Fixed potential bug in realtime startConnection and bugs in note findOrNewNote, response showNote

2024-11-21 17:26:29 -05:00 · 2016-01-20 23:20:50 -06:00 · 2016-01-20 23:20:50 -06:00 · 16dcd27b78
commit 16dcd27b78
parent 50805f3540
3 changed files with 16 additions and 9 deletions
--- a/lib/note.js
+++ b/lib/note.js
@ -148,10 +148,10 @@ function newNote(id, owner, callback) {
    });
 }

-function findOrNewNote(id, permission, callback) {
+function findOrNewNote(id, owner, callback) {
    findNote(id, function (err, note) {
        if (err || !note) {
-            newNote(id, permission, function (err, note) {
+            newNote(id, owner, function (err, note) {
                if (err) {
                    logger.error('find or new note failed: ' + err);
                    callback(err, null);
@ -161,6 +161,10 @@ function findOrNewNote(id, permission, callback) {
            });
        } else {
            if (!note.permission) {
+                var permission = "freely";
+                if (owner && owner != "null") {
+                    permission = "editable";
+                }
                note.permission = permission;
                note.updated = Date.now();
                note.save(function (err) {
--- a/lib/realtime.js
+++ b/lib/realtime.js
@ -394,10 +394,13 @@ function startConnection(socket) {
            //find or new note
            Note.findOrNewNote(notename, owner, function (err, note) {
                if (err) {
-                    responseError(res, "404", "Not Found", "oops.");
+                    socket.emit('info', {
+                        code: 404
+                    });
+                    socket.disconnect(true);
 					clearSocketQueue(connectionSocketQueue, socket);
 					isConnectionBusy = false;
-                    return;
+                    return logger.error(err);
                }

                var body = LZString.decompressFromBase64(data.rows[0].content);
--- a/lib/response.js
+++ b/lib/response.js
@ -175,15 +175,15 @@ function showNote(req, res, next) {
            return response.errorNotFound(res);
        }
    }
-    Note.findNote(noteId, function (err, note) {
-        if (err || !note) {
+    db.readFromDB(noteId, function (err, data) {
+        if (err) {
            return response.errorNotFound(res);
        }
-        db.readFromDB(note.id, function (err, data) {
-            if (err) {
+        var notedata = data.rows[0];
+        Note.findOrNewNote(noteId, notedata.owner, function (err, note) {
+            if (err || !note) {
                return response.errorNotFound(res);
            }
-            var notedata = data.rows[0];
            //check view permission
            if (note.permission == 'private') {
                if (!req.isAuthenticated() || notedata.owner != req.user._id)