mirror of
https://github.com/ether/etherpad-lite.git
synced 2025-05-05 06:37:10 -04:00
11a1ea0d80
I moved the routes for requests that handle readonly, export or import requests into seperate modules.
83 lines
1.8 KiB
JavaScript
83 lines
1.8 KiB
JavaScript
var async = require('async');
|
|
var ERR = require('async-stacktrace');
|
|
|
|
module.exports = function(app)
|
|
{
|
|
//TODO put this into module
|
|
//checks for padAccess
|
|
function hasPadAccess(req, res, callback)
|
|
{
|
|
app.securityManager.checkAccess(req.params.pad, req.cookies.sessionid, req.cookies.token, req.cookies.password, function(err, accessObj)
|
|
{
|
|
if(ERR(err, callback)) return;
|
|
|
|
//there is access, continue
|
|
if(accessObj.accessStatus == "grant")
|
|
{
|
|
callback();
|
|
}
|
|
//no access
|
|
else
|
|
{
|
|
res.send("403 - Can't touch this", 403);
|
|
}
|
|
});
|
|
}
|
|
|
|
//serve read only pad
|
|
app.get('/ro/:id', function(req, res)
|
|
{
|
|
var html;
|
|
var padId;
|
|
var pad;
|
|
|
|
async.series([
|
|
//translate the read only pad to a padId
|
|
function(callback)
|
|
{
|
|
app.readOnlyManager.getPadId(req.params.id, function(err, _padId)
|
|
{
|
|
if(ERR(err, callback)) return;
|
|
|
|
padId = _padId;
|
|
|
|
//we need that to tell hasPadAcess about the pad
|
|
req.params.pad = padId;
|
|
|
|
callback();
|
|
});
|
|
},
|
|
//render the html document
|
|
function(callback)
|
|
{
|
|
//return if the there is no padId
|
|
if(padId == null)
|
|
{
|
|
callback("notfound");
|
|
return;
|
|
}
|
|
|
|
hasPadAccess(req, res, function()
|
|
{
|
|
//render the html document
|
|
app.exporthtml.getPadHTMLDocument(padId, null, false, function(err, _html)
|
|
{
|
|
if(ERR(err, callback)) return;
|
|
html = _html;
|
|
callback();
|
|
});
|
|
});
|
|
}
|
|
], function(err)
|
|
{
|
|
//throw any unexpected error
|
|
if(err && err != "notfound")
|
|
ERR(err);
|
|
|
|
if(err == "notfound")
|
|
res.send('404 - Not Found', 404);
|
|
else
|
|
res.send(html);
|
|
});
|
|
});
|
|
};
|