github/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-11-23 10:16:32 -05:00
Code Issues Projects Releases Packages Wiki Activity

Private API: Use GetNotePipe

Browse source 
This replaces repeated calls to `noteService.getNoteByIdOrAlias`
and associated error handling with the `GetNotePipe`
in the `Param` decorator.

Signed-off-by: David Mehren <git@herrmehren.de>
This commit is contained in:
David Mehren 2021-08-29 17:33:02 +02:00
parent adc9ca6939
commit ea2dfafbd0
No known key found for this signature in database
GPG key ID: 185982BA4C42B7C3
1 changed files with 8 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

40
src/api/private/notes/notes.controller.ts
View file

@ -25,6 +25,7 @@ import { HistoryService } from '../../../history/history.service';
import { ConsoleLoggerService } from '../../../logger/console-logger.service'; import { ConsoleLoggerService } from '../../../logger/console-logger.service';
import { MediaUploadDto } from '../../../media/media-upload.dto'; import { MediaUploadDto } from '../../../media/media-upload.dto';
import { MediaService } from '../../../media/media.service'; import { MediaService } from '../../../media/media.service';
import { GetNotePipe } from '../../../notes/get-note.pipe';
import { NoteDto } from '../../../notes/note.dto'; import { NoteDto } from '../../../notes/note.dto';
import { Note } from '../../../notes/note.entity'; import { Note } from '../../../notes/note.entity';
import { NoteMediaDeletionDto } from '../../../notes/note.media-deletion.dto'; import { NoteMediaDeletionDto } from '../../../notes/note.media-deletion.dto';
@ -52,22 +53,10 @@ export class NotesController {
@Get(':noteIdOrAlias') @Get(':noteIdOrAlias')
async getNote( async getNote(
@Param('noteIdOrAlias') noteIdOrAlias: string, @Param('noteIdOrAlias', GetNotePipe) note: Note,
): Promise<NoteDto> { ): Promise<NoteDto> {
// ToDo: use actual user here // ToDo: use actual user here
const user = await this.userService.getUserByUsername('hardcoded'); const user = await this.userService.getUserByUsername('hardcoded');
let note: Note;
try {
note = await this.noteService.getNoteByIdOrAlias(noteIdOrAlias);
} catch (e) {
if (e instanceof NotInDBError) {
throw new NotFoundException(e.message);
}
if (e instanceof ForbiddenIdError) {
throw new BadRequestException(e.message);
}
throw e;
}
if (!this.permissionsService.mayRead(user, note)) { if (!this.permissionsService.mayRead(user, note)) {
throw new UnauthorizedException('Reading note denied!'); throw new UnauthorizedException('Reading note denied!');
} }
@ -77,12 +66,11 @@ export class NotesController {
@Get(':noteIdOrAlias/media') @Get(':noteIdOrAlias/media')
async getNotesMedia( async getNotesMedia(
@Param('noteIdOrAlias') noteIdOrAlias: string, @Param('noteIdOrAlias', GetNotePipe) note: Note,
): Promise<MediaUploadDto[]> { ): Promise<MediaUploadDto[]> {
try { try {
// ToDo: use actual user here // ToDo: use actual user here
const user = await this.userService.getUserByUsername('hardcoded'); const user = await this.userService.getUserByUsername('hardcoded');
const note = await this.noteService.getNoteByIdOrAlias(noteIdOrAlias);
if (!this.permissionsService.mayRead(user, note)) { if (!this.permissionsService.mayRead(user, note)) {
throw new UnauthorizedException('Reading note denied!'); throw new UnauthorizedException('Reading note denied!');
} }
@ -141,13 +129,12 @@ export class NotesController {
@Delete(':noteIdOrAlias') @Delete(':noteIdOrAlias')
@HttpCode(204) @HttpCode(204)
async deleteNote( async deleteNote(
@Param('noteIdOrAlias') noteIdOrAlias: string, @Param('noteIdOrAlias', GetNotePipe) note: Note,
@Body() noteMediaDeletionDto: NoteMediaDeletionDto, @Body() noteMediaDeletionDto: NoteMediaDeletionDto,
): Promise<void> { ): Promise<void> {
try { try {
// ToDo: use actual user here // ToDo: use actual user here
const user = await this.userService.getUserByUsername('hardcoded'); const user = await this.userService.getUserByUsername('hardcoded');
const note = await this.noteService.getNoteByIdOrAlias(noteIdOrAlias);
if (!this.permissionsService.isOwner(user, note)) { if (!this.permissionsService.isOwner(user, note)) {
throw new UnauthorizedException('Deleting note denied!'); throw new UnauthorizedException('Deleting note denied!');
} }
@ -159,29 +146,25 @@ export class NotesController {
await this.mediaService.removeNoteFromMediaUpload(mediaUpload); await this.mediaService.removeNoteFromMediaUpload(mediaUpload);
} }
} }
this.logger.debug('Deleting note: ' + noteIdOrAlias, 'deleteNote'); this.logger.debug('Deleting note: ' + note.id, 'deleteNote');
await this.noteService.deleteNote(note); await this.noteService.deleteNote(note);
this.logger.debug('Successfully deleted ' + noteIdOrAlias, 'deleteNote'); this.logger.debug('Successfully deleted ' + note.id, 'deleteNote');
return; return;
} catch (e) { } catch (e) {
if (e instanceof NotInDBError) { if (e instanceof NotInDBError) {
throw new NotFoundException(e.message); throw new NotFoundException(e.message);
} }
if (e instanceof ForbiddenIdError) {
throw new BadRequestException(e.message);
}
throw e; throw e;
} }
} }
@Get(':noteIdOrAlias/revisions') @Get(':noteIdOrAlias/revisions')
async getNoteRevisions( async getNoteRevisions(
@Param('noteIdOrAlias') noteIdOrAlias: string, @Param('noteIdOrAlias', GetNotePipe) note: Note,
): Promise<RevisionMetadataDto[]> { ): Promise<RevisionMetadataDto[]> {
try { try {
// ToDo: use actual user here // ToDo: use actual user here
const user = await this.userService.getUserByUsername('hardcoded'); const user = await this.userService.getUserByUsername('hardcoded');
const note = await this.noteService.getNoteByIdOrAlias(noteIdOrAlias);
if (!this.permissionsService.mayRead(user, note)) { if (!this.permissionsService.mayRead(user, note)) {
throw new UnauthorizedException('Reading note denied!'); throw new UnauthorizedException('Reading note denied!');
} }
@ -195,22 +178,18 @@ export class NotesController {
if (e instanceof NotInDBError) { if (e instanceof NotInDBError) {
throw new NotFoundException(e.message); throw new NotFoundException(e.message);
} }
if (e instanceof ForbiddenIdError) {
throw new BadRequestException(e.message);
}
throw e; throw e;
} }
} }
@Get(':noteIdOrAlias/revisions/:revisionId') @Get(':noteIdOrAlias/revisions/:revisionId')
async getNoteRevision( async getNoteRevision(
@Param('noteIdOrAlias') noteIdOrAlias: string, @Param('noteIdOrAlias', GetNotePipe) note: Note,
@Param('revisionId') revisionId: number, @Param('revisionId') revisionId: number,
): Promise<RevisionDto> { ): Promise<RevisionDto> {
try { try {
// ToDo: use actual user here // ToDo: use actual user here
const user = await this.userService.getUserByUsername('hardcoded'); const user = await this.userService.getUserByUsername('hardcoded');
const note = await this.noteService.getNoteByIdOrAlias(noteIdOrAlias);
if (!this.permissionsService.mayRead(user, note)) { if (!this.permissionsService.mayRead(user, note)) {
throw new UnauthorizedException('Reading note denied!'); throw new UnauthorizedException('Reading note denied!');
} }
@ -221,9 +200,6 @@ export class NotesController {
if (e instanceof NotInDBError) { if (e instanceof NotInDBError) {
throw new NotFoundException(e.message); throw new NotFoundException(e.message);
} }
if (e instanceof ForbiddenIdError) {
throw new BadRequestException(e.message);
}
throw e; throw e;
} }
} }