refactor res.locals and settings
This commit is contained in:
lesion
@@ -100,7 +100,7 @@ const eventController = {
|
||||
|
||||
async get (req, res) {
|
||||
const format = req.params.format || 'json'
|
||||
const is_admin = req.user && req.user.is_admin
|
||||
const is_admin = res.locals.user && res.locals.user.is_admin
|
||||
const slug = req.params.event_slug
|
||||
|
||||
// retrocompatibility, old events URL does not use slug, use id as fallback
|
||||
@@ -206,7 +206,7 @@ const eventController = {
|
||||
log.warn(`Trying to confirm a unknown event, id: ${id}`)
|
||||
return res.sendStatus(404)
|
||||
}
|
||||
if (!req.user.is_admin && req.user.id !== event.userId) {
|
||||
if (!res.locals.user.is_admin && res.locals.user.id !== event.userId) {
|
||||
log.warn(`Someone unallowed is trying to confirm -> "${event.title} `)
|
||||
return res.sendStatus(403)
|
||||
}
|
||||
@@ -232,7 +232,7 @@ const eventController = {
|
||||
const id = Number(req.params.event_id)
|
||||
const event = await Event.findByPk(id)
|
||||
if (!event) { return req.sendStatus(404) }
|
||||
if (!req.user.is_admin && req.user.id !== event.userId) {
|
||||
if (!res.locals.user.is_admin && res.locals.user.id !== event.userId) {
|
||||
return res.sendStatus(403)
|
||||
}
|
||||
|
||||
@@ -315,7 +315,7 @@ const eventController = {
|
||||
end_datetime: body.end_datetime,
|
||||
recurrent,
|
||||
// publish this event only if authenticated
|
||||
is_visible: !!req.user
|
||||
is_visible: !!res.locals.user
|
||||
}
|
||||
|
||||
if (req.file || body.image_url) {
|
||||
@@ -358,9 +358,9 @@ const eventController = {
|
||||
}
|
||||
|
||||
// associate user to event and reverse
|
||||
if (req.user) {
|
||||
await req.user.addEvent(event)
|
||||
await event.setUser(req.user)
|
||||
if (res.locals.user) {
|
||||
await res.locals.user.addEvent(event)
|
||||
await event.setUser(res.locals.user)
|
||||
}
|
||||
|
||||
// return created event to the client
|
||||
@@ -382,15 +382,15 @@ const eventController = {
|
||||
},
|
||||
|
||||
async update (req, res) {
|
||||
if (req.err) {
|
||||
return res.status(400).json(req.err.toString())
|
||||
if (res.locals.err) {
|
||||
return res.status(400).json(res.locals.err.toString())
|
||||
}
|
||||
|
||||
try {
|
||||
const body = req.body
|
||||
const event = await Event.findByPk(body.id)
|
||||
if (!event) { return res.sendStatus(404) }
|
||||
if (!req.user.is_admin && event.userId !== req.user.id) {
|
||||
if (!res.locals.user.is_admin && event.userId !== res.locals.user.id) {
|
||||
return res.sendStatus(403)
|
||||
}
|
||||
|
||||
@@ -470,7 +470,7 @@ const eventController = {
|
||||
async remove (req, res) {
|
||||
const event = await Event.findByPk(req.params.id)
|
||||
// check if event is mine (or user is admin)
|
||||
if (event && (req.user.is_admin || req.user.id === event.userId)) {
|
||||
if (event && (res.locals.user.is_admin || res.locals.user.id === event.userId)) {
|
||||
if (event.media && event.media.length && !event.recurrent) {
|
||||
const old_path = path.join(config.upload_path, event.media[0].url)
|
||||
const old_thumb_path = path.join(config.upload_path, 'thumb', event.media[0].url)
|
||||
|
||||
@@ -5,6 +5,7 @@ const Tag = require('../models/tag')
|
||||
const { Op, literal } = require('sequelize')
|
||||
const moment = require('dayjs')
|
||||
const ics = require('ics')
|
||||
const settingsController = require('./settings')
|
||||
|
||||
const exportController = {
|
||||
|
||||
@@ -69,8 +70,9 @@ const exportController = {
|
||||
},
|
||||
|
||||
feed (req, res, events) {
|
||||
const settings = settingsController.settings
|
||||
res.type('application/rss+xml; charset=UTF-8')
|
||||
res.render('feed/rss.pug', { events, settings: req.settings, moment })
|
||||
res.render('feed/rss.pug', { events, settings, moment })
|
||||
},
|
||||
|
||||
/**
|
||||
@@ -79,6 +81,7 @@ const exportController = {
|
||||
* @param {*} alarms https://github.com/adamgibbons/ics#attributes (alarms)
|
||||
*/
|
||||
ics (req, res, events, alarms = []) {
|
||||
const settings = settingsController.settings
|
||||
const eventsMap = events.map(e => {
|
||||
const tmpStart = moment.unix(e.start_datetime)
|
||||
const tmpEnd = moment.unix(e.end_datetime)
|
||||
@@ -89,10 +92,10 @@ const exportController = {
|
||||
// startOutputType: 'utc',
|
||||
end,
|
||||
// endOutputType: 'utc',
|
||||
title: `[${req.settings.title}] ${e.title}`,
|
||||
title: `[${settings.title}] ${e.title}`,
|
||||
description: e.description,
|
||||
location: `${e.place.name} - ${e.place.address}`,
|
||||
url: `${req.settings.baseurl}/event/${e.slug || e.id}`,
|
||||
url: `${settings.baseurl}/event/${e.slug || e.id}`,
|
||||
alarms
|
||||
}
|
||||
})
|
||||
|
||||
@@ -63,7 +63,7 @@ const oauthController = {
|
||||
|
||||
async getClients (req, res) {
|
||||
const tokens = await OAuthToken.findAll({
|
||||
include: [{ model: User, where: { id: req.user.id } }, { model: OAuthClient, as: 'client' }],
|
||||
include: [{ model: User, where: { id: res.locals.user.id } }, { model: OAuthClient, as: 'client' }],
|
||||
raw: true,
|
||||
nest: true
|
||||
})
|
||||
|
||||
@@ -15,7 +15,7 @@ const userController = {
|
||||
if (!user) { return res.sendStatus(200) }
|
||||
|
||||
user.recover_code = crypto.randomBytes(16).toString('hex')
|
||||
mail.send(user.email, 'recover', { user, config }, req.settings.locale)
|
||||
mail.send(user.email, 'recover', { user, config }, res.locals.locale)
|
||||
|
||||
await user.save()
|
||||
res.sendStatus(200)
|
||||
@@ -44,13 +44,13 @@ const userController = {
|
||||
},
|
||||
|
||||
async current (req, res) {
|
||||
if (!req.user) { return res.status(400).send('Not logged') }
|
||||
const user = await User.scope('withoutPassword').findByPk(req.user.id)
|
||||
if (!res.locals.user) { return res.status(400).send('Not logged') }
|
||||
const user = await User.scope('withoutPassword').findByPk(res.locals.user.id)
|
||||
res.json(user)
|
||||
},
|
||||
|
||||
async getAll (req, res) {
|
||||
const users = await User.scope(req.user.is_admin ? 'withRecover' : 'withoutPassword').findAll({
|
||||
const users = await User.scope(res.locals.user.is_admin ? 'withRecover' : 'withoutPassword').findAll({
|
||||
order: [['is_admin', 'DESC'], ['createdAt', 'DESC']]
|
||||
})
|
||||
res.json(users)
|
||||
@@ -62,14 +62,14 @@ const userController = {
|
||||
|
||||
if (!user) { return res.status(404).json({ success: false, message: 'User not found!' }) }
|
||||
|
||||
if (req.body.id !== req.user.id && !req.user.is_admin) {
|
||||
if (req.body.id !== res.locals.user.id && !res.locals.user.is_admin) {
|
||||
return res.status(400).json({ succes: false, message: 'Not allowed' })
|
||||
}
|
||||
|
||||
if (!req.body.password) { delete req.body.password }
|
||||
|
||||
if (!user.is_active && req.body.is_active && user.recover_code) {
|
||||
mail.send(user.email, 'confirm', { user, config }, req.settings.locale)
|
||||
mail.send(user.email, 'confirm', { user, config }, res.locals.settings.locale)
|
||||
}
|
||||
|
||||
await user.update(req.body)
|
||||
@@ -99,7 +99,7 @@ const userController = {
|
||||
log.info('Register user ', req.body.email)
|
||||
const user = await User.create(req.body)
|
||||
log.info(`Sending registration email to ${user.email}`)
|
||||
mail.send(user.email, 'register', { user, config }, req.settings.locale)
|
||||
mail.send(user.email, 'register', { user, config }, res.locales.locale)
|
||||
mail.send(settingsController.settings.admin_email, 'admin_register', { user, config })
|
||||
res.sendStatus(200)
|
||||
} catch (e) {
|
||||
@@ -113,7 +113,7 @@ const userController = {
|
||||
req.body.is_active = true
|
||||
req.body.recover_code = crypto.randomBytes(16).toString('hex')
|
||||
const user = await User.scope('withRecover').create(req.body)
|
||||
mail.send(user.email, 'user_confirm', { user, config }, req.settings.locale)
|
||||
mail.send(user.email, 'user_confirm', { user, config }, res.locales.locale)
|
||||
res.json(user)
|
||||
} catch (e) {
|
||||
log.error('User creation error:', e)
|
||||
|
||||
Reference in New Issue
Block a user