chore: upgrade sequelize (#965)
* 0.18.0 * chore: Upgrade sequelize 4 -> 5 * fix: migrations v5 support * fix: Majority of test failures * fix: the rest of v5 tests
This commit is contained in:
Tom Moor
GitHub
@@ -4,7 +4,7 @@ exports[`#users.activate should activate a suspended user 1`] = `
|
||||
Object {
|
||||
"data": Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-01T00:00:00.000Z",
|
||||
"createdAt": "2018-01-02T00:00:00.000Z",
|
||||
"email": "user1@example.com",
|
||||
"id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
|
||||
"isAdmin": false,
|
||||
@@ -38,7 +38,7 @@ exports[`#users.demote should demote an admin 1`] = `
|
||||
Object {
|
||||
"data": Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-01T00:00:00.000Z",
|
||||
"createdAt": "2018-01-02T00:00:00.000Z",
|
||||
"email": "user1@example.com",
|
||||
"id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
|
||||
"isAdmin": false,
|
||||
@@ -71,6 +71,14 @@ Object {
|
||||
exports[`#users.list should require admin for detailed info 1`] = `
|
||||
Object {
|
||||
"data": Array [
|
||||
Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-02T00:00:00.000Z",
|
||||
"id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
|
||||
"isAdmin": false,
|
||||
"isSuspended": false,
|
||||
"name": "User 1",
|
||||
},
|
||||
Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-01T00:00:00.000Z",
|
||||
@@ -79,14 +87,6 @@ Object {
|
||||
"isSuspended": false,
|
||||
"name": "Admin User",
|
||||
},
|
||||
Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-01T00:00:00.000Z",
|
||||
"id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
|
||||
"isAdmin": false,
|
||||
"isSuspended": false,
|
||||
"name": "User 1",
|
||||
},
|
||||
],
|
||||
"ok": true,
|
||||
"pagination": Object {
|
||||
@@ -103,7 +103,7 @@ Object {
|
||||
"data": Array [
|
||||
Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-01T00:00:00.000Z",
|
||||
"createdAt": "2018-01-02T00:00:00.000Z",
|
||||
"email": "user1@example.com",
|
||||
"id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
|
||||
"isAdmin": false,
|
||||
@@ -134,7 +134,7 @@ exports[`#users.promote should promote a new admin 1`] = `
|
||||
Object {
|
||||
"data": Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-01T00:00:00.000Z",
|
||||
"createdAt": "2018-01-02T00:00:00.000Z",
|
||||
"email": "user1@example.com",
|
||||
"id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
|
||||
"isAdmin": true,
|
||||
@@ -168,7 +168,7 @@ exports[`#users.suspend should suspend an user 1`] = `
|
||||
Object {
|
||||
"data": Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-01T00:00:00.000Z",
|
||||
"createdAt": "2018-01-02T00:00:00.000Z",
|
||||
"email": "user1@example.com",
|
||||
"id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
|
||||
"isAdmin": false,
|
||||
@@ -202,7 +202,7 @@ exports[`#users.update should update user profile information 1`] = `
|
||||
Object {
|
||||
"data": Object {
|
||||
"avatarUrl": "http://example.com/avatar.png",
|
||||
"createdAt": "2018-01-01T00:00:00.000Z",
|
||||
"createdAt": "2018-01-02T00:00:00.000Z",
|
||||
"email": "user1@example.com",
|
||||
"id": "46fde1d4-0050-428f-9f0b-0bf77f4bdf61",
|
||||
"isAdmin": false,
|
||||
|
||||
@@ -49,7 +49,7 @@ router.post('apiKeys.delete', auth(), async ctx => {
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const key = await ApiKey.findById(id);
|
||||
const key = await ApiKey.findByPk(id);
|
||||
authorize(user, 'delete', key);
|
||||
|
||||
await key.destroy();
|
||||
|
||||
@@ -8,7 +8,7 @@ const router = new Router();
|
||||
|
||||
router.post('auth.info', auth(), async ctx => {
|
||||
const user = ctx.state.user;
|
||||
const team = await Team.findById(user.teamId);
|
||||
const team = await Team.findByPk(user.teamId);
|
||||
|
||||
ctx.body = {
|
||||
data: {
|
||||
|
||||
@@ -49,7 +49,7 @@ router.post('collections.info', auth(), async ctx => {
|
||||
const { id } = ctx.body;
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
|
||||
const collection = await Collection.findById(id);
|
||||
const collection = await Collection.findByPk(id);
|
||||
authorize(ctx.state.user, 'read', collection);
|
||||
|
||||
ctx.body = {
|
||||
@@ -62,14 +62,14 @@ router.post('collections.add_user', auth(), async ctx => {
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
ctx.assertUuid(userId, 'userId is required');
|
||||
|
||||
const collection = await Collection.findById(id);
|
||||
const collection = await Collection.findByPk(id);
|
||||
authorize(ctx.state.user, 'update', collection);
|
||||
|
||||
if (!collection.private) {
|
||||
throw new InvalidRequestError('Collection must be private to add users');
|
||||
}
|
||||
|
||||
const user = await User.findById(userId);
|
||||
const user = await User.findByPk(userId);
|
||||
authorize(ctx.state.user, 'read', user);
|
||||
|
||||
await CollectionUser.create({
|
||||
@@ -97,14 +97,14 @@ router.post('collections.remove_user', auth(), async ctx => {
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
ctx.assertUuid(userId, 'userId is required');
|
||||
|
||||
const collection = await Collection.findById(id);
|
||||
const collection = await Collection.findByPk(id);
|
||||
authorize(ctx.state.user, 'update', collection);
|
||||
|
||||
if (!collection.private) {
|
||||
throw new InvalidRequestError('Collection must be private to remove users');
|
||||
}
|
||||
|
||||
const user = await User.findById(userId);
|
||||
const user = await User.findByPk(userId);
|
||||
authorize(ctx.state.user, 'read', user);
|
||||
|
||||
await collection.removeUser(user);
|
||||
@@ -126,7 +126,7 @@ router.post('collections.users', auth(), async ctx => {
|
||||
const { id } = ctx.body;
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
|
||||
const collection = await Collection.findById(id);
|
||||
const collection = await Collection.findByPk(id);
|
||||
authorize(ctx.state.user, 'read', collection);
|
||||
|
||||
const users = await collection.getUsers();
|
||||
@@ -141,7 +141,7 @@ router.post('collections.export', auth(), async ctx => {
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const collection = await Collection.findById(id);
|
||||
const collection = await Collection.findByPk(id);
|
||||
authorize(user, 'export', collection);
|
||||
|
||||
// async operation to create zip archive and email user
|
||||
@@ -154,7 +154,7 @@ router.post('collections.export', auth(), async ctx => {
|
||||
|
||||
router.post('collections.exportAll', auth(), async ctx => {
|
||||
const user = ctx.state.user;
|
||||
const team = await Team.findById(user.teamId);
|
||||
const team = await Team.findByPk(user.teamId);
|
||||
authorize(user, 'export', team);
|
||||
|
||||
// async operation to create zip archive and email user
|
||||
@@ -174,7 +174,7 @@ router.post('collections.update', auth(), async ctx => {
|
||||
ctx.assertHexColor(color, 'Invalid hex value (please use format #FFFFFF)');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const collection = await Collection.findById(id);
|
||||
const collection = await Collection.findByPk(id);
|
||||
authorize(user, 'update', collection);
|
||||
|
||||
if (isPrivate && !collection.private) {
|
||||
@@ -237,7 +237,7 @@ router.post('collections.delete', auth(), async ctx => {
|
||||
const user = ctx.state.user;
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
|
||||
const collection = await Collection.findById(id);
|
||||
const collection = await Collection.findByPk(id);
|
||||
authorize(user, 'delete', collection);
|
||||
|
||||
const total = await Collection.count();
|
||||
|
||||
@@ -41,7 +41,7 @@ router.post('documents.list', auth(), pagination(), async ctx => {
|
||||
ctx.assertUuid(collectionId, 'collection must be a UUID');
|
||||
|
||||
where = { ...where, collectionId };
|
||||
const collection = await Collection.findById(collectionId);
|
||||
const collection = await Collection.findByPk(collectionId);
|
||||
authorize(user, 'read', collection);
|
||||
|
||||
// otherwise, filter by all collections the user has access to
|
||||
@@ -77,7 +77,7 @@ router.post('documents.pinned', auth(), pagination(), async ctx => {
|
||||
ctx.assertUuid(collectionId, 'collection is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const collection = await Collection.findById(collectionId);
|
||||
const collection = await Collection.findByPk(collectionId);
|
||||
authorize(user, 'read', collection);
|
||||
|
||||
const starredScope = { method: ['withStarred', user.id] };
|
||||
@@ -86,7 +86,6 @@ router.post('documents.pinned', auth(), pagination(), async ctx => {
|
||||
teamId: user.teamId,
|
||||
collectionId,
|
||||
pinnedById: {
|
||||
// $FlowFixMe
|
||||
[Op.ne]: null,
|
||||
},
|
||||
},
|
||||
@@ -118,7 +117,6 @@ router.post('documents.archived', auth(), pagination(), async ctx => {
|
||||
teamId: user.teamId,
|
||||
collectionId: collectionIds,
|
||||
archivedAt: {
|
||||
// $FlowFixMe
|
||||
[Op.ne]: null,
|
||||
},
|
||||
},
|
||||
@@ -232,7 +230,6 @@ router.post('documents.drafts', auth(), pagination(), async ctx => {
|
||||
where: {
|
||||
userId: user.id,
|
||||
collectionId: collectionIds,
|
||||
// $FlowFixMe
|
||||
publishedAt: { [Op.eq]: null },
|
||||
},
|
||||
order: [[sort, direction]],
|
||||
@@ -258,9 +255,8 @@ router.post('documents.info', auth({ required: false }), async ctx => {
|
||||
let document;
|
||||
|
||||
if (shareId) {
|
||||
const share = await Share.find({
|
||||
const share = await Share.findOne({
|
||||
where: {
|
||||
// $FlowFixMe
|
||||
revokedAt: { [Op.eq]: null },
|
||||
id: shareId,
|
||||
},
|
||||
@@ -277,7 +273,7 @@ router.post('documents.info', auth({ required: false }), async ctx => {
|
||||
}
|
||||
document = share.document;
|
||||
} else {
|
||||
document = await Document.findById(id);
|
||||
document = await Document.findByPk(id);
|
||||
authorize(user, 'read', document);
|
||||
}
|
||||
|
||||
@@ -293,7 +289,7 @@ router.post('documents.revision', auth(), async ctx => {
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
ctx.assertPresent(revisionId, 'revisionId is required');
|
||||
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
authorize(ctx.state.user, 'read', document);
|
||||
|
||||
const revision = await Revision.findOne({
|
||||
@@ -313,7 +309,7 @@ router.post('documents.revisions', auth(), pagination(), async ctx => {
|
||||
let { id, sort = 'updatedAt', direction } = ctx.body;
|
||||
if (direction !== 'ASC') direction = 'DESC';
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
|
||||
authorize(ctx.state.user, 'read', document);
|
||||
|
||||
@@ -335,7 +331,7 @@ router.post('documents.restore', auth(), async ctx => {
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
|
||||
if (document.archivedAt) {
|
||||
authorize(user, 'unarchive', document);
|
||||
@@ -354,7 +350,7 @@ router.post('documents.restore', auth(), async ctx => {
|
||||
// restore a document to a specific revision
|
||||
authorize(user, 'update', document);
|
||||
|
||||
const revision = await Revision.findById(revisionId);
|
||||
const revision = await Revision.findByPk(revisionId);
|
||||
authorize(document, 'restore', revision);
|
||||
|
||||
document.text = revision.text;
|
||||
@@ -386,7 +382,7 @@ router.post('documents.search', auth(), pagination(), async ctx => {
|
||||
if (collectionId) {
|
||||
ctx.assertUuid(collectionId, 'collectionId must be a UUID');
|
||||
|
||||
const collection = await Collection.findById(collectionId);
|
||||
const collection = await Collection.findByPk(collectionId);
|
||||
authorize(user, 'read', collection);
|
||||
}
|
||||
|
||||
@@ -430,7 +426,7 @@ router.post('documents.pin', auth(), async ctx => {
|
||||
const { id } = ctx.body;
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
|
||||
authorize(user, 'update', document);
|
||||
|
||||
@@ -454,7 +450,7 @@ router.post('documents.unpin', auth(), async ctx => {
|
||||
const { id } = ctx.body;
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
|
||||
authorize(user, 'update', document);
|
||||
|
||||
@@ -478,7 +474,7 @@ router.post('documents.star', auth(), async ctx => {
|
||||
const { id } = ctx.body;
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
|
||||
authorize(user, 'read', document);
|
||||
|
||||
@@ -499,7 +495,7 @@ router.post('documents.unstar', auth(), async ctx => {
|
||||
const { id } = ctx.body;
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
|
||||
authorize(user, 'read', document);
|
||||
|
||||
@@ -590,7 +586,7 @@ router.post('documents.create', auth(), async ctx => {
|
||||
// reload to get all of the data needed to present (user, collection etc)
|
||||
// we need to specify publishedAt to bypass default scope that only returns
|
||||
// published documents
|
||||
document = await Document.find({
|
||||
document = await Document.findOne({
|
||||
where: { id: document.id, publishedAt: document.publishedAt },
|
||||
});
|
||||
|
||||
@@ -615,7 +611,7 @@ router.post('documents.update', auth(), async ctx => {
|
||||
if (append) ctx.assertPresent(text, 'Text is required while appending');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
|
||||
authorize(ctx.state.user, 'update', document);
|
||||
|
||||
@@ -680,10 +676,10 @@ router.post('documents.move', auth(), async ctx => {
|
||||
}
|
||||
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
authorize(user, 'move', document);
|
||||
|
||||
const collection = await Collection.findById(collectionId);
|
||||
const collection = await Collection.findByPk(collectionId);
|
||||
authorize(user, 'update', collection);
|
||||
|
||||
if (collection.type !== 'atlas' && parentDocumentId) {
|
||||
@@ -693,7 +689,7 @@ router.post('documents.move', auth(), async ctx => {
|
||||
}
|
||||
|
||||
if (parentDocumentId) {
|
||||
const parent = await Document.findById(parentDocumentId);
|
||||
const parent = await Document.findByPk(parentDocumentId);
|
||||
authorize(user, 'update', parent);
|
||||
}
|
||||
|
||||
@@ -721,7 +717,7 @@ router.post('documents.archive', auth(), async ctx => {
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
authorize(user, 'archive', document);
|
||||
|
||||
await document.archive(user.id);
|
||||
@@ -744,7 +740,7 @@ router.post('documents.delete', auth(), async ctx => {
|
||||
ctx.assertPresent(id, 'id is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(id);
|
||||
const document = await Document.findByPk(id);
|
||||
authorize(user, 'delete', document);
|
||||
|
||||
await document.delete();
|
||||
|
||||
@@ -66,10 +66,11 @@ describe('#documents.info', async () => {
|
||||
});
|
||||
|
||||
it('should return document from shareId without token', async () => {
|
||||
const { document } = await seed();
|
||||
const { document, user } = await seed();
|
||||
const share = await buildShare({
|
||||
documentId: document.id,
|
||||
teamId: document.teamId,
|
||||
userId: user.id,
|
||||
});
|
||||
|
||||
const res = await server.post('/api/documents.info', {
|
||||
@@ -88,6 +89,7 @@ describe('#documents.info', async () => {
|
||||
const share = await buildShare({
|
||||
documentId: document.id,
|
||||
teamId: document.teamId,
|
||||
userId: user.id,
|
||||
});
|
||||
await share.revoke(user.id);
|
||||
|
||||
@@ -102,6 +104,7 @@ describe('#documents.info', async () => {
|
||||
const share = await buildShare({
|
||||
documentId: document.id,
|
||||
teamId: document.teamId,
|
||||
userId: user.id,
|
||||
});
|
||||
await document.archive(user.id);
|
||||
|
||||
@@ -116,6 +119,7 @@ describe('#documents.info', async () => {
|
||||
const share = await buildShare({
|
||||
documentId: document.id,
|
||||
teamId: document.teamId,
|
||||
userId: user.id,
|
||||
});
|
||||
|
||||
const res = await server.post('/api/documents.info', {
|
||||
@@ -134,6 +138,7 @@ describe('#documents.info', async () => {
|
||||
const share = await buildShare({
|
||||
documentId: document.id,
|
||||
teamId: document.teamId,
|
||||
userId: user.id,
|
||||
});
|
||||
|
||||
collection.private = true;
|
||||
@@ -974,7 +979,7 @@ describe('#documents.create', async () => {
|
||||
},
|
||||
});
|
||||
const body = await res.json();
|
||||
const newDocument = await Document.findById(body.data.id);
|
||||
const newDocument = await Document.findByPk(body.data.id);
|
||||
expect(res.status).toEqual(200);
|
||||
expect(newDocument.parentDocumentId).toBe(null);
|
||||
expect(newDocument.collection.id).toBe(collection.id);
|
||||
|
||||
@@ -12,15 +12,16 @@ router.post('hooks.unfurl', async ctx => {
|
||||
const { challenge, token, event } = ctx.body;
|
||||
if (challenge) return (ctx.body = ctx.body.challenge);
|
||||
|
||||
if (token !== process.env.SLACK_VERIFICATION_TOKEN)
|
||||
if (token !== process.env.SLACK_VERIFICATION_TOKEN) {
|
||||
throw new AuthenticationError('Invalid token');
|
||||
}
|
||||
|
||||
const user = await User.find({
|
||||
const user = await User.findOne({
|
||||
where: { service: 'slack', serviceId: event.user },
|
||||
});
|
||||
if (!user) return;
|
||||
|
||||
const auth = await Authentication.find({
|
||||
const auth = await Authentication.findOne({
|
||||
where: { service: 'slack', teamId: user.teamId },
|
||||
});
|
||||
if (!auth) return;
|
||||
@@ -29,7 +30,7 @@ router.post('hooks.unfurl', async ctx => {
|
||||
let unfurls = {};
|
||||
for (let link of event.links) {
|
||||
const id = link.url.substr(link.url.lastIndexOf('/') + 1);
|
||||
const doc = await Document.findById(id);
|
||||
const doc = await Document.findByPk(id);
|
||||
if (!doc || doc.teamId !== user.teamId) continue;
|
||||
|
||||
unfurls[link.url] = {
|
||||
@@ -60,7 +61,7 @@ router.post('hooks.interactive', async ctx => {
|
||||
if (token !== process.env.SLACK_VERIFICATION_TOKEN)
|
||||
throw new AuthenticationError('Invalid verification token');
|
||||
|
||||
const user = await User.find({
|
||||
const user = await User.findOne({
|
||||
where: { service: 'slack', serviceId: data.user.id },
|
||||
});
|
||||
if (!user) {
|
||||
@@ -73,12 +74,12 @@ router.post('hooks.interactive', async ctx => {
|
||||
}
|
||||
|
||||
// we find the document based on the users teamId to ensure access
|
||||
const document = await Document.find({
|
||||
const document = await Document.findOne({
|
||||
where: { id: data.callback_id, teamId: user.teamId },
|
||||
});
|
||||
if (!document) throw new InvalidRequestError('Invalid document');
|
||||
|
||||
const team = await Team.findById(user.teamId);
|
||||
const team = await Team.findByPk(user.teamId);
|
||||
|
||||
// respond with a public message that will be posted in the original channel
|
||||
ctx.body = {
|
||||
@@ -100,7 +101,7 @@ router.post('hooks.slack', async ctx => {
|
||||
if (token !== process.env.SLACK_VERIFICATION_TOKEN)
|
||||
throw new AuthenticationError('Invalid verification token');
|
||||
|
||||
const user = await User.find({
|
||||
const user = await User.findOne({
|
||||
where: {
|
||||
service: 'slack',
|
||||
serviceId: user_id,
|
||||
@@ -113,7 +114,7 @@ router.post('hooks.slack', async ctx => {
|
||||
return;
|
||||
}
|
||||
|
||||
const team = await Team.findById(user.teamId);
|
||||
const team = await Team.findByPk(user.teamId);
|
||||
const results = await Document.searchForUser(user, text, {
|
||||
limit: 5,
|
||||
});
|
||||
|
||||
@@ -33,7 +33,7 @@ router.post('integrations.delete', auth(), async ctx => {
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const integration = await Integration.findById(id);
|
||||
const integration = await Integration.findByPk(id);
|
||||
authorize(user, 'delete', integration);
|
||||
|
||||
await integration.destroy();
|
||||
|
||||
@@ -47,7 +47,7 @@ router.post('notificationSettings.delete', auth(), async ctx => {
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const setting = await NotificationSetting.findById(id);
|
||||
const setting = await NotificationSetting.findByPk(id);
|
||||
authorize(user, 'delete', setting);
|
||||
|
||||
await setting.destroy();
|
||||
@@ -62,7 +62,7 @@ router.post('notificationSettings.unsubscribe', async ctx => {
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
ctx.assertPresent(token, 'token is required');
|
||||
|
||||
const setting = await NotificationSetting.findById(id);
|
||||
const setting = await NotificationSetting.findByPk(id);
|
||||
if (setting) {
|
||||
if (token !== setting.unsubscribeToken) {
|
||||
ctx.redirect(`${process.env.URL}?notice=invalid-auth`);
|
||||
|
||||
@@ -19,11 +19,12 @@ router.post('shares.list', auth(), pagination(), async ctx => {
|
||||
const where = {
|
||||
teamId: user.teamId,
|
||||
userId: user.id,
|
||||
// $FlowFixMe
|
||||
revokedAt: { [Op.eq]: null },
|
||||
};
|
||||
|
||||
if (user.isAdmin) delete where.userId;
|
||||
if (user.isAdmin) {
|
||||
delete where.userId;
|
||||
}
|
||||
|
||||
const collectionIds = await user.collectionIds();
|
||||
const shares = await Share.findAll({
|
||||
@@ -58,8 +59,8 @@ router.post('shares.create', auth(), async ctx => {
|
||||
ctx.assertPresent(documentId, 'documentId is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(documentId);
|
||||
const team = await Team.findById(user.teamId);
|
||||
const document = await Document.findByPk(documentId);
|
||||
const team = await Team.findByPk(user.teamId);
|
||||
authorize(user, 'share', document);
|
||||
authorize(user, 'share', team);
|
||||
|
||||
@@ -85,7 +86,7 @@ router.post('shares.revoke', auth(), async ctx => {
|
||||
ctx.assertUuid(id, 'id is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const share = await Share.findById(id);
|
||||
const share = await Share.findByPk(id);
|
||||
authorize(user, 'revoke', share);
|
||||
|
||||
await share.revoke(user.id);
|
||||
|
||||
@@ -11,10 +11,11 @@ afterAll(server.close);
|
||||
|
||||
describe('#shares.list', async () => {
|
||||
it('should only return shares created by user', async () => {
|
||||
const { user, document } = await seed();
|
||||
const { user, admin, document } = await seed();
|
||||
await buildShare({
|
||||
documentId: document.id,
|
||||
teamId: user.teamId,
|
||||
userId: admin.id,
|
||||
});
|
||||
const share = await buildShare({
|
||||
documentId: document.id,
|
||||
@@ -51,10 +52,11 @@ describe('#shares.list', async () => {
|
||||
});
|
||||
|
||||
it('admins should return shares created by all users', async () => {
|
||||
const { admin, document } = await seed();
|
||||
const { user, admin, document } = await seed();
|
||||
const share = await buildShare({
|
||||
documentId: document.id,
|
||||
teamId: admin.teamId,
|
||||
userId: user.id,
|
||||
});
|
||||
const res = await server.post('/api/shares.list', {
|
||||
body: { token: admin.getJwtToken() },
|
||||
@@ -72,6 +74,7 @@ describe('#shares.list', async () => {
|
||||
await buildShare({
|
||||
documentId: document.id,
|
||||
teamId: admin.teamId,
|
||||
userId: admin.id,
|
||||
});
|
||||
|
||||
collection.private = true;
|
||||
|
||||
@@ -15,7 +15,7 @@ router.post('team.update', auth(), async ctx => {
|
||||
const endpoint = publicS3Endpoint();
|
||||
|
||||
const user = ctx.state.user;
|
||||
const team = await Team.findById(user.teamId);
|
||||
const team = await Team.findByPk(user.teamId);
|
||||
authorize(user, 'update', team);
|
||||
|
||||
if (process.env.SUBDOMAINS_ENABLED === 'true') {
|
||||
|
||||
@@ -119,10 +119,10 @@ router.post('users.promote', auth(), async ctx => {
|
||||
const teamId = ctx.state.user.teamId;
|
||||
ctx.assertPresent(userId, 'id is required');
|
||||
|
||||
const user = await User.findById(userId);
|
||||
const user = await User.findByPk(userId);
|
||||
authorize(ctx.state.user, 'promote', user);
|
||||
|
||||
const team = await Team.findById(teamId);
|
||||
const team = await Team.findByPk(teamId);
|
||||
await team.addAdmin(user);
|
||||
|
||||
ctx.body = {
|
||||
@@ -135,10 +135,10 @@ router.post('users.demote', auth(), async ctx => {
|
||||
const teamId = ctx.state.user.teamId;
|
||||
ctx.assertPresent(userId, 'id is required');
|
||||
|
||||
const user = await User.findById(userId);
|
||||
const user = await User.findByPk(userId);
|
||||
authorize(ctx.state.user, 'demote', user);
|
||||
|
||||
const team = await Team.findById(teamId);
|
||||
const team = await Team.findByPk(teamId);
|
||||
try {
|
||||
await team.removeAdmin(user);
|
||||
} catch (err) {
|
||||
@@ -161,10 +161,10 @@ router.post('users.suspend', auth(), async ctx => {
|
||||
const teamId = ctx.state.user.teamId;
|
||||
ctx.assertPresent(userId, 'id is required');
|
||||
|
||||
const user = await User.findById(userId);
|
||||
const user = await User.findByPk(userId);
|
||||
authorize(ctx.state.user, 'suspend', user);
|
||||
|
||||
const team = await Team.findById(teamId);
|
||||
const team = await Team.findByPk(teamId);
|
||||
try {
|
||||
await team.suspendUser(user, admin);
|
||||
} catch (err) {
|
||||
@@ -188,10 +188,10 @@ router.post('users.activate', auth(), async ctx => {
|
||||
const teamId = ctx.state.user.teamId;
|
||||
ctx.assertPresent(userId, 'id is required');
|
||||
|
||||
const user = await User.findById(userId);
|
||||
const user = await User.findByPk(userId);
|
||||
authorize(ctx.state.user, 'activate', user);
|
||||
|
||||
const team = await Team.findById(teamId);
|
||||
const team = await Team.findByPk(teamId);
|
||||
await team.activateUser(user, admin);
|
||||
|
||||
ctx.body = {
|
||||
|
||||
@@ -13,7 +13,7 @@ router.post('views.list', auth(), async ctx => {
|
||||
ctx.assertUuid(documentId, 'documentId is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(documentId);
|
||||
const document = await Document.findByPk(documentId);
|
||||
authorize(user, 'read', document);
|
||||
|
||||
const views = await View.findAll({
|
||||
@@ -37,7 +37,7 @@ router.post('views.create', auth(), async ctx => {
|
||||
ctx.assertUuid(documentId, 'documentId is required');
|
||||
|
||||
const user = ctx.state.user;
|
||||
const document = await Document.findById(documentId);
|
||||
const document = await Document.findByPk(documentId);
|
||||
authorize(user, 'read', document);
|
||||
|
||||
await View.increment({ documentId, userId: user.id });
|
||||
|
||||
@@ -31,7 +31,7 @@ router.get('/redirect', auth(), async ctx => {
|
||||
expires: addMonths(new Date(), 3),
|
||||
});
|
||||
|
||||
const team = await Team.findById(user.teamId);
|
||||
const team = await Team.findByPk(user.teamId);
|
||||
ctx.redirect(`${team.url}/dashboard`);
|
||||
});
|
||||
|
||||
|
||||
@@ -89,7 +89,7 @@ router.get('slack.commands', auth({ required: false }), async ctx => {
|
||||
if (!user) {
|
||||
if (state) {
|
||||
try {
|
||||
const team = await Team.findById(state);
|
||||
const team = await Team.findByPk(state);
|
||||
return ctx.redirect(
|
||||
`${team.url}/auth${ctx.request.path}?${ctx.request.querystring}`
|
||||
);
|
||||
@@ -143,8 +143,8 @@ router.get('slack.post', auth({ required: false }), async ctx => {
|
||||
// appropriate subdomain to complete the oauth flow
|
||||
if (!user) {
|
||||
try {
|
||||
const collection = await Collection.findById(state);
|
||||
const team = await Team.findById(collection.teamId);
|
||||
const collection = await Collection.findByPk(state);
|
||||
const team = await Team.findByPk(collection.teamId);
|
||||
return ctx.redirect(
|
||||
`${team.url}/auth${ctx.request.path}?${ctx.request.querystring}`
|
||||
);
|
||||
|
||||
@@ -36,7 +36,7 @@ export default async function documentMover({
|
||||
document.parentDocumentId = parentDocumentId;
|
||||
|
||||
const newCollection: Collection = collectionChanged
|
||||
? await Collection.findById(collectionId, { transaction })
|
||||
? await Collection.findByPk(collectionId, { transaction })
|
||||
: collection;
|
||||
await newCollection.addDocumentToStructure(document, index, {
|
||||
documentJson,
|
||||
|
||||
@@ -53,7 +53,7 @@ if (process.env.WEBSOCKETS_ENABLED === 'true') {
|
||||
// allow the client to request to join rooms based on
|
||||
// new collections being created.
|
||||
socket.on('join', async event => {
|
||||
const collection = await Collection.findById(event.roomId);
|
||||
const collection = await Collection.findByPk(event.roomId);
|
||||
|
||||
if (can(user, 'read', collection)) {
|
||||
socket.join(`collection-${event.roomId}`);
|
||||
|
||||
@@ -18,7 +18,7 @@ const queueOptions = {
|
||||
|
||||
async function exportAndEmailCollection(collectionId: string, email: string) {
|
||||
log('Archiving collection', collectionId);
|
||||
const collection = await Collection.findById(collectionId);
|
||||
const collection = await Collection.findByPk(collectionId);
|
||||
const filePath = await archiveCollection(collection);
|
||||
|
||||
log('Archive path', filePath);
|
||||
@@ -36,7 +36,7 @@ async function exportAndEmailCollection(collectionId: string, email: string) {
|
||||
|
||||
async function exportAndEmailCollections(teamId: string, email: string) {
|
||||
log('Archiving team', teamId);
|
||||
const team = await Team.findById(teamId);
|
||||
const team = await Team.findByPk(teamId);
|
||||
const collections = await Collection.findAll({
|
||||
where: { teamId },
|
||||
order: [['name', 'ASC']],
|
||||
|
||||
@@ -57,7 +57,7 @@ export default function auth(options?: { required?: boolean } = {}) {
|
||||
|
||||
if (!apiKey) throw new AuthenticationError('Invalid API key');
|
||||
|
||||
user = await User.findById(apiKey.userId);
|
||||
user = await User.findByPk(apiKey.userId);
|
||||
if (!user) throw new AuthenticationError('Invalid API key');
|
||||
} else {
|
||||
// JWT
|
||||
|
||||
@@ -1,7 +1,15 @@
|
||||
module.exports = {
|
||||
up: async (queryInterface, Sequelize) => {
|
||||
await queryInterface.removeConstraint('users', 'email_unique_idx');
|
||||
await queryInterface.removeConstraint('users', 'username_unique_idx');
|
||||
await queryInterface.changeColumn('users', 'email', {
|
||||
type: Sequelize.STRING,
|
||||
unique: false,
|
||||
allowNull: false,
|
||||
});
|
||||
await queryInterface.changeColumn('users', 'username', {
|
||||
type: Sequelize.STRING,
|
||||
unique: false,
|
||||
allowNull: false,
|
||||
});
|
||||
},
|
||||
|
||||
down: async (queryInterface, Sequelize) => {
|
||||
|
||||
@@ -156,7 +156,6 @@ Document.associate = models => {
|
||||
],
|
||||
where: {
|
||||
publishedAt: {
|
||||
// $FlowFixMe
|
||||
[Op.ne]: null,
|
||||
},
|
||||
},
|
||||
@@ -182,7 +181,7 @@ Document.associate = models => {
|
||||
}));
|
||||
};
|
||||
|
||||
Document.findById = async (id, options) => {
|
||||
Document.findByPk = async (id, options) => {
|
||||
const scope = Document.scope('withUnpublished');
|
||||
|
||||
if (isUUID(id)) {
|
||||
@@ -300,7 +299,7 @@ Document.searchForUser = async (
|
||||
Document.addHook('beforeSave', async model => {
|
||||
if (!model.publishedAt) return;
|
||||
|
||||
const collection = await Collection.findById(model.collectionId);
|
||||
const collection = await Collection.findByPk(model.collectionId);
|
||||
if (!collection || collection.type !== 'atlas') return;
|
||||
|
||||
await collection.updateDocument(model);
|
||||
@@ -310,7 +309,7 @@ Document.addHook('beforeSave', async model => {
|
||||
Document.addHook('afterCreate', async model => {
|
||||
if (!model.publishedAt) return;
|
||||
|
||||
const collection = await Collection.findById(model.collectionId);
|
||||
const collection = await Collection.findByPk(model.collectionId);
|
||||
if (!collection || collection.type !== 'atlas') return;
|
||||
|
||||
await collection.addDocumentToStructure(model);
|
||||
@@ -366,7 +365,7 @@ Document.prototype.archiveWithChildren = async function(userId, options) {
|
||||
Document.prototype.publish = async function() {
|
||||
if (this.publishedAt) return this.save();
|
||||
|
||||
const collection = await Collection.findById(this.collectionId);
|
||||
const collection = await Collection.findByPk(this.collectionId);
|
||||
if (collection.type !== 'atlas') return this.save();
|
||||
|
||||
await collection.addDocumentToStructure(this);
|
||||
@@ -402,7 +401,6 @@ Document.prototype.unarchive = async function(userId) {
|
||||
where: {
|
||||
id: this.parentDocumentId,
|
||||
archivedAt: {
|
||||
// $FlowFixMe
|
||||
[Op.eq]: null,
|
||||
},
|
||||
},
|
||||
|
||||
@@ -131,7 +131,6 @@ Team.prototype.removeAdmin = async function(user: User) {
|
||||
teamId: this.id,
|
||||
isAdmin: true,
|
||||
id: {
|
||||
// $FlowFixMe
|
||||
[Op.ne]: user.id,
|
||||
},
|
||||
},
|
||||
|
||||
@@ -159,7 +159,7 @@ User.beforeDestroy(removeIdentifyingInfo);
|
||||
User.beforeSave(uploadAvatar);
|
||||
User.beforeCreate(setRandomJwtSecret);
|
||||
User.afterCreate(async user => {
|
||||
const team = await Team.findById(user.teamId);
|
||||
const team = await Team.findByPk(user.teamId);
|
||||
sendEmail('welcome', user.email, { teamUrl: team.url });
|
||||
});
|
||||
|
||||
|
||||
@@ -113,7 +113,7 @@ router.get('/', async ctx => {
|
||||
) {
|
||||
const domain = parseDomain(ctx.request.hostname);
|
||||
const subdomain = domain ? domain.subdomain : undefined;
|
||||
const team = await Team.find({
|
||||
const team = await Team.findOne({
|
||||
where: { subdomain },
|
||||
});
|
||||
if (team) {
|
||||
|
||||
@@ -3,9 +3,10 @@ import Sequelize from 'sequelize';
|
||||
import EncryptedField from 'sequelize-encrypted';
|
||||
import debug from 'debug';
|
||||
|
||||
const secretKey = process.env.SECRET_KEY;
|
||||
|
||||
export const encryptedFields = EncryptedField(Sequelize, secretKey);
|
||||
export const encryptedFields = EncryptedField(
|
||||
Sequelize,
|
||||
process.env.SECRET_KEY
|
||||
);
|
||||
|
||||
export const DataTypes = Sequelize;
|
||||
export const Op = Sequelize.Op;
|
||||
@@ -13,5 +14,4 @@ export const Op = Sequelize.Op;
|
||||
export const sequelize = new Sequelize(process.env.DATABASE_URL, {
|
||||
logging: debug('sql'),
|
||||
typeValidation: true,
|
||||
operatorsAliases: false,
|
||||
});
|
||||
|
||||
@@ -23,7 +23,7 @@ export default class Notifications {
|
||||
// wait until the user has finished editing
|
||||
if (!event.done) return;
|
||||
|
||||
const document = await Document.findById(event.modelId);
|
||||
const document = await Document.findByPk(event.modelId);
|
||||
if (!document) return;
|
||||
|
||||
const { collection } = document;
|
||||
@@ -32,7 +32,6 @@ export default class Notifications {
|
||||
const notificationSettings = await NotificationSetting.findAll({
|
||||
where: {
|
||||
userId: {
|
||||
// $FlowFixMe
|
||||
[Op.ne]: document.lastModifiedById,
|
||||
},
|
||||
teamId: document.teamId,
|
||||
@@ -73,7 +72,7 @@ export default class Notifications {
|
||||
}
|
||||
|
||||
async collectionCreated(event: Event) {
|
||||
const collection = await Collection.findById(event.modelId, {
|
||||
const collection = await Collection.findByPk(event.modelId, {
|
||||
include: [
|
||||
{
|
||||
model: User,
|
||||
@@ -88,7 +87,6 @@ export default class Notifications {
|
||||
const notificationSettings = await NotificationSetting.findAll({
|
||||
where: {
|
||||
userId: {
|
||||
// $FlowFixMe
|
||||
[Op.ne]: collection.createdById,
|
||||
},
|
||||
teamId: collection.teamId,
|
||||
|
||||
@@ -60,7 +60,7 @@ export default class Slack {
|
||||
// lets not send a notification on every autosave update
|
||||
if (event.autosave) return;
|
||||
|
||||
const document = await Document.findById(event.modelId);
|
||||
const document = await Document.findByPk(event.modelId);
|
||||
if (!document) return;
|
||||
|
||||
// never send information on draft documents
|
||||
@@ -76,7 +76,7 @@ export default class Slack {
|
||||
});
|
||||
if (!integration) return;
|
||||
|
||||
const team = await Team.findById(document.teamId);
|
||||
const team = await Team.findByPk(document.teamId);
|
||||
|
||||
let text = `${document.createdBy.name} published a new document`;
|
||||
|
||||
|
||||
@@ -17,7 +17,7 @@ export default class Websockets {
|
||||
case 'documents.unpin':
|
||||
case 'documents.update':
|
||||
case 'documents.delete': {
|
||||
const document = await Document.findById(event.modelId, {
|
||||
const document = await Document.findByPk(event.modelId, {
|
||||
paranoid: false,
|
||||
});
|
||||
const documents = [await presentDocument(document)];
|
||||
@@ -32,7 +32,7 @@ export default class Websockets {
|
||||
});
|
||||
}
|
||||
case 'documents.create': {
|
||||
const document = await Document.findById(event.modelId);
|
||||
const document = await Document.findByPk(event.modelId);
|
||||
const documents = [await presentDocument(document)];
|
||||
const collections = [await presentCollection(document.collection)];
|
||||
|
||||
@@ -78,7 +78,7 @@ export default class Websockets {
|
||||
return;
|
||||
}
|
||||
case 'collections.create': {
|
||||
const collection = await Collection.findById(event.modelId, {
|
||||
const collection = await Collection.findByPk(event.modelId, {
|
||||
paranoid: false,
|
||||
});
|
||||
const collections = [await presentCollection(collection)];
|
||||
@@ -106,7 +106,7 @@ export default class Websockets {
|
||||
}
|
||||
case 'collections.update':
|
||||
case 'collections.delete': {
|
||||
const collection = await Collection.findById(event.modelId, {
|
||||
const collection = await Collection.findByPk(event.modelId, {
|
||||
paranoid: false,
|
||||
});
|
||||
const collections = [await presentCollection(collection)];
|
||||
|
||||
@@ -23,21 +23,6 @@ const seed = async () => {
|
||||
},
|
||||
});
|
||||
|
||||
const user = await User.create({
|
||||
id: '46fde1d4-0050-428f-9f0b-0bf77f4bdf61',
|
||||
email: 'user1@example.com',
|
||||
username: 'user1',
|
||||
name: 'User 1',
|
||||
teamId: team.id,
|
||||
service: 'slack',
|
||||
serviceId: 'U2399UF2P',
|
||||
slackData: {
|
||||
id: 'U2399UF2P',
|
||||
image_192: 'http://example.com/avatar.png',
|
||||
},
|
||||
createdAt: new Date('2018-01-01T00:00:00.000Z'),
|
||||
});
|
||||
|
||||
const admin = await User.create({
|
||||
id: 'fa952cff-fa64-4d42-a6ea-6955c9689046',
|
||||
email: 'admin@example.com',
|
||||
@@ -54,6 +39,21 @@ const seed = async () => {
|
||||
createdAt: new Date('2018-01-01T00:00:00.000Z'),
|
||||
});
|
||||
|
||||
const user = await User.create({
|
||||
id: '46fde1d4-0050-428f-9f0b-0bf77f4bdf61',
|
||||
email: 'user1@example.com',
|
||||
username: 'user1',
|
||||
name: 'User 1',
|
||||
teamId: team.id,
|
||||
service: 'slack',
|
||||
serviceId: 'U2399UF2P',
|
||||
slackData: {
|
||||
id: 'U2399UF2P',
|
||||
image_192: 'http://example.com/avatar.png',
|
||||
},
|
||||
createdAt: new Date('2018-01-02T00:00:00.000Z'),
|
||||
});
|
||||
|
||||
const collection = await Collection.create({
|
||||
id: '26fde1d4-0050-428f-9f0b-0bf77f8bdf62',
|
||||
name: 'Collection',
|
||||
|
||||
@@ -13,7 +13,7 @@ export async function getUserForJWT(token: string) {
|
||||
|
||||
if (!payload) throw new AuthenticationError('Invalid token');
|
||||
|
||||
const user = await User.findById(payload.id);
|
||||
const user = await User.findByPk(payload.id);
|
||||
|
||||
try {
|
||||
JWT.verify(token, user.jwtSecret);
|
||||
|
||||
@@ -7,7 +7,7 @@ import { Collection, Document } from '../models';
|
||||
|
||||
async function addToArchive(zip, documents) {
|
||||
for (const doc of documents) {
|
||||
const document = await Document.findById(doc.id);
|
||||
const document = await Document.findByPk(doc.id);
|
||||
|
||||
zip.file(`${document.title}.md`, unescape(document.text));
|
||||
|
||||
|
||||
Reference in New Issue
Block a user