Mirror/filesafe
1
0
Fork 0
mirror of https://github.com/BobbyWibowo/lolisafe.git synced 2025-01-18 17:21:33 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

refactor: make use of improved utils.authorize()

Browse Source
This commit is contained in:
Bobby Wibowo 2021-01-08 10:50:25 +07:00
parent c1562e11f4
commit a5607c00f6
No known key found for this signature in database
GPG Key ID: 51C3A1E1E22D26CF
3 changed files with 16 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
controllers/albumsController.js
View File

@ -74,8 +74,7 @@ self.getUniqueRandomName = async () => {
self.list = async (req, res, next) => {
try {
const user = await utils.authorize(req, res)
if (!user) return
const user = await utils.authorize(req)
const all = req.headers.all === '1'
const simple = req.headers.simple
@ -173,8 +172,7 @@ self.list = async (req, res, next) => {
self.create = async (req, res, next) => {
try {
const user = await utils.authorize(req, res)
if (!user) return
const user = await utils.authorize(req)
const name = typeof req.body.name === 'string'
? utils.escape(req.body.name.trim().substring(0, self.titleMaxLength))
@ -224,8 +222,7 @@ self.delete = async (req, res, next) => {
self.disable = async (req, res, next) => {
try {
const user = await utils.authorize(req, res)
if (!user) return
const user = await utils.authorize(req)
const id = req.body.id
const purge = req.body.purge
@ -278,8 +275,7 @@ self.disable = async (req, res, next) => {
self.edit = async (req, res, next) => {
try {
const user = await utils.authorize(req, res)
if (!user) return
const user = await utils.authorize(req)
const ismoderator = perms.is(user, 'moderator')
@ -592,8 +588,7 @@ self.listFiles = async (req, res, next) => {
self.addFiles = async (req, res, next) => {
let ids, albumid, failed, albumids
try {
const user = await utils.authorize(req, res)
if (!user) return
const user = await utils.authorize(req)
ids = req.body.ids
if (!Array.isArray(ids) || !ids.length) {

15
controllers/authController.js
View File

@ -118,8 +118,7 @@ self.register = async (req, res, next) => {
self.changePassword = async (req, res, next) => {
try {
const user = await utils.authorize(req, res)
if (!user) return
const user = await utils.authorize(req)
const password = typeof req.body.password === 'string'
? req.body.password.trim()
@ -152,8 +151,7 @@ self.assertPermission = (user, target) => {
self.createUser = async (req, res, next) => {
try {
const user = await utils.authorize(req, res)
if (!user) return
const user = await utils.authorize(req)
const isadmin = perms.is(user, 'admin')
if (!isadmin) return res.status(403).end()
@ -219,8 +217,7 @@ self.createUser = async (req, res, next) => {
self.editUser = async (req, res, next) => {
try {
const user = await utils.authorize(req, res)
if (!user) return
const user = await utils.authorize(req)
const isadmin = perms.is(user, 'admin')
if (!isadmin) throw new ClientError('', { statusCode: 403 })
@ -279,8 +276,7 @@ self.disableUser = async (req, res, next) => {
self.deleteUser = async (req, res, next) => {
try {
const user = await utils.authorize(req, res)
if (!user) return
const user = await utils.authorize(req)
const isadmin = perms.is(user, 'admin')
if (!isadmin) throw new ClientError('', { statusCode: 403 })
@ -354,8 +350,7 @@ self.bulkDeleteUsers = async (req, res, next) => {
self.listUsers = async (req, res, next) => {
try {
const user = await utils.authorize(req, res)
if (!user) return
const user = await utils.authorize(req)
const isadmin = perms.is(user, 'admin')
if (!isadmin) throw new ClientError('', { statusCode: 403 })

25
controllers/uploadController.js
View File

@ -259,15 +259,9 @@ self.upload = async (req, res, next) => {
try {
let user
if (config.private === true) {
user = await utils.authorize(req, res)
if (!user) return
user = await utils.authorize(req)
} else if (req.headers.token) {
user = await db.table('users')
.where('token', req.headers.token)
.first()
if (user && (user.enabled === false || user.enabled === 0)) {
throw new ClientError('This account has been disabled.', { statusCode: 403 })
}
user = await utils.assertUser(req.headers.token)
}
let albumid = parseInt(req.headers.albumid || req.params.albumid)
@ -476,15 +470,10 @@ self.finishChunks = async (req, res, next) => {
let user
if (config.private === true) {
user = await utils.authorize(req, res)
user = await utils.authorize(req)
if (!user) return
} else if (req.headers.token) {
user = await db.table('users')
.where('token', req.headers.token)
.first()
if (user && (user.enabled === false || user.enabled === 0)) {
throw new ClientError('This account has been disabled.', { statusCode: 403 })
}
user = await utils.assertUser(req.headers.token)
}
await self.actuallyFinishChunks(req, res, user)
@ -847,8 +836,7 @@ self.delete = async (req, res, next) => {
self.bulkDelete = async (req, res, next) => {
try {
const user = await utils.authorize(req, res)
if (!user) return
const user = await utils.authorize(req)
const field = req.body.field || 'id'
const values = req.body.values
@ -866,8 +854,7 @@ self.bulkDelete = async (req, res, next) => {
self.list = async (req, res, next) => {
try {
const user = await utils.authorize(req, res)
if (!user) return
const user = await utils.authorize(req)
const all = req.headers.all === '1'
const filters = req.headers.filters