mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2024-11-29 10:24:30 -05:00
Fixed potential bug in realtime startConnection and bugs in note findOrNewNote, response showNote
This commit is contained in:
parent
50805f3540
commit
16dcd27b78
3 changed files with 16 additions and 9 deletions
|
@ -148,10 +148,10 @@ function newNote(id, owner, callback) {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
function findOrNewNote(id, permission, callback) {
|
function findOrNewNote(id, owner, callback) {
|
||||||
findNote(id, function (err, note) {
|
findNote(id, function (err, note) {
|
||||||
if (err || !note) {
|
if (err || !note) {
|
||||||
newNote(id, permission, function (err, note) {
|
newNote(id, owner, function (err, note) {
|
||||||
if (err) {
|
if (err) {
|
||||||
logger.error('find or new note failed: ' + err);
|
logger.error('find or new note failed: ' + err);
|
||||||
callback(err, null);
|
callback(err, null);
|
||||||
|
@ -161,6 +161,10 @@ function findOrNewNote(id, permission, callback) {
|
||||||
});
|
});
|
||||||
} else {
|
} else {
|
||||||
if (!note.permission) {
|
if (!note.permission) {
|
||||||
|
var permission = "freely";
|
||||||
|
if (owner && owner != "null") {
|
||||||
|
permission = "editable";
|
||||||
|
}
|
||||||
note.permission = permission;
|
note.permission = permission;
|
||||||
note.updated = Date.now();
|
note.updated = Date.now();
|
||||||
note.save(function (err) {
|
note.save(function (err) {
|
||||||
|
|
|
@ -394,10 +394,13 @@ function startConnection(socket) {
|
||||||
//find or new note
|
//find or new note
|
||||||
Note.findOrNewNote(notename, owner, function (err, note) {
|
Note.findOrNewNote(notename, owner, function (err, note) {
|
||||||
if (err) {
|
if (err) {
|
||||||
responseError(res, "404", "Not Found", "oops.");
|
socket.emit('info', {
|
||||||
|
code: 404
|
||||||
|
});
|
||||||
|
socket.disconnect(true);
|
||||||
clearSocketQueue(connectionSocketQueue, socket);
|
clearSocketQueue(connectionSocketQueue, socket);
|
||||||
isConnectionBusy = false;
|
isConnectionBusy = false;
|
||||||
return;
|
return logger.error(err);
|
||||||
}
|
}
|
||||||
|
|
||||||
var body = LZString.decompressFromBase64(data.rows[0].content);
|
var body = LZString.decompressFromBase64(data.rows[0].content);
|
||||||
|
|
|
@ -175,15 +175,15 @@ function showNote(req, res, next) {
|
||||||
return response.errorNotFound(res);
|
return response.errorNotFound(res);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Note.findNote(noteId, function (err, note) {
|
db.readFromDB(noteId, function (err, data) {
|
||||||
if (err || !note) {
|
|
||||||
return response.errorNotFound(res);
|
|
||||||
}
|
|
||||||
db.readFromDB(note.id, function (err, data) {
|
|
||||||
if (err) {
|
if (err) {
|
||||||
return response.errorNotFound(res);
|
return response.errorNotFound(res);
|
||||||
}
|
}
|
||||||
var notedata = data.rows[0];
|
var notedata = data.rows[0];
|
||||||
|
Note.findOrNewNote(noteId, notedata.owner, function (err, note) {
|
||||||
|
if (err || !note) {
|
||||||
|
return response.errorNotFound(res);
|
||||||
|
}
|
||||||
//check view permission
|
//check view permission
|
||||||
if (note.permission == 'private') {
|
if (note.permission == 'private') {
|
||||||
if (!req.isAuthenticated() || notedata.owner != req.user._id)
|
if (!req.isAuthenticated() || notedata.owner != req.user._id)
|
||||||
|
|
Loading…
Reference in a new issue