Moved padreadonly

pull/528/head
Egil Moeller 2012-02-25 00:15:57 +01:00
parent fed805be82
commit a89c81f62f
4 changed files with 89 additions and 78 deletions

21
node/padaccess.js Normal file
View File

@ -0,0 +1,21 @@
var ERR = require("async-stacktrace");
var securityManager = require('./db/SecurityManager');
//checks for padAccess
module.exports = function (req, res, callback) {
// FIXME: Why is this ever undefined??
if (req.cookies === undefined) req.cookies = {};
securityManager.checkAccess(req.params.pad, req.cookies.sessionid, req.cookies.token, req.cookies.password, function(err, accessObj) {
if(ERR(err, callback)) return;
//there is access, continue
if(accessObj.accessStatus == "grant") {
callback();
//no access
} else {
res.send("403 - Can't touch this", 403);
}
});
}

65
node/padreadonly.js Normal file
View File

@ -0,0 +1,65 @@
var async = require('async');
var readOnlyManager = require("./db/ReadOnlyManager");
var hasPadAccess = require("./padaccess");
var exporthtml = require("./utils/ExportHtml");
var ERR = require("async-stacktrace");
exports.expressServer = function (hook_name, args, cb) {
//serve read only pad
args.app.get('/ro/:id', function(req, res)
{
var html;
var padId;
var pad;
async.series([
//translate the read only pad to a padId
function(callback)
{
readOnlyManager.getPadId(req.params.id, function(err, _padId)
{
if(ERR(err, callback)) return;
padId = _padId;
//we need that to tell hasPadAcess about the pad
req.params.pad = padId;
callback();
});
},
//render the html document
function(callback)
{
//return if the there is no padId
if(padId == null)
{
callback("notfound");
return;
}
hasPadAccess(req, res, function()
{
//render the html document
exporthtml.getPadHTMLDocument(padId, null, false, function(err, _html)
{
if(ERR(err, callback)) return;
html = _html;
callback();
});
});
}
], function(err)
{
//throw any unexpected error
if(err && err != "notfound")
ERR(err);
if(err == "notfound")
res.send('404 - Not Found', 404);
else
res.send(html);
});
});
}

View File

@ -107,6 +107,7 @@ async.waterfall([
padManager = require('./db/PadManager'); padManager = require('./db/PadManager');
securityManager = require('./db/SecurityManager'); securityManager = require('./db/SecurityManager');
socketIORouter = require("./handler/SocketIORouter"); socketIORouter = require("./handler/SocketIORouter");
hasPadAccess = require("./padaccess");
//install logging //install logging
var httpLogger = log4js.getLogger("http"); var httpLogger = log4js.getLogger("http");
@ -128,26 +129,6 @@ async.waterfall([
gracefulShutdown(); gracefulShutdown();
}); });
//checks for padAccess
function hasPadAccess(req, res, callback)
{
securityManager.checkAccess(req.params.pad, req.cookies.sessionid, req.cookies.token, req.cookies.password, function(err, accessObj)
{
if(ERR(err, callback)) return;
//there is access, continue
if(accessObj.accessStatus == "grant")
{
callback();
}
//no access
else
{
res.send("403 - Can't touch this", 403);
}
});
}
//checks for basic http auth //checks for basic http auth
function basic_auth (req, res, next) { function basic_auth (req, res, next) {
if (req.headers.authorization && req.headers.authorization.search('Basic ') === 0) { if (req.headers.authorization && req.headers.authorization.search('Basic ') === 0) {
@ -168,63 +149,6 @@ async.waterfall([
} }
} }
//serve read only pad
app.get('/ro/:id', function(req, res)
{
var html;
var padId;
var pad;
async.series([
//translate the read only pad to a padId
function(callback)
{
readOnlyManager.getPadId(req.params.id, function(err, _padId)
{
if(ERR(err, callback)) return;
padId = _padId;
//we need that to tell hasPadAcess about the pad
req.params.pad = padId;
callback();
});
},
//render the html document
function(callback)
{
//return if the there is no padId
if(padId == null)
{
callback("notfound");
return;
}
hasPadAccess(req, res, function()
{
//render the html document
exporthtml.getPadHTMLDocument(padId, null, false, function(err, _html)
{
if(ERR(err, callback)) return;
html = _html;
callback();
});
});
}
], function(err)
{
//throw any unexpected error
if(err && err != "notfound")
ERR(err);
if(err == "notfound")
res.send('404 - Not Found', 404);
else
res.send(html);
});
});
//serve timeslider.html under /p/$padname/timeslider //serve timeslider.html under /p/$padname/timeslider
app.get('/p/:pad/:rev?/export/:type', function(req, res, next) app.get('/p/:pad/:rev?/export/:type', function(req, res, next)
{ {

View File

@ -3,6 +3,7 @@
{ "name": "static", "hooks": { "expressServer": "../static:expressServer" } }, { "name": "static", "hooks": { "expressServer": "../static:expressServer" } },
{ "name": "specialpages", "hooks": { "expressServer": "../specialpages:expressServer" } }, { "name": "specialpages", "hooks": { "expressServer": "../specialpages:expressServer" } },
{ "name": "padurlsanitize", "hooks": { "expressServer": "../padurlsanitize:expressServer" } }, { "name": "padurlsanitize", "hooks": { "expressServer": "../padurlsanitize:expressServer" } },
{ "name": "minified", "hooks": { "expressServer": "../minified:expressServer" } } { "name": "minified", "hooks": { "expressServer": "../minified:expressServer" } },
{ "name": "padreadonly", "hooks": { "expressServer": "../padreadonly:expressServer" } }
] ]
} }