get', requireAuth('key.get'), verifyBody(getProps), wrap(async (req, res) => { | |||||
router.get('/get', requireAuth('key.get'), verifyBody(getProps), async (req, res) => { | |||||
let query = {}; | let query = {}; | ||||
if (req.body.identifier) | if (req.body.identifier) | ||||
@@ -56,12 +55,12 @@ router.get('/get', requireAuth('key.get'), verifyBody(getProps), wrap(async (req | |||||
const keys = await Key.find(query); | const keys = await Key.find(query); | ||||
res.status(200).json(keys); | res.status(200).json(keys); | ||||
})); | |||||
}); | |||||
const deleteProps = [ | const deleteProps = [ | ||||
{name: 'key', type: 'string'}, | {name: 'key', type: 'string'}, | ||||
{name: 'issuer', type: 'string', optional: true}]; | {name: 'issuer', type: 'string', optional: true}]; | ||||
router.post('/delete', requireAuth('key.delete'), verifyBody(deleteProps), wrap(async (req, res) => { | |||||
router.post('/delete', requireAuth('key.delete'), verifyBody(deleteProps), async (req, res) => { | |||||
let query = {key : req.body.key}; | let query = {key : req.body.key}; | ||||
if (!verifyScope(req.scope, 'key.delete.others')) | if (!verifyScope(req.scope, 'key.delete.others')) | ||||
@@ -75,6 +74,6 @@ router.post('/delete', requireAuth('key.delete'), verifyBody(deleteProps), wrap( | |||||
await Key.deleteOne({_id: key._id}); | await Key.deleteOne({_id: key._id}); | ||||
res.status(200).json({message: 'Key deleted.'}); | res.status(200).json({message: 'Key deleted.'}); | ||||
})); | |||||
}); | |||||
module.exports = router; | module.exports = router; |
@@ -5,7 +5,6 @@ const ModelPath = '../../models/'; | |||||
const Upload = require(ModelPath + 'Upload.js'); | const Upload = require(ModelPath + 'Upload.js'); | ||||
const View = require(ModelPath + 'View.js'); | const View = require(ModelPath + 'View.js'); | ||||
const wrap = require('../../util/wrap'); | |||||
const verifyBody = require('../../util/verifyBody'); | const verifyBody = require('../../util/verifyBody'); | ||||
const requireAuth = require('../../util/auth').requireAuth; | const requireAuth = require('../../util/auth').requireAuth; | ||||
@@ -15,7 +14,7 @@ const uploadProps = [ | |||||
{name: 'limit', type: 'number', min: 1, max: 10000, optional: true} | {name: 'limit', type: 'number', min: 1, max: 10000, optional: true} | ||||
]; | ]; | ||||
router.get('/uploads', requireAuth('stats.get'), verifyBody(uploadProps), wrap(async (req, res) => { | |||||
router.get('/uploads', requireAuth('stats.get'), verifyBody(uploadProps), async (req, res) => { | |||||
let constraints = {uploader: req.username}; | let constraints = {uploader: req.username}; | ||||
// Set date constraints if specified | // Set date constraints if specified | ||||
@@ -47,7 +46,7 @@ router.get('/uploads', requireAuth('stats.get'), verifyBody(uploadProps), wrap(a | |||||
}); | }); | ||||
res.status(200).json(uploads); | res.status(200).json(uploads); | ||||
})); | |||||
}); | |||||
const viewProps = [ | const viewProps = [ | ||||
@@ -56,7 +55,7 @@ const viewProps = [ | |||||
{name: 'limit', type: 'number', min: 1, max: 10000, optional: true} | {name: 'limit', type: 'number', min: 1, max: 10000, optional: true} | ||||
]; | ]; | ||||
router.get('/views', requireAuth('stats.get'), verifyBody(viewProps), wrap(async (req, res) => { | |||||
router.get('/views', requireAuth('stats.get'), verifyBody(viewProps), async (req, res) => { | |||||
let constraints = {uploader: req.username}; | let constraints = {uploader: req.username}; | ||||
// Set date constraints if specified | // Set date constraints if specified | ||||
@@ -84,6 +83,6 @@ router.get('/views', requireAuth('stats.get'), verifyBody(viewProps), wrap(async | |||||
}); | }); | ||||
res.status(200).json(views); | res.status(200).json(views); | ||||
})); | |||||
}); | |||||
module.exports = router; | module.exports = router; |
@@ -8,9 +8,7 @@ const Upload = require(ModelPath + 'Upload.js'); | |||||
const uploadMultipart = require('../../util/upload/multipart'); | const uploadMultipart = require('../../util/upload/multipart'); | ||||
const updateStats = require('../../util/upload/stats'); | const updateStats = require('../../util/upload/stats'); | ||||
const wrap = require('../../util/wrap.js'); | |||||
router.post('/', uploadMultipart, wrap(async (req, res) => { | |||||
router.post('/', uploadMultipart, async (req, res) => { | |||||
const upload = { | const upload = { | ||||
uid: req.file.name, | uid: req.file.name, | ||||
uploader: req.username, | uploader: req.username, | ||||
@@ -29,6 +27,6 @@ router.post('/', uploadMultipart, wrap(async (req, res) => { | |||||
uid: req.file.name, | uid: req.file.name, | ||||
url: config.get('Server.hostname') + '/v/' + upload.uid | url: config.get('Server.hostname') + '/v/' + upload.uid | ||||
}); | }); | ||||
})); | |||||
}); | |||||
module.exports = router; | module.exports = router; |
@@ -4,14 +4,13 @@ const router = express.Router(); | |||||
const ModelPath = '../../models/'; | const ModelPath = '../../models/'; | ||||
const User = require(ModelPath + 'User.js'); | const User = require(ModelPath + 'User.js'); | ||||
const wrap = require('../../util/wrap'); | |||||
const verifyBody = require('../../util/verifyBody'); | const verifyBody = require('../../util/verifyBody'); | ||||
const requireAuth = require('../../util/auth').requireAuth; | const requireAuth = require('../../util/auth').requireAuth; | ||||
const getParams = [ | const getParams = [ | ||||
{name: 'username', type: 'string', optional: true}, | {name: 'username', type: 'string', optional: true}, | ||||
{name: 'displayname', type: 'string', optional: true}]; | {name: 'displayname', type: 'string', optional: true}]; | ||||
router.get('/get', requireAuth('user.get'), verifyBody(getParams), wrap(async (req, res) => { | |||||
router.get('/get', requireAuth('user.get'), verifyBody(getParams), async (req, res) => { | |||||
let query = {}; | let query = {}; | ||||
if (req.body.username) | if (req.body.username) | ||||
@@ -24,10 +23,10 @@ router.get('/get', requireAuth('user.get'), verifyBody(getParams), wrap(async (r | |||||
const users = await User.find(query); | const users = await User.find(query); | ||||
res.status(200).json(users); | res.status(200).json(users); | ||||
})); | |||||
}); | |||||
const banParams = [{name: 'username', type: 'string'}]; | const banParams = [{name: 'username', type: 'string'}]; | ||||
router.post('/ban', requireAuth('user.ban'), verifyBody(banParams), wrap(async (req, res) => { | |||||
router.post('/ban', requireAuth('user.ban'), verifyBody(banParams), async (req, res) => { | |||||
const user = await User.findOne({username: req.body.username}); | const user = await User.findOne({username: req.body.username}); | ||||
if (!user) | if (!user) | ||||
return res.status(422).json({message: 'User not found.'}); | return res.status(422).json({message: 'User not found.'}); | ||||
@@ -39,10 +38,10 @@ router.post('/ban', requireAuth('user.ban'), verifyBody(banParams), wrap(async ( | |||||
await user.save(); | await user.save(); | ||||
res.status(200).json({message: 'User banned.'}); | res.status(200).json({message: 'User banned.'}); | ||||
})); | |||||
}); | |||||
const unbanParams = [{name: 'username', type: 'string'}]; | const unbanParams = [{name: 'username', type: 'string'}]; | ||||
router.post('/unban', requireAuth('user.unban'), verifyBody(unbanParams), wrap(async (req, res) => { | |||||
router.post('/unban', requireAuth('user.unban'), verifyBody(unbanParams), async (req, res) => { | |||||
const user = await User.findOne({username: req.body.username}); | const user = await User.findOne({username: req.body.username}); | ||||
if (!user) | if (!user) | ||||
return res.status(422).json({message: 'User not found.'}); | return res.status(422).json({message: 'User not found.'}); | ||||
@@ -54,6 +53,6 @@ router.post('/unban', requireAuth('user.unban'), verifyBody(unbanParams), wrap(a | |||||
await user.save(); | await user.save(); | ||||
res.status(200).json({message: 'User unbanned.'}); | res.status(200).json({message: 'User unbanned.'}); | ||||
})); | |||||
}); | |||||
module.exports = router; | module.exports = router; |
@@ -7,8 +7,6 @@ const ModelPath = '../../models/'; | |||||
const Upload = require(ModelPath + 'Upload.js'); | const Upload = require(ModelPath + 'Upload.js'); | ||||
const View = require(ModelPath + 'View.js'); | const View = require(ModelPath + 'View.js'); | ||||
const wrap = require('../../util/wrap.js'); | |||||
const insertView = async (req, upload) => | const insertView = async (req, upload) => | ||||
Promise.all([ | Promise.all([ | ||||
View.create({ | View.create({ | ||||
@@ -20,7 +18,7 @@ const insertView = async (req, upload) => | |||||
Upload.updateOne({uid: upload.uid}, {$inc: {views: 1}}) | Upload.updateOne({uid: upload.uid}, {$inc: {views: 1}}) | ||||
]); | ]); | ||||
router.get('/:uid', wrap(async (req, res) => { | |||||
router.get('/:uid', async (req, res) => { | |||||
const upload = await Upload.findOne({uid: req.params.uid}); | const upload = await Upload.findOne({uid: req.params.uid}); | ||||
if (!upload) | if (!upload) | ||||
return res.status(404).json({message: 'File not found.'}); | return res.status(404).json({message: 'File not found.'}); | ||||
@@ -43,6 +41,6 @@ router.get('/:uid', wrap(async (req, res) => { | |||||
fs.createReadStream(upload.file.path) | fs.createReadStream(upload.file.path) | ||||
.pipe(res); | .pipe(res); | ||||
})); | |||||
}); | |||||
module.exports = router; | module.exports = router; |