mirror of
https://gitlab.com/comunic/comunicapiv2
synced 2024-11-22 05:19:22 +00:00
Move methods
This commit is contained in:
parent
b688f09faf
commit
47cb6cac84
@ -5,7 +5,15 @@
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
import { UserHelper } from "../helpers/UserHelper";
|
import { UserHelper } from "../helpers/UserHelper";
|
||||||
import { removeHTMLNodes, checkMail } from "../utils/StringUtils";
|
import { removeHTMLNodes, checkMail, checkURL } from "../utils/StringUtils";
|
||||||
|
import { FriendsHelper } from "../helpers/FriendsHelper";
|
||||||
|
import { AccountHelper } from "../helpers/AccountHelper";
|
||||||
|
import { GroupsHelper } from "../helpers/GroupsHelper";
|
||||||
|
import { GroupsAccessLevel } from "./Group";
|
||||||
|
import { PostsHelper } from "../helpers/PostsHelper";
|
||||||
|
import { PostAccessLevel } from "./Post";
|
||||||
|
import { CommentsHelper } from "../helpers/CommentsHelper";
|
||||||
|
import { checkVirtualDirectory } from "../utils/VirtualDirsUtils";
|
||||||
|
|
||||||
export abstract class BaseRequestsHandler {
|
export abstract class BaseRequestsHandler {
|
||||||
|
|
||||||
@ -221,4 +229,162 @@ export abstract class BaseRequestsHandler {
|
|||||||
|
|
||||||
return userID;
|
return userID;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the ID of a friend included in a POST request
|
||||||
|
*
|
||||||
|
* @param name Name of the POST field
|
||||||
|
*/
|
||||||
|
public async postFriendId(name: string) : Promise<number> {
|
||||||
|
const friendID = await this.postUserId(name);
|
||||||
|
|
||||||
|
if(!await FriendsHelper.AreFriend(this.getUserId(), friendID))
|
||||||
|
this.error(401, "You are not friend with this personn!");
|
||||||
|
|
||||||
|
return friendID;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Find user ID based on its email address, included in a POST request
|
||||||
|
*
|
||||||
|
* @param name The name of the POST field containing the email address of the user
|
||||||
|
*/
|
||||||
|
public async postUserIdFromEmail(name: string) : Promise<number> {
|
||||||
|
const email = this.postEmail(name);
|
||||||
|
const userID = await AccountHelper.FindIDFromEmail(email);
|
||||||
|
|
||||||
|
if(userID < 1)
|
||||||
|
this.error(404, "Email not found!");
|
||||||
|
|
||||||
|
return userID;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get a POST group ID
|
||||||
|
*
|
||||||
|
* @param name The name of the POST field
|
||||||
|
*/
|
||||||
|
public async postGroupID(name: string) : Promise<number> {
|
||||||
|
const groupID = this.postInt(name);
|
||||||
|
|
||||||
|
if(!await GroupsHelper.Exists(groupID))
|
||||||
|
this.error(404, "Specified group not found!");
|
||||||
|
|
||||||
|
return groupID;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get a POST group ID with a check for access level of current user
|
||||||
|
*
|
||||||
|
* @param name The name of the POST field containing group ID
|
||||||
|
* @param minVisibility Minimum visiblity requested to the group
|
||||||
|
* @returns The ID of the group (throws in case of failure)
|
||||||
|
*/
|
||||||
|
public async postGroupIDWithAccess(name: string, minVisibility : GroupsAccessLevel) : Promise<number> {
|
||||||
|
const groupID = await this.postGroupID(name);
|
||||||
|
|
||||||
|
const access = await GroupsHelper.GetAccessLevel(groupID, this.optionnalUserID);
|
||||||
|
|
||||||
|
if(access == GroupsAccessLevel.NO_ACCESS)
|
||||||
|
this.error(404, "Specified group not found!");
|
||||||
|
|
||||||
|
if(access < minVisibility)
|
||||||
|
this.error(401, "You do not have enough rights to perform what you intend to do on this group!");
|
||||||
|
|
||||||
|
return groupID;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the ID of post included in a POST request
|
||||||
|
*
|
||||||
|
* @param name The name of the POST field containing the id of the target post
|
||||||
|
*/
|
||||||
|
public async postPostID(name: string) : Promise<number> {
|
||||||
|
const postID = this.postInt(name);
|
||||||
|
|
||||||
|
if(postID < 1)
|
||||||
|
this.error(400, "Invalid post ID!");
|
||||||
|
|
||||||
|
if(!await PostsHelper.Exists(postID))
|
||||||
|
this.error(404, "Specified post does not exists!");
|
||||||
|
|
||||||
|
return postID;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the ID of a post a user has access to
|
||||||
|
*
|
||||||
|
* @param name The name of the POST field containing the ID of the target post
|
||||||
|
*/
|
||||||
|
public async postPostIDWithAccess(name: string, minLevel: PostAccessLevel = PostAccessLevel.BASIC_ACCESS) : Promise<number> {
|
||||||
|
const postID = await this.postPostID(name);
|
||||||
|
|
||||||
|
if(await PostsHelper.GetAccessLevelFromPostID(this.optionnalUserID, postID) < minLevel)
|
||||||
|
this.error(401, "Your are not allowed to access this post information!");
|
||||||
|
|
||||||
|
return postID;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get the ID of a comment that the user is allowed to access
|
||||||
|
*
|
||||||
|
* @param name The name of the comment field
|
||||||
|
*/
|
||||||
|
public async postCommentIDWithAccess(name: string) : Promise<number> {
|
||||||
|
const commentID = this.postInt(name);
|
||||||
|
|
||||||
|
if(!await CommentsHelper.Exists(commentID))
|
||||||
|
this.error(404, "Specified comment not found!");
|
||||||
|
|
||||||
|
const postID = await CommentsHelper.GetAssociatedPost(commentID);
|
||||||
|
const post = await PostsHelper.GetSingle(postID);
|
||||||
|
|
||||||
|
if(await PostsHelper.GetAccessLevel(this.getUserId(), post) == PostAccessLevel.NO_ACCESS)
|
||||||
|
this.error(401, "You are not allowed to acess this post information!");
|
||||||
|
|
||||||
|
return commentID;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get a virtual directory included in a POST request
|
||||||
|
*
|
||||||
|
* @param name The name of the POST variable
|
||||||
|
* @return The virtual directory, if found as valid
|
||||||
|
*/
|
||||||
|
public postVirtualDirectory(name: string) : string {
|
||||||
|
const dir = this.postString(name);
|
||||||
|
|
||||||
|
if(!checkVirtualDirectory(dir))
|
||||||
|
this.error(401, "Specified directory seems to be invalid!");
|
||||||
|
|
||||||
|
return dir;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get an URL included in a POST request
|
||||||
|
*
|
||||||
|
* @param name The name of the POST field containing
|
||||||
|
* the URL
|
||||||
|
*/
|
||||||
|
public postURL(name: string) : string {
|
||||||
|
const url = this.postString(name);
|
||||||
|
|
||||||
|
if(!checkURL(url))
|
||||||
|
this.error(401, "Specified URL in '"+name+"' seems to be invalid!");
|
||||||
|
|
||||||
|
return url;
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Check the user password included in the request
|
||||||
|
*
|
||||||
|
* @param postField The name of the post field
|
||||||
|
* containing user password
|
||||||
|
*/
|
||||||
|
public async needUserPostPassword(postField: string) {
|
||||||
|
const password = this.postString(postField, 3);
|
||||||
|
|
||||||
|
if(!await AccountHelper.CheckUserPassword(this.getUserId(), password))
|
||||||
|
this.error(401, "Invalid password!");
|
||||||
|
}
|
||||||
}
|
}
|
||||||
@ -1,20 +1,12 @@
|
|||||||
import { conf } from "../helpers/ConfigHelper";
|
import { Request, Response } from "express";
|
||||||
import { Response, Request } from "express";
|
|
||||||
import { APIHelper } from "../helpers/APIHelper";
|
|
||||||
import { APIClient } from "./APIClient";
|
|
||||||
import { checkURL } from "../utils/StringUtils";
|
|
||||||
import { AccountHelper } from "../helpers/AccountHelper";
|
|
||||||
import { UploadedFile } from "express-fileupload";
|
import { UploadedFile } from "express-fileupload";
|
||||||
import { prepareFileCreation, generateNewUserDataFileName, pathUserData } from "../utils/UserDataUtils";
|
|
||||||
import * as sharp from 'sharp';
|
|
||||||
import { GroupsAccessLevel } from "./Group";
|
|
||||||
import { GroupsHelper } from "../helpers/GroupsHelper";
|
|
||||||
import { checkVirtualDirectory } from "../utils/VirtualDirsUtils";
|
|
||||||
import { FriendsHelper } from "../helpers/FriendsHelper";
|
|
||||||
import { PostsHelper } from "../helpers/PostsHelper";
|
|
||||||
import { PostAccessLevel } from "./Post";
|
|
||||||
import { writeFileSync } from "fs";
|
import { writeFileSync } from "fs";
|
||||||
import { CommentsHelper } from "../helpers/CommentsHelper";
|
import * as sharp from 'sharp';
|
||||||
|
import { AccountHelper } from "../helpers/AccountHelper";
|
||||||
|
import { APIHelper } from "../helpers/APIHelper";
|
||||||
|
import { conf } from "../helpers/ConfigHelper";
|
||||||
|
import { generateNewUserDataFileName, pathUserData, prepareFileCreation } from "../utils/UserDataUtils";
|
||||||
|
import { APIClient } from "./APIClient";
|
||||||
import { BaseRequestsHandler } from "./BaseRequestsHandler";
|
import { BaseRequestsHandler } from "./BaseRequestsHandler";
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -63,151 +55,6 @@ export class RequestHandler extends BaseRequestsHandler {
|
|||||||
return this.getPostParam(name) != undefined;
|
return this.getPostParam(name) != undefined;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the ID of a friend included in a POST request
|
|
||||||
*
|
|
||||||
* @param name Name of the POST field
|
|
||||||
*/
|
|
||||||
public async postFriendId(name: string) : Promise<number> {
|
|
||||||
const friendID = await this.postUserId(name);
|
|
||||||
|
|
||||||
if(!await FriendsHelper.AreFriend(this.getUserId(), friendID))
|
|
||||||
this.error(401, "You are not friend with this personn!");
|
|
||||||
|
|
||||||
return friendID;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Find user ID based on its email address, included in a POST request
|
|
||||||
*
|
|
||||||
* @param name The name of the POST field containing the email address of the user
|
|
||||||
*/
|
|
||||||
public async postUserIdFromEmail(name: string) : Promise<number> {
|
|
||||||
const email = this.postEmail(name);
|
|
||||||
const userID = await AccountHelper.FindIDFromEmail(email);
|
|
||||||
|
|
||||||
if(userID < 1)
|
|
||||||
this.error(404, "Email not found!");
|
|
||||||
|
|
||||||
return userID;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get a POST group ID
|
|
||||||
*
|
|
||||||
* @param name The name of the POST field
|
|
||||||
*/
|
|
||||||
public async postGroupID(name: string) : Promise<number> {
|
|
||||||
const groupID = this.postInt(name);
|
|
||||||
|
|
||||||
if(!await GroupsHelper.Exists(groupID))
|
|
||||||
this.error(404, "Specified group not found!");
|
|
||||||
|
|
||||||
return groupID;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get a POST group ID with a check for access level of current user
|
|
||||||
*
|
|
||||||
* @param name The name of the POST field containing group ID
|
|
||||||
* @param minVisibility Minimum visiblity requested to the group
|
|
||||||
* @returns The ID of the group (throws in case of failure)
|
|
||||||
*/
|
|
||||||
public async postGroupIDWithAccess(name: string, minVisibility : GroupsAccessLevel) : Promise<number> {
|
|
||||||
const groupID = await this.postGroupID(name);
|
|
||||||
|
|
||||||
const access = await GroupsHelper.GetAccessLevel(groupID, this.optionnalUserID);
|
|
||||||
|
|
||||||
if(access == GroupsAccessLevel.NO_ACCESS)
|
|
||||||
this.error(404, "Specified group not found!");
|
|
||||||
|
|
||||||
if(access < minVisibility)
|
|
||||||
this.error(401, "You do not have enough rights to perform what you intend to do on this group!");
|
|
||||||
|
|
||||||
return groupID;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the ID of post included in a POST request
|
|
||||||
*
|
|
||||||
* @param name The name of the POST field containing the id of the target post
|
|
||||||
*/
|
|
||||||
public async postPostID(name: string) : Promise<number> {
|
|
||||||
const postID = this.postInt(name);
|
|
||||||
|
|
||||||
if(postID < 1)
|
|
||||||
this.error(400, "Invalid post ID!");
|
|
||||||
|
|
||||||
if(!await PostsHelper.Exists(postID))
|
|
||||||
this.error(404, "Specified post does not exists!");
|
|
||||||
|
|
||||||
return postID;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the ID of a post a user has access to
|
|
||||||
*
|
|
||||||
* @param name The name of the POST field containing the ID of the target post
|
|
||||||
*/
|
|
||||||
public async postPostIDWithAccess(name: string, minLevel: PostAccessLevel = PostAccessLevel.BASIC_ACCESS) : Promise<number> {
|
|
||||||
const postID = await this.postPostID(name);
|
|
||||||
|
|
||||||
if(await PostsHelper.GetAccessLevelFromPostID(this.optionnalUserID, postID) < minLevel)
|
|
||||||
this.error(401, "Your are not allowed to access this post information!");
|
|
||||||
|
|
||||||
return postID;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get the ID of a comment that the user is allowed to access
|
|
||||||
*
|
|
||||||
* @param name The name of the comment field
|
|
||||||
*/
|
|
||||||
public async postCommentIDWithAccess(name: string) : Promise<number> {
|
|
||||||
const commentID = this.postInt(name);
|
|
||||||
|
|
||||||
if(!await CommentsHelper.Exists(commentID))
|
|
||||||
this.error(404, "Specified comment not found!");
|
|
||||||
|
|
||||||
const postID = await CommentsHelper.GetAssociatedPost(commentID);
|
|
||||||
const post = await PostsHelper.GetSingle(postID);
|
|
||||||
|
|
||||||
if(await PostsHelper.GetAccessLevel(this.getUserId(), post) == PostAccessLevel.NO_ACCESS)
|
|
||||||
this.error(401, "You are not allowed to acess this post information!");
|
|
||||||
|
|
||||||
return commentID;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get a virtual directory included in a POST request
|
|
||||||
*
|
|
||||||
* @param name The name of the POST variable
|
|
||||||
* @return The virtual directory, if found as valid
|
|
||||||
*/
|
|
||||||
public postVirtualDirectory(name: string) : string {
|
|
||||||
const dir = this.postString(name);
|
|
||||||
|
|
||||||
if(!checkVirtualDirectory(dir))
|
|
||||||
this.error(401, "Specified directory seems to be invalid!");
|
|
||||||
|
|
||||||
return dir;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Get an URL included in a POST request
|
|
||||||
*
|
|
||||||
* @param name The name of the POST field containing
|
|
||||||
* the URL
|
|
||||||
*/
|
|
||||||
public postURL(name: string) : string {
|
|
||||||
const url = this.postString(name);
|
|
||||||
|
|
||||||
if(!checkURL(url))
|
|
||||||
this.error(401, "Specified URL in '"+name+"' seems to be invalid!");
|
|
||||||
|
|
||||||
return url;
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get information about an uploaded file
|
* Get information about an uploaded file
|
||||||
*
|
*
|
||||||
@ -349,19 +196,6 @@ export class RequestHandler extends BaseRequestsHandler {
|
|||||||
this.error(412, "Please check your login tokens!");
|
this.error(412, "Please check your login tokens!");
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
|
||||||
* Check the user password included in the request
|
|
||||||
*
|
|
||||||
* @param postField The name of the post field
|
|
||||||
* containing user password
|
|
||||||
*/
|
|
||||||
public async needUserPostPassword(postField: string) {
|
|
||||||
const password = this.postString(postField, 3);
|
|
||||||
|
|
||||||
if(!await AccountHelper.CheckUserPassword(this.getUserId(), password))
|
|
||||||
this.error(401, "Invalid password!");
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get information about API client
|
* Get information about API client
|
||||||
*/
|
*/
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user