yuuza/outline
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Prepping /document.info for public docs

Browse Source
This commit is contained in:
Jori Lallo
2016-05-30 12:36:37 -07:00
parent d2ca72c8f3
commit 5ffa61791b
3 changed files with 45 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
server/api/documents.js
View File

@@ -8,23 +8,35 @@ import { Document, Atlas } from '../models';
const router = new Router();
router.post('documents.info', auth(), async (ctx) => {
router.post('documents.info', auth({ require: false }), async (ctx) => {
let { id } = ctx.request.body;
ctx.assertPresent(id, 'id is required');
const team = await ctx.state.user.getTeam();
const document = await Document.findOne({
where: {
id: id,
teamId: team.id,
},
});
if (!document) throw httpErrors.NotFound();
// Don't expose private documents outside the team
if (document.private) {
if (!ctx.state.user) throw httpErrors.NotFound();
ctx.body = {
data: await presentDocument(document, true),
};
const team = await ctx.state.user.getTeam();
if (document.teamId !== team.id) {
if (!document) throw httpErrors.NotFound();
}
ctx.body = {
data: await presentDocument(document, true),
};
} else {
ctx.body = {
data: await presentDocument(document),
};
}
if (!document) throw httpErrors.NotFound();
});