Skip to content

Commit

Permalink
Update controllers to use new user model
Browse files Browse the repository at this point in the history
  • Loading branch information
advplyr committed Aug 10, 2024
1 parent 202ceb0 commit 68ef3a0
Show file tree
Hide file tree
Showing 20 changed files with 396 additions and 304 deletions.
12 changes: 6 additions & 6 deletions server/controllers/AuthorController.js
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ class AuthorController {

// Used on author landing page to include library items and items grouped in series
if (include.includes('items')) {
authorJson.libraryItems = await Database.libraryItemModel.getForAuthor(req.author, req.user)
authorJson.libraryItems = await Database.libraryItemModel.getForAuthor(req.author, req.userNew)

if (include.includes('series')) {
const seriesMap = {}
Expand Down Expand Up @@ -222,8 +222,8 @@ class AuthorController {
* @param {import('express').Response} res
*/
async uploadImage(req, res) {
if (!req.user.canUpload) {
Logger.warn('User attempted to upload an image without permission', req.user)
if (!req.userNew.canUpload) {
Logger.warn(`User "${req.userNew.username}" attempted to upload an image without permission`)
return res.sendStatus(403)
}
if (!req.body.url) {
Expand Down Expand Up @@ -362,11 +362,11 @@ class AuthorController {
const author = await Database.authorModel.getOldById(req.params.id)
if (!author) return res.sendStatus(404)

if (req.method == 'DELETE' && !req.user.canDelete) {
Logger.warn(`[AuthorController] User attempted to delete without permission`, req.user)
if (req.method == 'DELETE' && !req.userNew.canDelete) {
Logger.warn(`[AuthorController] User "${req.userNew.username}" attempted to delete without permission`)
return res.sendStatus(403)
} else if ((req.method == 'PATCH' || req.method == 'POST') && !req.user.canUpdate) {
Logger.warn('[AuthorController] User attempted to update without permission', req.user)
Logger.warn(`[AuthorController] User "${req.userNew.username}" attempted to update without permission`)
return res.sendStatus(403)
}

Expand Down
4 changes: 2 additions & 2 deletions server/controllers/BackupController.js
Original file line number Diff line number Diff line change
Expand Up @@ -113,8 +113,8 @@ class BackupController {
}

middleware(req, res, next) {
if (!req.user.isAdminOrUp) {
Logger.error(`[BackupController] Non-admin user attempting to access backups`, req.user)
if (!req.userNew.isAdminOrUp) {
Logger.error(`[BackupController] Non-admin user "${req.userNew.username}" attempting to access backups`)
return res.sendStatus(403)
}

Expand Down
8 changes: 4 additions & 4 deletions server/controllers/CacheController.js
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
const CacheManager = require('../managers/CacheManager')

class CacheController {
constructor() { }
constructor() {}

// POST: api/cache/purge
async purgeCache(req, res) {
if (!req.user.isAdminOrUp) {
if (!req.userNew.isAdminOrUp) {
return res.sendStatus(403)
}
await CacheManager.purgeAll()
Expand All @@ -14,11 +14,11 @@ class CacheController {

// POST: api/cache/items/purge
async purgeItemsCache(req, res) {
if (!req.user.isAdminOrUp) {
if (!req.userNew.isAdminOrUp) {
return res.sendStatus(403)
}
await CacheManager.purgeItems()
res.sendStatus(200)
}
}
module.exports = new CacheController()
module.exports = new CacheController()
58 changes: 29 additions & 29 deletions server/controllers/CollectionController.js
Original file line number Diff line number Diff line change
Expand Up @@ -6,17 +6,17 @@ const Database = require('../Database')
const Collection = require('../objects/Collection')

class CollectionController {
constructor() { }
constructor() {}

/**
* POST: /api/collections
* Create new collection
* @param {*} req
* @param {*} res
* @param {*} req
* @param {*} res
*/
async create(req, res) {
const newCollection = new Collection()
req.body.userId = req.user.id
req.body.userId = req.userNew.id
if (!newCollection.setData(req.body)) {
return res.status(400).send('Invalid collection data')
}
Expand All @@ -31,7 +31,7 @@ class CollectionController {
let order = 1
const collectionBooksToAdd = []
for (const libraryItemId of newCollection.books) {
const libraryItem = libraryItemsInCollection.find(li => li.id === libraryItemId)
const libraryItem = libraryItemsInCollection.find((li) => li.id === libraryItemId)
if (libraryItem) {
collectionBooksToAdd.push({
collectionId: newCollection.id,
Expand All @@ -50,7 +50,7 @@ class CollectionController {
}

async findAll(req, res) {
const collectionsExpanded = await Database.collectionModel.getOldCollectionsJsonExpanded(req.user)
const collectionsExpanded = await Database.collectionModel.getOldCollectionsJsonExpanded(req.userNew)
res.json({
collections: collectionsExpanded
})
Expand All @@ -59,7 +59,7 @@ class CollectionController {
async findOne(req, res) {
const includeEntities = (req.query.include || '').split(',')

const collectionExpanded = await req.collection.getOldJsonExpanded(req.user, includeEntities)
const collectionExpanded = await req.collection.getOldJsonExpanded(req.userNew, includeEntities)
if (!collectionExpanded) {
// This may happen if the user is restricted from all books
return res.sendStatus(404)
Expand All @@ -71,8 +71,8 @@ class CollectionController {
/**
* PATCH: /api/collections/:id
* Update collection
* @param {*} req
* @param {*} res
* @param {*} req
* @param {*} res
*/
async update(req, res) {
let wasUpdated = false
Expand Down Expand Up @@ -102,8 +102,8 @@ class CollectionController {
order: [['order', 'ASC']]
})
collectionBooks.sort((a, b) => {
const aIndex = req.body.books.findIndex(lid => lid === a.book.libraryItem.id)
const bIndex = req.body.books.findIndex(lid => lid === b.book.libraryItem.id)
const aIndex = req.body.books.findIndex((lid) => lid === a.book.libraryItem.id)
const bIndex = req.body.books.findIndex((lid) => lid === b.book.libraryItem.id)
return aIndex - bIndex
})
for (let i = 0; i < collectionBooks.length; i++) {
Expand Down Expand Up @@ -139,8 +139,8 @@ class CollectionController {
* POST: /api/collections/:id/book
* Add a single book to a collection
* Req.body { id: <library item id> }
* @param {*} req
* @param {*} res
* @param {*} req
* @param {*} res
*/
async addBook(req, res) {
const libraryItem = await Database.libraryItemModel.getOldById(req.body.id)
Expand All @@ -153,7 +153,7 @@ class CollectionController {

// Check if book is already in collection
const collectionBooks = await req.collection.getCollectionBooks()
if (collectionBooks.some(cb => cb.bookId === libraryItem.media.id)) {
if (collectionBooks.some((cb) => cb.bookId === libraryItem.media.id)) {
return res.status(400).send('Book already in collection')
}

Expand All @@ -172,8 +172,8 @@ class CollectionController {
* DELETE: /api/collections/:id/book/:bookId
* Remove a single book from a collection. Re-order books
* TODO: bookId is actually libraryItemId. Clients need updating to use bookId
* @param {*} req
* @param {*} res
* @param {*} req
* @param {*} res
*/
async removeBook(req, res) {
const libraryItem = await Database.libraryItemModel.getOldById(req.params.bookId)
Expand All @@ -187,7 +187,7 @@ class CollectionController {
})

let jsonExpanded = null
const collectionBookToRemove = collectionBooks.find(cb => cb.bookId === libraryItem.media.id)
const collectionBookToRemove = collectionBooks.find((cb) => cb.bookId === libraryItem.media.id)
if (collectionBookToRemove) {
// Remove collection book record
await collectionBookToRemove.destroy()
Expand Down Expand Up @@ -216,12 +216,12 @@ class CollectionController {
* POST: /api/collections/:id/batch/add
* Add multiple books to collection
* Req.body { books: <Array of library item ids> }
* @param {*} req
* @param {*} res
* @param {*} req
* @param {*} res
*/
async addBatch(req, res) {
// filter out invalid libraryItemIds
const bookIdsToAdd = (req.body.books || []).filter(b => !!b && typeof b == 'string')
const bookIdsToAdd = (req.body.books || []).filter((b) => !!b && typeof b == 'string')
if (!bookIdsToAdd.length) {
return res.status(500).send('Invalid request body')
}
Expand All @@ -247,7 +247,7 @@ class CollectionController {

// Check and set new collection books to add
for (const libraryItem of libraryItems) {
if (!collectionBooks.some(cb => cb.bookId === libraryItem.media.id)) {
if (!collectionBooks.some((cb) => cb.bookId === libraryItem.media.id)) {
collectionBooksToAdd.push({
collectionId: req.collection.id,
bookId: libraryItem.media.id,
Expand All @@ -274,12 +274,12 @@ class CollectionController {
* POST: /api/collections/:id/batch/remove
* Remove multiple books from collection
* Req.body { books: <Array of library item ids> }
* @param {*} req
* @param {*} res
* @param {*} req
* @param {*} res
*/
async removeBatch(req, res) {
// filter out invalid libraryItemIds
const bookIdsToRemove = (req.body.books || []).filter(b => !!b && typeof b == 'string')
const bookIdsToRemove = (req.body.books || []).filter((b) => !!b && typeof b == 'string')
if (!bookIdsToRemove.length) {
return res.status(500).send('Invalid request body')
}
Expand All @@ -305,7 +305,7 @@ class CollectionController {
let order = 1
let hasUpdated = false
for (const collectionBook of collectionBooks) {
if (libraryItems.some(li => li.media.id === collectionBook.bookId)) {
if (libraryItems.some((li) => li.media.id === collectionBook.bookId)) {
await collectionBook.destroy()
hasUpdated = true
continue
Expand Down Expand Up @@ -334,15 +334,15 @@ class CollectionController {
req.collection = collection
}

if (req.method == 'DELETE' && !req.user.canDelete) {
Logger.warn(`[CollectionController] User attempted to delete without permission`, req.user.username)
if (req.method == 'DELETE' && !req.userNew.canDelete) {
Logger.warn(`[CollectionController] User "${req.userNew.username}" attempted to delete without permission`)
return res.sendStatus(403)
} else if ((req.method == 'PATCH' || req.method == 'POST') && !req.user.canUpdate) {
Logger.warn('[CollectionController] User attempted to update without permission', req.user.username)
Logger.warn(`[CollectionController] User "${req.userNew.username}" attempted to update without permission`)
return res.sendStatus(403)
}

next()
}
}
module.exports = new CollectionController()
module.exports = new CollectionController()
33 changes: 18 additions & 15 deletions server/controllers/CustomMetadataProviderController.js
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ const { validateUrl } = require('../utils/index')
// This is a controller for routes that don't have a home yet :(
//
class CustomMetadataProviderController {
constructor() { }
constructor() {}

/**
* GET: /api/custom-metadata-providers
Expand Down Expand Up @@ -47,7 +47,7 @@ class CustomMetadataProviderController {
name,
mediaType,
url,
authHeaderValue: !authHeaderValue ? null : authHeaderValue,
authHeaderValue: !authHeaderValue ? null : authHeaderValue
})

// TODO: Necessary to emit to all clients?
Expand All @@ -60,7 +60,7 @@ class CustomMetadataProviderController {

/**
* DELETE: /api/custom-metadata-providers/:id
*
*
* @param {import('express').Request} req
* @param {import('express').Response} res
*/
Expand All @@ -76,13 +76,16 @@ class CustomMetadataProviderController {
await provider.destroy()

// Libraries using this provider fallback to default provider
await Database.libraryModel.update({
provider: fallbackProvider
}, {
where: {
provider: slug
await Database.libraryModel.update(
{
provider: fallbackProvider
},
{
where: {
provider: slug
}
}
})
)

// TODO: Necessary to emit to all clients?
SocketAuthority.emitter('custom_metadata_provider_removed', providerClientJson)
Expand All @@ -92,14 +95,14 @@ class CustomMetadataProviderController {

/**
* Middleware that requires admin or up
*
* @param {import('express').Request} req
* @param {import('express').Response} res
* @param {import('express').NextFunction} next
*
* @param {import('express').Request} req
* @param {import('express').Response} res
* @param {import('express').NextFunction} next
*/
async middleware(req, res, next) {
if (!req.user.isAdminOrUp) {
Logger.warn(`[CustomMetadataProviderController] Non-admin user "${req.user.username}" attempted access route "${req.path}"`)
if (!req.userNew.isAdminOrUp) {
Logger.warn(`[CustomMetadataProviderController] Non-admin user "${req.userNew.username}" attempted access route "${req.path}"`)
return res.sendStatus(403)
}

Expand Down
18 changes: 9 additions & 9 deletions server/controllers/EmailController.js
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ const SocketAuthority = require('../SocketAuthority')
const Database = require('../Database')

class EmailController {
constructor() { }
constructor() {}

getSettings(req, res) {
res.json({
Expand Down Expand Up @@ -54,20 +54,20 @@ class EmailController {
/**
* Send ebook to device
* User must have access to device and library item
*
* @param {import('express').Request} req
* @param {import('express').Response} res
*
* @param {import('express').Request} req
* @param {import('express').Response} res
*/
async sendEBookToDevice(req, res) {
Logger.debug(`[EmailController] Send ebook to device requested by user "${req.user.username}" for libraryItemId=${req.body.libraryItemId}, deviceName=${req.body.deviceName}`)
Logger.debug(`[EmailController] Send ebook to device requested by user "${req.userNew.username}" for libraryItemId=${req.body.libraryItemId}, deviceName=${req.body.deviceName}`)

const device = Database.emailSettings.getEReaderDevice(req.body.deviceName)
if (!device) {
return res.status(404).send('Ereader device not found')
}

// Check user has access to device
if (!Database.emailSettings.checkUserCanAccessDevice(device, req.user)) {
if (!Database.emailSettings.checkUserCanAccessDevice(device, req.userNew)) {
return res.sendStatus(403)
}

Expand All @@ -77,7 +77,7 @@ class EmailController {
}

// Check user has access to library item
if (!req.user.checkCanAccessLibraryItem(libraryItem)) {
if (!req.userNew.checkCanAccessLibraryItem(libraryItem)) {
return res.sendStatus(403)
}

Expand All @@ -90,11 +90,11 @@ class EmailController {
}

adminMiddleware(req, res, next) {
if (!req.user.isAdminOrUp) {
if (!req.userNew.isAdminOrUp) {
return res.sendStatus(404)
}

next()
}
}
module.exports = new EmailController()
module.exports = new EmailController()
Loading

0 comments on commit 68ef3a0

Please sign in to comment.