diff --git a/lib/models/author.js b/lib/models/author.ts similarity index 75% rename from lib/models/author.js rename to lib/models/author.ts index e65791cb5..0c3d2c0eb 100644 --- a/lib/models/author.js +++ b/lib/models/author.ts @@ -1,11 +1,11 @@ -'use strict' // external modules -var Sequelize = require('sequelize') +import {DataTypes} from 'sequelize'; -module.exports = function (sequelize, DataTypes) { - var Author = sequelize.define('Author', { + +function createAutorModel(sequelize) { + const Author = sequelize.define('Author', { id: { - type: Sequelize.INTEGER, + type: DataTypes.INTEGER, primaryKey: true, autoIncrement: true }, @@ -19,7 +19,7 @@ module.exports = function (sequelize, DataTypes) { fields: ['noteId', 'userId'] } ] - }) + }); Author.associate = function (models) { Author.belongsTo(models.Note, { @@ -28,7 +28,7 @@ module.exports = function (sequelize, DataTypes) { constraints: false, onDelete: 'CASCADE', hooks: true - }) + }); Author.belongsTo(models.User, { foreignKey: 'userId', as: 'user', @@ -36,7 +36,9 @@ module.exports = function (sequelize, DataTypes) { onDelete: 'CASCADE', hooks: true }) - } + }; return Author } + +export = createAutorModel diff --git a/lib/web/note/controller.js b/lib/web/note/controller.js deleted file mode 100644 index e537fe08a..000000000 --- a/lib/web/note/controller.js +++ /dev/null @@ -1,147 +0,0 @@ -'use strict' - -const models = require('../../models') -const logger = require('../../logger') -const config = require('../../config') -const errors = require('../../errors') - -const noteUtil = require('./util') -const noteActions = require('./actions') - -exports.publishNoteActions = function (req, res, next) { - noteUtil.findNote(req, res, function (note) { - const action = req.params.action - switch (action) { - case 'download': - exports.downloadMarkdown(req, res, note) - break - case 'edit': - res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id)) + '?both') - break - default: - res.redirect(config.serverURL + '/s/' + note.shortid) - break - } - }) -} - -exports.showPublishNote = function (req, res, next) { - const include = [{ - model: models.User, - as: 'owner' - }, { - model: models.User, - as: 'lastchangeuser' - }] - noteUtil.findNote(req, res, function (note) { - // force to use short id - const shortid = req.params.shortid - if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) { - return res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid)) - } - note.increment('viewcount').then(function (note) { - if (!note) { - return errors.errorNotFound(res) - } - noteUtil.getPublishData(req, res, note, (data) => { - res.set({ - 'Cache-Control': 'private' // only cache by client - }) - return res.render('pretty.ejs', data) - }) - }).catch(function (err) { - logger.error(err) - return errors.errorInternalError(res) - }) - }, include) -} - -exports.showNote = function (req, res, next) { - noteUtil.findNote(req, res, function (note) { - // force to use note id - const noteId = req.params.noteId - const id = models.Note.encodeNoteId(note.id) - if ((note.alias && noteId !== note.alias) || (!note.alias && noteId !== id)) { - return res.redirect(config.serverURL + '/' + (note.alias || id)) - } - const body = note.content - const extracted = models.Note.extractMeta(body) - const meta = models.Note.parseMeta(extracted.meta) - let title = models.Note.decodeTitle(note.title) - title = models.Note.generateWebTitle(meta.title || title) - const opengraph = models.Note.parseOpengraph(meta, title) - res.set({ - 'Cache-Control': 'private', // only cache by client - 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling - }) - return res.render('codimd.ejs', { - title: title, - opengraph: opengraph - }) - }) -} - -exports.createFromPOST = function (req, res, next) { - let body = '' - if (req.body && req.body.length > config.documentMaxLength) { - return errors.errorTooLong(res) - } else if (req.body) { - body = req.body - } - body = body.replace(/[\r]/g, '') - return noteUtil.newNote(req, res, body) -} - -exports.doAction = function (req, res, next) { - const noteId = req.params.noteId - noteUtil.findNote(req, res, function (note) { - const action = req.params.action - switch (action) { - case 'publish': - case 'pretty': // pretty deprecated - res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid)) - break - case 'slide': - res.redirect(config.serverURL + '/p/' + (note.alias || note.shortid)) - break - case 'download': - exports.downloadMarkdown(req, res, note) - break - case 'info': - noteActions.getInfo(req, res, note) - break - case 'pdf': - if (config.allowPDFExport) { - noteActions.createPDF(req, res, note) - } else { - logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details') - errors.errorForbidden(res) - } - break - case 'gist': - noteActions.createGist(req, res, note) - break - case 'revision': - noteActions.getRevision(req, res, note) - break - default: - return res.redirect(config.serverURL + '/' + noteId) - } - }) -} - -exports.downloadMarkdown = function (req, res, note) { - const body = note.content - let filename = models.Note.decodeTitle(note.title) - filename = encodeURIComponent(filename) - res.set({ - 'Access-Control-Allow-Origin': '*', // allow CORS as API - 'Access-Control-Allow-Headers': 'Range', - 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', - 'Content-Type': 'text/markdown; charset=UTF-8', - 'Cache-Control': 'private', - 'Content-disposition': 'attachment; filename=' + filename + '.md', - 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling - }) - res.send(body) -} diff --git a/lib/web/note/controller.ts b/lib/web/note/controller.ts new file mode 100644 index 000000000..d59d2d80b --- /dev/null +++ b/lib/web/note/controller.ts @@ -0,0 +1,149 @@ +import {NextFunction, Response} from "express"; +import {NoteUtils} from "./util"; + +import models from "../../models"; + +import noteActions from "./actions"; +import errors from "../../errors"; +import config from "../../config"; +import logger from "../../logger"; + +export module NoteController { + export function publishNoteActions(req: any, res: Response, next: NextFunction) { + NoteUtils.findNote(req, res, function (note) { + const action = req.params.action; + switch (action) { + case 'download': + exports.downloadMarkdown(req, res, note); + break; + case 'edit': + res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id)) + '?both'); + break; + default: + res.redirect(config.serverURL + '/s/' + note.shortid); + break + } + }) + } + + export function showPublishNote(req: any, res: Response, next: NextFunction) { + const include = [{ + model: models.User, + as: 'owner' + }, { + model: models.User, + as: 'lastchangeuser' + }]; + NoteUtils.findNote(req, res, function (note) { + // force to use short id + const shortid = req.params.shortid; + if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) { + return res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid)) + } + note.increment('viewcount').then(function (note) { + if (!note) { + return errors.errorNotFound(res) + } + NoteUtils.getPublishData(req, res, note, (data) => { + res.set({ + 'Cache-Control': 'private' // only cache by client + }); + return res.render('pretty.ejs', data) + }) + }).catch(function (err) { + logger.error(err); + return errors.errorInternalError(res) + }) + }, include) + } + + export function showNote(req: any, res: Response, next: NextFunction) { + NoteUtils.findNote(req, res, function (note) { + // force to use note id + const noteId = req.params.noteId; + const id = models.Note.encodeNoteId(note.id); + if ((note.alias && noteId !== note.alias) || (!note.alias && noteId !== id)) { + return res.redirect(config.serverURL + '/' + (note.alias || id)) + } + const body = note.content; + const extracted = models.Note.extractMeta(body); + const meta = models.Note.parseMeta(extracted.meta); + let title = models.Note.decodeTitle(note.title); + title = models.Note.generateWebTitle(meta.title || title); + const opengraph = models.Note.parseOpengraph(meta, title); + res.set({ + 'Cache-Control': 'private', // only cache by client + 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling + }); + return res.render('codimd.ejs', { + title: title, + opengraph: opengraph + }) + }) + } + + export function createFromPOST(req: any, res: Response, next: NextFunction) { + let body = ''; + if (req.body && req.body.length > config.documentMaxLength) { + return errors.errorTooLong(res) + } else if (req.body) { + body = req.body + } + body = body.replace(/[\r]/g, ''); + return NoteUtils.newNote(req, res, body) + } + + export function doAction(req: any, res: Response, next: NextFunction) { + const noteId = req.params.noteId; + NoteUtils.findNote(req, res, function (note) { + const action = req.params.action; + switch (action) { + case 'publish': + case 'pretty': // pretty deprecated + res.redirect(config.serverURL + '/s/' + (note.alias || note.shortid)); + break; + case 'slide': + res.redirect(config.serverURL + '/p/' + (note.alias || note.shortid)); + break; + case 'download': + exports.downloadMarkdown(req, res, note); + break; + case 'info': + noteActions.getInfo(req, res, note); + break; + case 'pdf': + if (config.allowPDFExport) { + noteActions.createPDF(req, res, note) + } else { + logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details'); + errors.errorForbidden(res) + } + break; + case 'gist': + noteActions.createGist(req, res, note); + break; + case 'revision': + noteActions.getRevision(req, res, note); + break; + default: + return res.redirect(config.serverURL + '/' + noteId) + } + }) + } + + export function downloadMarkdown(req: Request, res: Response, note: any) { + const body = note.content; + let filename = models.Note.decodeTitle(note.title); + filename = encodeURIComponent(filename); + res.set({ + 'Access-Control-Allow-Origin': '*', // allow CORS as API + 'Access-Control-Allow-Headers': 'Range', + 'Access-Control-Expose-Headers': 'Cache-Control, Content-Encoding, Content-Range', + 'Content-Type': 'text/markdown; charset=UTF-8', + 'Cache-Control': 'private', + 'Content-disposition': 'attachment; filename=' + filename + '.md', + 'X-Robots-Tag': 'noindex, nofollow' // prevent crawling + }); + res.send(body) + } +} diff --git a/lib/web/note/router.js b/lib/web/note/router.js deleted file mode 100644 index cf6fdf431..000000000 --- a/lib/web/note/router.js +++ /dev/null @@ -1,30 +0,0 @@ -'use strict' - -const Router = require('express').Router -const { markdownParser } = require('../utils') - -const router = module.exports = Router() - -const noteController = require('./controller') -const slide = require('./slide') - -// get new note -router.get('/new', noteController.createFromPOST) -// post new note with content -router.post('/new', markdownParser, noteController.createFromPOST) -// post new note with content and alias -router.post('/new/:noteId', markdownParser, noteController.createFromPOST) -// get publish note -router.get('/s/:shortid', noteController.showPublishNote) -// publish note actions -router.get('/s/:shortid/:action', noteController.publishNoteActions) -// get publish slide -router.get('/p/:shortid', slide.showPublishSlide) -// publish slide actions -router.get('/p/:shortid/:action', slide.publishSlideActions) -// get note by id -router.get('/:noteId', noteController.showNote) -// note actions -router.get('/:noteId/:action', noteController.doAction) -// note actions with action id -router.get('/:noteId/:action/:actionId', noteController.doAction) diff --git a/lib/web/note/router.ts b/lib/web/note/router.ts new file mode 100644 index 000000000..a200c59dd --- /dev/null +++ b/lib/web/note/router.ts @@ -0,0 +1,27 @@ +import {markdownParser} from "../utils"; + +import slide from "./slide"; +import {NoteController} from "./controller"; +import {Router} from "express"; + +const router = module.exports = Router(); +// get new note +router.get('/new', NoteController.createFromPOST); +// post new note with content +router.post('/new', markdownParser, NoteController.createFromPOST); +// post new note with content and alias +router.post('/new/:noteId', markdownParser, NoteController.createFromPOST); +// get publish note +router.get('/s/:shortid', NoteController.showPublishNote); +// publish note actions +router.get('/s/:shortid/:action', NoteController.publishNoteActions); +// get publish slide +router.get('/p/:shortid', slide.showPublishSlide); +// publish slide actions +router.get('/p/:shortid/:action', slide.publishSlideActions); +// get note by id +router.get('/:noteId', NoteController.showNote); +// note actions +router.get('/:noteId/:action', NoteController.doAction); +// note actions with action id +router.get('/:noteId/:action/:actionId', NoteController.doAction); diff --git a/lib/web/note/util.js b/lib/web/note/util.js deleted file mode 100644 index eadfb1a3d..000000000 --- a/lib/web/note/util.js +++ /dev/null @@ -1,109 +0,0 @@ -const models = require('../../models') -const logger = require('../../logger') -const config = require('../../config') -const errors = require('../../errors') -const fs = require('fs') -const path = require('path') - -exports.findNote = function (req, res, callback, include) { - const id = req.params.noteId || req.params.shortid - models.Note.parseNoteId(id, function (err, _id) { - if (err) { - logger.error(err) - return errors.errorInternalError(res) - } - models.Note.findOne({ - where: { - id: _id - }, - include: include || null - }).then(function (note) { - if (!note) { - return exports.newNote(req, res, null) - } - if (!exports.checkViewPermission(req, note)) { - return errors.errorForbidden(res) - } else { - return callback(note) - } - }).catch(function (err) { - logger.error(err) - return errors.errorInternalError(res) - }) - }) -} - -exports.checkViewPermission = function (req, note) { - if (note.permission === 'private') { - return !(!req.isAuthenticated() || note.ownerId !== req.user.id) - } else if (note.permission === 'limited' || note.permission === 'protected') { - return req.isAuthenticated() - } else { - return true - } -} - -exports.newNote = function (req, res, body) { - let owner = null - const noteId = req.params.noteId ? req.params.noteId : null - if (req.isAuthenticated()) { - owner = req.user.id - } else if (!config.allowAnonymous) { - return errors.errorForbidden(res) - } - if (config.allowFreeURL && noteId && !config.forbiddenNoteIDs.includes(noteId)) { - req.alias = noteId - } else if (noteId) { - return req.method === 'POST' ? errors.errorForbidden(res) : errors.errorNotFound(res) - } - models.Note.create({ - ownerId: owner, - alias: req.alias ? req.alias : null, - content: body - }).then(function (note) { - return res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id))) - }).catch(function (err) { - logger.error(err) - return errors.errorInternalError(res) - }) -} - -exports.getPublishData = function (req, res, note, callback) { - const body = note.content - const extracted = models.Note.extractMeta(body) - const markdown = extracted.markdown - const meta = models.Note.parseMeta(extracted.meta) - const createtime = note.createdAt - const updatetime = note.lastchangeAt - let title = models.Note.decodeTitle(note.title) - title = models.Note.generateWebTitle(meta.title || title) - const ogdata = models.Note.parseOpengraph(meta, title) - const data = { - title: title, - description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null), - viewcount: note.viewcount, - createtime: createtime, - updatetime: updatetime, - body: markdown, - theme: meta.slideOptions && isRevealTheme(meta.slideOptions.theme), - meta: JSON.stringify(extracted.meta), - owner: note.owner ? note.owner.id : null, - ownerprofile: note.owner ? models.User.getProfile(note.owner) : null, - lastchangeuser: note.lastchangeuser ? note.lastchangeuser.id : null, - lastchangeuserprofile: note.lastchangeuser ? models.User.getProfile(note.lastchangeuser) : null, - robots: meta.robots || false, // default allow robots - GA: meta.GA, - disqus: meta.disqus, - cspNonce: res.locals.nonce, - dnt: req.headers.dnt, - opengraph: ogdata - } - callback(data) -} - -function isRevealTheme (theme) { - if (fs.existsSync(path.join(__dirname, '..', 'public', 'build', 'reveal.js', 'css', 'theme', theme + '.css'))) { - return theme - } - return undefined -} diff --git a/lib/web/note/util.ts b/lib/web/note/util.ts new file mode 100644 index 000000000..09cd60e94 --- /dev/null +++ b/lib/web/note/util.ts @@ -0,0 +1,115 @@ +import {Includeable} from "sequelize"; +import {Response} from "express"; + +import path from "path"; +import fs from "fs"; +import errors from "../../errors"; +import config from "../../config"; +import logger from "../../logger"; +import models from "../../models"; + +export module NoteUtils { + export function findNote(req, res, callback: (note: any) => void, include?: Includeable[]) { + const id = req.params.noteId || req.params.shortid; + models.Note.parseNoteId(id, function (err, _id) { + if (err) { + logger.error(err); + return errors.errorInternalError(res) + } + models.Note.findOne({ + where: { + id: _id + }, + include: include || null + }).then(function (note) { + if (!note) { + return newNote(req, res, null) + } + if (!checkViewPermission(req, note)) { + return errors.errorForbidden(res) + } else { + return callback(note) + } + }).catch(function (err) { + logger.error(err); + return errors.errorInternalError(res) + }) + }) + } + + export function checkViewPermission(req: any, note: any) { + if (note.permission === 'private') { + return !(!req.isAuthenticated() || note.ownerId !== req.user.id) + } else if (note.permission === 'limited' || note.permission === 'protected') { + return req.isAuthenticated() + } else { + return true + } + } + + export function newNote(req: any, res: Response, body: string) { + let owner = null; + const noteId = req.params.noteId ? req.params.noteId : null; + if (req.isAuthenticated()) { + owner = req.user.id + } else if (!config.allowAnonymous) { + return errors.errorForbidden(res) + } + if (config.allowFreeURL && noteId && !config.forbiddenNoteIDs.includes(noteId)) { + req.alias = noteId + } else if (noteId) { + return req.method === 'POST' ? errors.errorForbidden(res) : errors.errorNotFound(res) + } + models.Note.create({ + ownerId: owner, + alias: req.alias ? req.alias : null, + content: body + }).then(function (note) { + return res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id))) + }).catch(function (err) { + logger.error(err); + return errors.errorInternalError(res) + }) + } + + export function getPublishData(req: any, res: Response, note: any, callback: (data: any) => void) { + const body = note.content; + const extracted = models.Note.extractMeta(body); + const markdown = extracted.markdown; + const meta = models.Note.parseMeta(extracted.meta); + const createtime = note.createdAt; + const updatetime = note.lastchangeAt; + let title = models.Note.decodeTitle(note.title); + title = models.Note.generateWebTitle(meta.title || title); + const ogdata = models.Note.parseOpengraph(meta, title); + const data = { + title: title, + description: meta.description || (markdown ? models.Note.generateDescription(markdown) : null), + viewcount: note.viewcount, + createtime: createtime, + updatetime: updatetime, + body: markdown, + theme: meta.slideOptions && isRevealTheme(meta.slideOptions.theme), + meta: JSON.stringify(extracted.meta), + owner: note.owner ? note.owner.id : null, + ownerprofile: note.owner ? models.User.getProfile(note.owner) : null, + lastchangeuser: note.lastchangeuser ? note.lastchangeuser.id : null, + lastchangeuserprofile: note.lastchangeuser ? models.User.getProfile(note.lastchangeuser) : null, + robots: meta.robots || false, // default allow robots + GA: meta.GA, + disqus: meta.disqus, + cspNonce: res.locals.nonce, + dnt: req.headers.dnt, + opengraph: ogdata + }; + callback(data) + } + + function isRevealTheme(theme: string) { + if (fs.existsSync(path.join(__dirname, '..', 'public', 'build', 'reveal.js', 'css', 'theme', theme + '.css'))) { + return theme + } + return undefined + } +} +