github/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-11-23 02:06:29 -05:00
Code Issues Projects Releases Packages Wiki Activity

Public API: Use GetNotePipe

Browse source 
This replaces repeated calls to `noteService.getNoteByIdOrAlias`
and associated error handling with the `GetNotePipe`
in the `Param` decorator.

Signed-off-by: David Mehren <git@herrmehren.de>
This commit is contained in:
David Mehren 2021-08-29 17:28:14 +02:00
parent 1e3c08b3df
commit 9da8d0efb0
No known key found for this signature in database
GPG key ID: 185982BA4C42B7C3
1 changed files with 53 additions and 138 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

191
src/api/public/notes/notes.controller.ts
View file

@ -40,6 +40,7 @@ import { HistoryService } from '../../../history/history.service';
import { ConsoleLoggerService } from '../../../logger/console-logger.service'; import { ConsoleLoggerService } from '../../../logger/console-logger.service';
import { MediaUploadDto } from '../../../media/media-upload.dto'; import { MediaUploadDto } from '../../../media/media-upload.dto';
import { MediaService } from '../../../media/media.service'; import { MediaService } from '../../../media/media.service';
import { GetNotePipe } from '../../../notes/get-note.pipe';
import { NoteMetadataDto } from '../../../notes/note-metadata.dto'; import { NoteMetadataDto } from '../../../notes/note-metadata.dto';
import { import {
NotePermissionsDto, NotePermissionsDto,
@ -106,20 +107,8 @@ export class NotesController {
@FullApi @FullApi
async getNote( async getNote(
@RequestUser() user: User, @RequestUser() user: User,
@Param('noteIdOrAlias') noteIdOrAlias: string, @Param('noteIdOrAlias', GetNotePipe) note: Note,
): Promise<NoteDto> { ): Promise<NoteDto> {
let note: Note;
try {
note = await this.noteService.getNoteByIdOrAlias(noteIdOrAlias);
} catch (e) {
if (e instanceof NotInDBError) {
throw new NotFoundException(e.message);
}
if (e instanceof ForbiddenIdError) {
throw new BadRequestException(e.message);
}
throw e;
}
if (!this.permissionsService.mayRead(user, note)) { if (!this.permissionsService.mayRead(user, note)) {
throw new UnauthorizedException('Reading note denied!'); throw new UnauthorizedException('Reading note denied!');
} }
@ -167,35 +156,24 @@ export class NotesController {
@FullApi @FullApi
async deleteNote( async deleteNote(
@RequestUser() user: User, @RequestUser() user: User,
@Param('noteIdOrAlias') noteIdOrAlias: string, @Param('noteIdOrAlias', GetNotePipe) note: Note,
@Body() noteMediaDeletionDto: NoteMediaDeletionDto, @Body() noteMediaDeletionDto: NoteMediaDeletionDto,
): Promise<void> { ): Promise<void> {
try { if (!this.permissionsService.isOwner(user, note)) {
const note = await this.noteService.getNoteByIdOrAlias(noteIdOrAlias); throw new UnauthorizedException('Deleting note denied!');
if (!this.permissionsService.isOwner(user, note)) {
throw new UnauthorizedException('Deleting note denied!');
}
const mediaUploads = await this.mediaService.listUploadsByNote(note);
for (const mediaUpload of mediaUploads) {
if (!noteMediaDeletionDto.keepMedia) {
await this.mediaService.deleteFile(mediaUpload);
} else {
await this.mediaService.removeNoteFromMediaUpload(mediaUpload);
}
}
this.logger.debug('Deleting note: ' + noteIdOrAlias, 'deleteNote');
await this.noteService.deleteNote(note);
this.logger.debug('Successfully deleted ' + noteIdOrAlias, 'deleteNote');
return;
} catch (e) {
if (e instanceof NotInDBError) {
throw new NotFoundException(e.message);
}
if (e instanceof ForbiddenIdError) {
throw new BadRequestException(e.message);
}
throw e;
} }
const mediaUploads = await this.mediaService.listUploadsByNote(note);
for (const mediaUpload of mediaUploads) {
if (!noteMediaDeletionDto.keepMedia) {
await this.mediaService.deleteFile(mediaUpload);
} else {
await this.mediaService.removeNoteFromMediaUpload(mediaUpload);
}
}
this.logger.debug('Deleting note: ' + note.id, 'deleteNote');
await this.noteService.deleteNote(note);
this.logger.debug('Successfully deleted ' + note.id, 'deleteNote');
return;
} }
@UseGuards(TokenAuthGuard) @UseGuards(TokenAuthGuard)
@ -207,27 +185,16 @@ export class NotesController {
@FullApi @FullApi
async updateNote( async updateNote(
@RequestUser() user: User, @RequestUser() user: User,
@Param('noteIdOrAlias') noteIdOrAlias: string, @Param('noteIdOrAlias', GetNotePipe) note: Note,
@MarkdownBody() text: string, @MarkdownBody() text: string,
): Promise<NoteDto> { ): Promise<NoteDto> {
try { if (!this.permissionsService.mayWrite(user, note)) {
const note = await this.noteService.getNoteByIdOrAlias(noteIdOrAlias); throw new UnauthorizedException('Updating note denied!');
if (!this.permissionsService.mayWrite(user, note)) {
throw new UnauthorizedException('Updating note denied!');
}
this.logger.debug('Got raw markdown:\n' + text, 'updateNote');
return await this.noteService.toNoteDto(
await this.noteService.updateNote(note, text),
);
} catch (e) {
if (e instanceof NotInDBError) {
throw new NotFoundException(e.message);
}
if (e instanceof ForbiddenIdError) {
throw new BadRequestException(e.message);
}
throw e;
} }
this.logger.debug('Got raw markdown:\n' + text, 'updateNote');
return await this.noteService.toNoteDto(
await this.noteService.updateNote(note, text),
);
} }
@UseGuards(TokenAuthGuard) @UseGuards(TokenAuthGuard)
@ -240,23 +207,12 @@ export class NotesController {
@Header('content-type', 'text/markdown') @Header('content-type', 'text/markdown')
async getNoteContent( async getNoteContent(
@RequestUser() user: User, @RequestUser() user: User,
@Param('noteIdOrAlias') noteIdOrAlias: string, @Param('noteIdOrAlias', GetNotePipe) note: Note,
): Promise<string> { ): Promise<string> {
try { if (!this.permissionsService.mayRead(user, note)) {
const note = await this.noteService.getNoteByIdOrAlias(noteIdOrAlias); throw new UnauthorizedException('Reading note denied!');
if (!this.permissionsService.mayRead(user, note)) {
throw new UnauthorizedException('Reading note denied!');
}
return await this.noteService.getNoteContent(note);
} catch (e) {
if (e instanceof NotInDBError) {
throw new NotFoundException(e.message);
}
if (e instanceof ForbiddenIdError) {
throw new BadRequestException(e.message);
}
throw e;
} }
return await this.noteService.getNoteContent(note);
} }
@UseGuards(TokenAuthGuard) @UseGuards(TokenAuthGuard)
@ -268,24 +224,17 @@ export class NotesController {
@FullApi @FullApi
async getNoteMetadata( async getNoteMetadata(
@RequestUser() user: User, @RequestUser() user: User,
@Param('noteIdOrAlias') noteIdOrAlias: string, @Param('noteIdOrAlias', GetNotePipe) note: Note,
): Promise<NoteMetadataDto> { ): Promise<NoteMetadataDto> {
try { try {
const note = await this.noteService.getNoteByIdOrAlias(noteIdOrAlias);
if (!this.permissionsService.mayRead(user, note)) { if (!this.permissionsService.mayRead(user, note)) {
throw new UnauthorizedException('Reading note denied!'); throw new UnauthorizedException('Reading note denied!');
} }
return await this.noteService.toNoteMetadataDto(note); return await this.noteService.toNoteMetadataDto(note);
} catch (e) { } catch (e) {
if (e instanceof NotInDBError) {
throw new NotFoundException(e.message);
}
if (e instanceof PermissionsUpdateInconsistentError) { if (e instanceof PermissionsUpdateInconsistentError) {
throw new BadRequestException(e.message); throw new BadRequestException(e.message);
} }
if (e instanceof ForbiddenIdError) {
throw new BadRequestException(e.message);
}
throw e; throw e;
} }
} }
@ -299,26 +248,15 @@ export class NotesController {
@FullApi @FullApi
async updateNotePermissions( async updateNotePermissions(
@RequestUser() user: User, @RequestUser() user: User,
@Param('noteIdOrAlias') noteIdOrAlias: string, @Param('noteIdOrAlias', GetNotePipe) note: Note,
@Body() updateDto: NotePermissionsUpdateDto, @Body() updateDto: NotePermissionsUpdateDto,
): Promise<NotePermissionsDto> { ): Promise<NotePermissionsDto> {
try { if (!this.permissionsService.isOwner(user, note)) {
const note = await this.noteService.getNoteByIdOrAlias(noteIdOrAlias); throw new UnauthorizedException('Updating note denied!');
if (!this.permissionsService.isOwner(user, note)) {
throw new UnauthorizedException('Updating note denied!');
}
return this.noteService.toNotePermissionsDto(
await this.noteService.updateNotePermissions(note, updateDto),
);
} catch (e) {
if (e instanceof NotInDBError) {
throw new NotFoundException(e.message);
}
if (e instanceof ForbiddenIdError) {
throw new BadRequestException(e.message);
}
throw e;
} }
return this.noteService.toNotePermissionsDto(
await this.noteService.updateNotePermissions(note, updateDto),
);
} }
@UseGuards(TokenAuthGuard) @UseGuards(TokenAuthGuard)
@ -331,28 +269,17 @@ export class NotesController {
@FullApi @FullApi
async getNoteRevisions( async getNoteRevisions(
@RequestUser() user: User, @RequestUser() user: User,
@Param('noteIdOrAlias') noteIdOrAlias: string, @Param('noteIdOrAlias', GetNotePipe) note: Note,
): Promise<RevisionMetadataDto[]> { ): Promise<RevisionMetadataDto[]> {
try { if (!this.permissionsService.mayRead(user, note)) {
const note = await this.noteService.getNoteByIdOrAlias(noteIdOrAlias); throw new UnauthorizedException('Reading note denied!');
if (!this.permissionsService.mayRead(user, note)) {
throw new UnauthorizedException('Reading note denied!');
}
const revisions = await this.revisionsService.getAllRevisions(note);
return await Promise.all(
revisions.map((revision) =>
this.revisionsService.toRevisionMetadataDto(revision),
),
);
} catch (e) {
if (e instanceof NotInDBError) {
throw new NotFoundException(e.message);
}
if (e instanceof ForbiddenIdError) {
throw new BadRequestException(e.message);
}
throw e;
} }
const revisions = await this.revisionsService.getAllRevisions(note);
return await Promise.all(
revisions.map((revision) =>
this.revisionsService.toRevisionMetadataDto(revision),
),
);
} }
@UseGuards(TokenAuthGuard) @UseGuards(TokenAuthGuard)
@ -364,14 +291,13 @@ export class NotesController {
@FullApi @FullApi
async getNoteRevision( async getNoteRevision(
@RequestUser() user: User, @RequestUser() user: User,
@Param('noteIdOrAlias') noteIdOrAlias: string, @Param('noteIdOrAlias', GetNotePipe) note: Note,
@Param('revisionId') revisionId: number, @Param('revisionId') revisionId: number,
): Promise<RevisionDto> { ): Promise<RevisionDto> {
if (!this.permissionsService.mayRead(user, note)) {
throw new UnauthorizedException('Reading note denied!');
}
try { try {
const note = await this.noteService.getNoteByIdOrAlias(noteIdOrAlias);
if (!this.permissionsService.mayRead(user, note)) {
throw new UnauthorizedException('Reading note denied!');
}
return this.revisionsService.toRevisionDto( return this.revisionsService.toRevisionDto(
await this.revisionsService.getRevision(note, revisionId), await this.revisionsService.getRevision(note, revisionId),
); );
@ -379,9 +305,6 @@ export class NotesController {
if (e instanceof NotInDBError) { if (e instanceof NotInDBError) {
throw new NotFoundException(e.message); throw new NotFoundException(e.message);
} }
if (e instanceof ForbiddenIdError) {
throw new BadRequestException(e.message);
}
throw e; throw e;
} }
} }
@ -396,20 +319,12 @@ export class NotesController {
@ApiUnauthorizedResponse({ description: unauthorizedDescription }) @ApiUnauthorizedResponse({ description: unauthorizedDescription })
async getNotesMedia( async getNotesMedia(
@RequestUser() user: User, @RequestUser() user: User,
@Param('noteIdOrAlias') noteIdOrAlias: string, @Param('noteIdOrAlias', GetNotePipe) note: Note,
): Promise<MediaUploadDto[]> { ): Promise<MediaUploadDto[]> {
try { if (!this.permissionsService.mayRead(user, note)) {
const note = await this.noteService.getNoteByIdOrAlias(noteIdOrAlias); throw new UnauthorizedException('Reading note denied!');
if (!this.permissionsService.mayRead(user, note)) {
throw new UnauthorizedException('Reading note denied!');
}
const media = await this.mediaService.listUploadsByNote(note);
return media.map((media) => this.mediaService.toMediaUploadDto(media));
} catch (e) {
if (e instanceof NotInDBError) {
throw new NotFoundException(e.message);
}
throw e;
} }
const media = await this.mediaService.listUploadsByNote(note);
return media.map((media) => this.mediaService.toMediaUploadDto(media));
} }
} }