Skip to content

Commit

Permalink
Fix invalid check when inserting project (neuroanatomy#77)
Browse files Browse the repository at this point in the history
  • Loading branch information
@denishov
denishov committed Oct 9, 2023
1 parent 5cc9f39 commit 52f026a
Showing 1 changed file with 23 additions and 23 deletions.
46 changes: 23 additions & 23 deletions app/controller/project/project.controller.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ const validator = function (req, res, next) {
const project = async function (req, res) {
const requestedProject = req.params.projectName;
const embedProject = req.route.path.endsWith('embed');
let loggedUser = "anyone";
let loggedUser = 'anyone';
if(req.isAuthenticated()) {
loggedUser = req.user.username;
} else if(req.isTokenAuthenticated) {
Expand Down Expand Up @@ -60,11 +60,11 @@ const project = async function (req, res) {
* @param {Object} res Res object from express
* @returns {void}
*/
var settings = async function(req, res) {
console.log("Settings");
const settings = async function(req, res) {
console.log('Settings');
const requestedProject = req.params.projectName;

var loggedUser = "anyone";
let loggedUser = 'anyone';
if(req.isAuthenticated()) {
loggedUser = req.user.username;
} else if(req.isTokenAuthenticated) {
Expand All @@ -76,9 +76,9 @@ var settings = async function(req, res) {
let json = await req.appConfig.db.queryProject({shortname: requestedProject});
if(typeof json === 'undefined') {
json = {
name: "",
name: '',
shortname: requestedProject,
url: "",
url: '',
created: (new Date()).toJSON(),
owner: loggedUser,
collaborators: {
Expand Down Expand Up @@ -115,9 +115,9 @@ var settings = async function(req, res) {
if (AccessControlService.canViewCollaborators(json, loggedUser)) {
const arr1 = [];
for(let j=0; j<json.collaborators.list.length; j++) {
if (Object.keys(json.collaborators.list[j]).includes("username") === false) {
if (Object.keys(json.collaborators.list[j]).includes('username') === false) {

return res.send("Error with user in project. Contact the adminstrators at https://mattermost.brainhack.org/brainhack/channels/microdraw").status(500);
return res.send('Error with user in project. Contact the adminstrators at https://mattermost.brainhack.org/brainhack/channels/microdraw').status(500);
}

arr1.push(req.appConfig.db.queryUser({username: json.collaborators.list[j].username}));
Expand All @@ -129,7 +129,7 @@ var settings = async function(req, res) {
if(collaboratorsList[j]) { // name found
json.collaborators.list[j].name=collaboratorsList[j].name;
} else { // name not found: set to empty
json.collaborators.list[j].name = "";
json.collaborators.list[j].name = '';
}
}
} catch(e) {
Expand All @@ -139,7 +139,7 @@ var settings = async function(req, res) {
json.collaborators.list = json.collaborators.list.filter((collaborator) => collaborator.username === 'anyone');
}

var context = {
const context = {
projectShortname: json.shortname,
owner: json.owner,
projectInfo: JSON.stringify(json),
Expand All @@ -156,9 +156,9 @@ var settings = async function(req, res) {
* @returns {void}
*/
const projectNew = function (req, res) {
console.log("New Project");
console.log('New Project');

let loggedUser = "anyone";
let loggedUser = 'anyone';
if(req.isAuthenticated()) {
loggedUser = req.user.username;
} else
Expand All @@ -169,30 +169,30 @@ const projectNew = function (req, res) {
// Store return path in case of login
req.session.returnTo = req.originalUrl;

if(loggedUser === "anyone" ) {
if(loggedUser === 'anyone' ) {
res.render('askForLogin', {
title: "MicroDraw: New Project",
functionality: "create a new project",
title: 'MicroDraw: New Project',
functionality: 'create a new project',
loggedUser: JSON.stringify(req.user || null)
});
} else {
res.render('projectNew', {
title: "MicroDraw: New Project",
title: 'MicroDraw: New Project',
loggedUser: JSON.stringify(req.user || null)
});
}
};

const apiProject = async function (req, res) {
console.log("GET project", req.params);
console.log('GET project', req.params);
let json = await req.appConfig.db.queryProject({shortname: req.params.projectName, backup: {$exists: false}});
if (_.isNil(json)) {
res.status(404).json({error: 'Project not found'});

return;
}

let loggedUser = "anyone";
let loggedUser = 'anyone';
if(req.isAuthenticated()) {
loggedUser = req.user.username;
} else if(req.isTokenAuthenticated) {
Expand Down Expand Up @@ -257,11 +257,11 @@ const postProject = async function (req, res) {
return;
}

const newProject = typeof req.body.data === "string" ? JSON.parse(req.body.data): req.body.data;
const newProject = typeof req.body.data === 'string' ? JSON.parse(req.body.data): req.body.data;
const oldProject = await req.appConfig.db.queryProject({shortname: newProject.shortname});

let ignoredChanges = [];
if (oldProject !== null || typeof oldProject !== 'undefined') {
if (oldProject !== null && typeof oldProject !== 'undefined') {
if (!AccessControlService.hasFilesAccess(AccessLevel.EDIT, oldProject, loggedUser)) {
res.status(403).json({ error: 'error', message: 'User does not have edit rights' });

Expand All @@ -271,7 +271,7 @@ const postProject = async function (req, res) {
}


let successMessage = "Project settings updated.";
let successMessage = 'Project settings updated.';
if(ignoredChanges.length > 0) {
successMessage += ` Some changes (on ${ignoredChanges.join(', ')}) were ignored due to a lack of permissions.`;
}
Expand All @@ -285,7 +285,7 @@ const postProject = async function (req, res) {
};

const deleteProject = async function (req, res) {
console.log("DELETE Project");
console.log('DELETE Project');

let loggedUser = 'anonymous';
if(req.isAuthenticated()) {
Expand All @@ -300,7 +300,7 @@ const deleteProject = async function (req, res) {
if(loggedUser === 'anonymous') {
res
.status(403)
.send({message: "Log in required"})
.send({message: 'Log in required'})
.end();
} else {
const {projectName} = req.params;
Expand Down

0 comments on commit 52f026a

Please sign in to comment.