From 0cfc3e03bb6db961ef3cef2a998df220b7b7a8f8 Mon Sep 17 00:00:00 2001 From: Girish Ramakrishnan Date: Mon, 20 Sep 2021 22:39:35 -0700 Subject: [PATCH] Use concrete resource name instead of generic "resource" --- src/routes/apps.js | 150 ++++++++++++++++++------------------ src/routes/notifications.js | 10 +-- src/routes/users.js | 2 +- src/routes/volumes.js | 8 +- 4 files changed, 85 insertions(+), 85 deletions(-) diff --git a/src/routes/apps.js b/src/routes/apps.js index 98cde9ff8..b1a3f9403 100644 --- a/src/routes/apps.js +++ b/src/routes/apps.js @@ -66,15 +66,15 @@ async function load(req, res, next) { if (error) return next(BoxError.toHttpError(error)); if (!result) return next(new HttpError(404, 'App not found')); - req.resource = result; + req.app = result; next(); } function getApp(req, res, next) { - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); - next(new HttpSuccess(200, apps.removeInternalFields(req.resource))); + next(new HttpSuccess(200, apps.removeInternalFields(req.app))); } async function listByUser(req, res, next) { @@ -89,9 +89,9 @@ async function listByUser(req, res, next) { } async function getAppIcon(req, res, next) { - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); - const [error, icon] = await safe(apps.getIcon(req.resource, { original: req.query.original })); + const [error, icon] = await safe(apps.getIcon(req.app, { original: req.query.original })); if (error) return next(BoxError.toHttpError(error)); res.send(icon); @@ -161,11 +161,11 @@ async function install(req, res, next) { async function setAccessRestriction(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (typeof req.body.accessRestriction !== 'object') return next(new HttpError(400, 'accessRestriction must be an object')); - const [error] = await safe(apps.setAccessRestriction(req.resource, req.body.accessRestriction, auditSource.fromRequest(req))); + const [error] = await safe(apps.setAccessRestriction(req.app, req.body.accessRestriction, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(200, {})); @@ -173,11 +173,11 @@ async function setAccessRestriction(req, res, next) { async function setLabel(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (typeof req.body.label !== 'string') return next(new HttpError(400, 'label must be a string')); - const [error] = await safe(apps.setLabel(req.resource, req.body.label, auditSource.fromRequest(req))); + const [error] = await safe(apps.setLabel(req.app, req.body.label, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(200, {})); @@ -185,12 +185,12 @@ async function setLabel(req, res, next) { async function setTags(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (!Array.isArray(req.body.tags)) return next(new HttpError(400, 'tags must be an array')); if (req.body.tags.some((t) => typeof t !== 'string')) return next(new HttpError(400, 'tags array must contain strings')); - const [error] = await safe(apps.setTags(req.resource, req.body.tags, auditSource.fromRequest(req))); + const [error] = await safe(apps.setTags(req.app, req.body.tags, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(200, {})); @@ -198,11 +198,11 @@ async function setTags(req, res, next) { async function setIcon(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (req.body.icon !== null && typeof req.body.icon !== 'string') return next(new HttpError(400, 'icon is null or a base-64 image string')); - const [error] = await safe(apps.setIcon(req.resource, req.body.icon || null /* empty string means null */, auditSource.fromRequest(req))); + const [error] = await safe(apps.setIcon(req.app, req.body.icon || null /* empty string means null */, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(200, {})); @@ -210,11 +210,11 @@ async function setIcon(req, res, next) { async function setMemoryLimit(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (typeof req.body.memoryLimit !== 'number') return next(new HttpError(400, 'memoryLimit is not a number')); - const [error, result] = await safe(apps.setMemoryLimit(req.resource, req.body.memoryLimit, auditSource.fromRequest(req))); + const [error, result] = await safe(apps.setMemoryLimit(req.app, req.body.memoryLimit, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); @@ -222,11 +222,11 @@ async function setMemoryLimit(req, res, next) { function setCpuShares(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (typeof req.body.cpuShares !== 'number') return next(new HttpError(400, 'cpuShares is not a number')); - apps.setCpuShares(req.resource, req.body.cpuShares, auditSource.fromRequest(req), function (error, result) { + apps.setCpuShares(req.app, req.body.cpuShares, auditSource.fromRequest(req), function (error, result) { if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); @@ -235,11 +235,11 @@ function setCpuShares(req, res, next) { async function setAutomaticBackup(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (typeof req.body.enable !== 'boolean') return next(new HttpError(400, 'enable must be a boolean')); - const [error] = await safe(apps.setAutomaticBackup(req.resource, req.body.enable, auditSource.fromRequest(req))); + const [error] = await safe(apps.setAutomaticBackup(req.app, req.body.enable, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(200, {})); @@ -247,11 +247,11 @@ async function setAutomaticBackup(req, res, next) { async function setAutomaticUpdate(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (typeof req.body.enable !== 'boolean') return next(new HttpError(400, 'enable must be a boolean')); - const [error] = await safe(apps.setAutomaticUpdate(req.resource, req.body.enable, auditSource.fromRequest(req))); + const [error] = await safe(apps.setAutomaticUpdate(req.app, req.body.enable, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(200, {})); @@ -259,13 +259,13 @@ async function setAutomaticUpdate(req, res, next) { async function setReverseProxyConfig(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (req.body.robotsTxt !== null && typeof req.body.robotsTxt !== 'string') return next(new HttpError(400, 'robotsTxt is not a string')); if (req.body.csp !== null && typeof req.body.csp !== 'string') return next(new HttpError(400, 'csp is not a string')); - const [error] = await safe(apps.setReverseProxyConfig(req.resource, req.body, auditSource.fromRequest(req))); + const [error] = await safe(apps.setReverseProxyConfig(req.app, req.body, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(200, {})); @@ -273,7 +273,7 @@ async function setReverseProxyConfig(req, res, next) { async function setCertificate(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (typeof req.body.location !== 'string') return next(new HttpError(400, 'location must be string')); // location may be an empty string if (!req.body.domain) return next(new HttpError(400, 'domain is required')); @@ -284,7 +284,7 @@ async function setCertificate(req, res, next) { if (req.body.cert && !req.body.key) return next(new HttpError(400, 'key must be provided')); if (!req.body.cert && req.body.key) return next(new HttpError(400, 'cert must be provided')); - const [error] = await safe(apps.setCertificate(req.resource, req.body, auditSource.fromRequest(req))); + const [error] = await safe(apps.setCertificate(req.app, req.body, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(200, {})); @@ -292,12 +292,12 @@ async function setCertificate(req, res, next) { async function setEnvironment(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (!req.body.env || typeof req.body.env !== 'object') return next(new HttpError(400, 'env must be an object')); if (Object.keys(req.body.env).some((key) => typeof req.body.env[key] !== 'string')) return next(new HttpError(400, 'env must contain values as strings')); - const [error, result] = await safe(apps.setEnvironment(req.resource, req.body.env, auditSource.fromRequest(req))); + const [error, result] = await safe(apps.setEnvironment(req.app, req.body.env, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); @@ -305,11 +305,11 @@ async function setEnvironment(req, res, next) { async function setDebugMode(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (req.body.debugMode !== null && typeof req.body.debugMode !== 'object') return next(new HttpError(400, 'debugMode must be an object')); - const [error, result] = await safe(apps.setDebugMode(req.resource, req.body.debugMode, auditSource.fromRequest(req))); + const [error, result] = await safe(apps.setDebugMode(req.app, req.body.debugMode, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); @@ -317,7 +317,7 @@ async function setDebugMode(req, res, next) { async function setMailbox(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (typeof req.body.enable !== 'boolean') return next(new HttpError(400, 'enable must be a boolean')); if (req.body.enable) { @@ -325,7 +325,7 @@ async function setMailbox(req, res, next) { if (typeof req.body.mailboxDomain !== 'string') return next(new HttpError(400, 'mailboxDomain must be a string')); } - const [error, result] = await safe(apps.setMailbox(req.resource, req.body, auditSource.fromRequest(req))); + const [error, result] = await safe(apps.setMailbox(req.app, req.body, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); @@ -333,7 +333,7 @@ async function setMailbox(req, res, next) { async function setLocation(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (typeof req.body.location !== 'string') return next(new HttpError(400, 'location must be string')); // location may be an empty string if (!req.body.domain) return next(new HttpError(400, 'domain is required')); @@ -354,7 +354,7 @@ async function setLocation(req, res, next) { if ('overwriteDns' in req.body && typeof req.body.overwriteDns !== 'boolean') return next(new HttpError(400, 'overwriteDns must be boolean')); if ('skipDnsSetup' in req.body && typeof req.body.skipDnsSetup !== 'boolean') return next(new HttpError(400, 'skipDnsSetup must be boolean')); - const [error, result] = await safe(apps.setLocation(req.resource, req.body, auditSource.fromRequest(req))); + const [error, result] = await safe(apps.setLocation(req.app, req.body, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); @@ -362,11 +362,11 @@ async function setLocation(req, res, next) { async function setDataDir(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (req.body.dataDir !== null && typeof req.body.dataDir !== 'string') return next(new HttpError(400, 'dataDir must be a string')); - const [error, result] = await safe(apps.setDataDir(req.resource, req.body.dataDir, auditSource.fromRequest(req))); + const [error, result] = await safe(apps.setDataDir(req.app, req.body.dataDir, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); @@ -374,7 +374,7 @@ async function setDataDir(req, res, next) { async function repair(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); const data = req.body; @@ -388,7 +388,7 @@ async function repair(req, res, next) { if (!data.dockerImage || typeof data.dockerImage !== 'string') return next(new HttpError(400, 'dockerImage must be a string')); } - const [error, result] = await safe(apps.repair(req.resource, data, auditSource.fromRequest(req))); + const [error, result] = await safe(apps.repair(req.app, data, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); @@ -396,13 +396,13 @@ async function repair(req, res, next) { async function restore(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); const data = req.body; if (!data.backupId || typeof data.backupId !== 'string') return next(new HttpError(400, 'backupId must be non-empty string')); - const [error, result] = await safe(apps.restore(req.resource, data.backupId, auditSource.fromRequest(req))); + const [error, result] = await safe(apps.restore(req.app, data.backupId, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); @@ -410,7 +410,7 @@ async function restore(req, res, next) { async function importApp(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); const data = req.body; @@ -432,7 +432,7 @@ async function importApp(req, res, next) { } } - const [error, result] = await safe(apps.importApp(req.resource, data, auditSource.fromRequest(req))); + const [error, result] = await safe(apps.importApp(req.app, data, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); @@ -440,9 +440,9 @@ async function importApp(req, res, next) { async function exportApp(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); - const [error, result] = await safe(apps.exportApp(req.resource, {}, auditSource.fromRequest(req))); + const [error, result] = await safe(apps.exportApp(req.app, {}, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); @@ -450,7 +450,7 @@ async function exportApp(req, res, next) { async function clone(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); var data = req.body; @@ -462,52 +462,52 @@ async function clone(req, res, next) { if ('overwriteDns' in req.body && typeof req.body.overwriteDns !== 'boolean') return next(new HttpError(400, 'overwriteDns must be boolean')); if ('skipDnsSetup' in req.body && typeof req.body.skipDnsSetup !== 'boolean') return next(new HttpError(400, 'skipDnsSetup must be boolean')); - const [error, result] = await safe(apps.clone(req.resource, data, req.user, auditSource.fromRequest(req))); + const [error, result] = await safe(apps.clone(req.app, data, req.user, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(201, { id: result.id, taskId: result.taskId })); } async function backup(req, res, next) { - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); - const [error, result] = await safe(apps.backup(req.resource)); + const [error, result] = await safe(apps.backup(req.app)); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); } async function uninstall(req, res, next) { - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); - const [error, result] = await safe(apps.uninstall(req.resource, auditSource.fromRequest(req))); + const [error, result] = await safe(apps.uninstall(req.app, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); } async function start(req, res, next) { - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); - const [error, result] = await safe(apps.start(req.resource, auditSource.fromRequest(req))); + const [error, result] = await safe(apps.start(req.app, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); } async function stop(req, res, next) { - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); - const [error, result] = await safe(apps.stop(req.resource, auditSource.fromRequest(req))); + const [error, result] = await safe(apps.stop(req.app, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); } async function restart(req, res, next) { - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); - const [error, result] = await safe(apps.restart(req.resource, auditSource.fromRequest(req))); + const [error, result] = await safe(apps.restart(req.app, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); @@ -515,7 +515,7 @@ async function restart(req, res, next) { async function update(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); const data = req.body; @@ -536,7 +536,7 @@ async function update(req, res, next) { data.appStoreId = appStoreId; data.manifest = manifest; - [error, result] = await safe(apps.updateApp(req.resource, data, auditSource.fromRequest(req))); + [error, result] = await safe(apps.updateApp(req.app, data, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); @@ -544,7 +544,7 @@ async function update(req, res, next) { // this route is for streaming logs function getLogStream(req, res, next) { - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); var lines = 'lines' in req.query ? parseInt(req.query.lines, 10) : 10; // we ignore last-event-id if (isNaN(lines)) return next(new HttpError(400, 'lines must be a valid number')); @@ -559,7 +559,7 @@ function getLogStream(req, res, next) { format: 'json' }; - apps.getLogs(req.resource, options, function (error, logStream) { + apps.getLogs(req.app, options, function (error, logStream) { if (error) return next(BoxError.toHttpError(error)); res.writeHead(200, { @@ -581,7 +581,7 @@ function getLogStream(req, res, next) { } function getLogs(req, res, next) { - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); var lines = 'lines' in req.query ? parseInt(req.query.lines, 10) : 10; if (isNaN(lines)) return next(new HttpError(400, 'lines must be a number')); @@ -592,12 +592,12 @@ function getLogs(req, res, next) { format: req.query.format || 'json' }; - apps.getLogs(req.resource, options, function (error, logStream) { + apps.getLogs(req.app, options, function (error, logStream) { if (error) return next(BoxError.toHttpError(error)); res.writeHead(200, { 'Content-Type': 'application/x-logs', - 'Content-Disposition': `attachment; filename="${req.resource.id}.log"`, + 'Content-Disposition': `attachment; filename="${req.app.id}.log"`, 'Cache-Control': 'no-cache', 'X-Accel-Buffering': 'no' // disable nginx buffering }); @@ -628,7 +628,7 @@ function demuxStream(stream, stdin) { } async function exec(req, res, next) { - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); let cmd = null; if (req.query.cmd) { @@ -644,12 +644,12 @@ async function exec(req, res, next) { const tty = req.query.tty === 'true'; - if (safe.query(req.resource, 'manifest.addons.docker') && req.user.role !== users.ROLE_OWNER) return next(new HttpError(403, '"owner" role is requied to exec app with docker addon')); + if (safe.query(req.app, 'manifest.addons.docker') && req.user.role !== users.ROLE_OWNER) return next(new HttpError(403, '"owner" role is requied to exec app with docker addon')); // in a badly configured reverse proxy, we might be here without an upgrade if (req.headers['upgrade'] !== 'tcp') return next(new HttpError(404, 'exec requires TCP upgrade')); - const [error, duplexStream] = await safe(apps.exec(req.resource, { cmd: cmd, rows: rows, columns: columns, tty: tty })); + const [error, duplexStream] = await safe(apps.exec(req.app, { cmd: cmd, rows: rows, columns: columns, tty: tty })); if (error) return next(BoxError.toHttpError(error)); req.clearTimeout(); @@ -668,7 +668,7 @@ async function exec(req, res, next) { } async function execWebSocket(req, res, next) { - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); let cmd = null; if (req.query.cmd) { @@ -687,7 +687,7 @@ async function execWebSocket(req, res, next) { // in a badly configured reverse proxy, we might be here without an upgrade if (req.headers['upgrade'] !== 'websocket') return next(new HttpError(404, 'exec requires websocket')); - const [error, duplexStream] = await safe(apps.exec(req.resource, { cmd: cmd, rows: rows, columns: columns, tty: tty })); + const [error, duplexStream] = await safe(apps.exec(req.app, { cmd: cmd, rows: rows, columns: columns, tty: tty })); if (error) return next(BoxError.toHttpError(error)); req.clearTimeout(); @@ -716,7 +716,7 @@ async function execWebSocket(req, res, next) { } async function listBackups(req, res, next) { - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); const page = typeof req.query.page !== 'undefined' ? parseInt(req.query.page) : 1; if (!page || page < 0) return next(new HttpError(400, 'page query param has to be a postive number')); @@ -724,19 +724,19 @@ async function listBackups(req, res, next) { const perPage = typeof req.query.per_page !== 'undefined'? parseInt(req.query.per_page) : 25; if (!perPage || perPage < 0) return next(new HttpError(400, 'per_page query param has to be a postive number')); - const [error, result] = await safe(apps.listBackups(req.resource, page, perPage)); + const [error, result] = await safe(apps.listBackups(req.app, page, perPage)); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(200, { backups: result })); } function uploadFile(req, res, next) { - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (typeof req.query.file !== 'string' || !req.query.file) return next(new HttpError(400, 'file query argument must be provided')); if (!req.files.file) return next(new HttpError(400, 'file must be provided as multipart')); - apps.uploadFile(req.resource, req.files.file.path, req.query.file, function (error) { + apps.uploadFile(req.app, req.files.file.path, req.query.file, function (error) { if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, {})); @@ -744,11 +744,11 @@ function uploadFile(req, res, next) { } function downloadFile(req, res, next) { - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (typeof req.query.file !== 'string' || !req.query.file) return next(new HttpError(400, 'file query argument must be provided')); - apps.downloadFile(req.resource, req.query.file, function (error, stream, info) { + apps.downloadFile(req.app, req.query.file, function (error, stream, info) { if (error) return next(BoxError.toHttpError(error)); var headers = { @@ -765,7 +765,7 @@ function downloadFile(req, res, next) { async function setMounts(req, res, next) { assert.strictEqual(typeof req.body, 'object'); - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.app, 'object'); if (!Array.isArray(req.body.mounts)) return next(new HttpError(400, 'mounts should be an array')); for (let m of req.body.mounts) { @@ -774,7 +774,7 @@ async function setMounts(req, res, next) { if (typeof m.readOnly !== 'boolean') return next(new HttpError(400, 'readOnly must be a boolean')); } - const [error, result] = await safe(apps.setMounts(req.resource, req.body.mounts, auditSource.fromRequest(req))); + const [error, result] = await safe(apps.setMounts(req.app, req.body.mounts, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(202, { taskId: result.taskId })); diff --git a/src/routes/notifications.js b/src/routes/notifications.js index a4d22857a..957f46fa2 100644 --- a/src/routes/notifications.js +++ b/src/routes/notifications.js @@ -21,14 +21,14 @@ async function load(req, res, next) { if (error) return next(BoxError.toHttpError(error)); if (!result) return next(new HttpError(404, 'Notification not found')); - req.resource = result; + req.notification = result; next(); } function get(req, res, next) { - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.notification, 'object'); - next(new HttpSuccess(200, req.resource)); + next(new HttpSuccess(200, req.notification)); } async function list(req, res, next) { @@ -49,12 +49,12 @@ async function list(req, res, next) { } async function update(req, res, next) { - assert.strictEqual(typeof req.resource, 'object'); + assert.strictEqual(typeof req.notification, 'object'); assert.strictEqual(typeof req.body, 'object'); if (typeof req.body.acknowledged !== 'boolean') return next(new HttpError(400, 'acknowledged must be a booliean')); - const [error] = await safe(notifications.update(req.resource, { acknowledged: req.body.acknowledged })); + const [error] = await safe(notifications.update(req.notification, { acknowledged: req.body.acknowledged })); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(204, {})); } diff --git a/src/routes/users.js b/src/routes/users.js index 0f1eb41ac..0b227f06f 100644 --- a/src/routes/users.js +++ b/src/routes/users.js @@ -33,7 +33,7 @@ async function load(req, res, next) { const [error, result] = await safe(users.get(req.params.userId)); if (error) return next(BoxError.toHttpError(error)); if (!result) return next(new HttpError(404, 'User not found')); - req.resource = result; + req.resource = result; // this is not req.user because req.user is already the authenticated user next(); } diff --git a/src/routes/volumes.js b/src/routes/volumes.js index 5664a300d..d7d0ef1a0 100644 --- a/src/routes/volumes.js +++ b/src/routes/volumes.js @@ -23,7 +23,7 @@ async function load(req, res, next) { const [error, result] = await safe(volumes.get(req.params.id)); if (error) return next(BoxError.toHttpError(error)); if (!result) return next(new HttpError(404, 'Volume not found')); - req.resource = result; + req.volume = result; next(); } @@ -46,13 +46,13 @@ async function add(req, res, next) { async function get(req, res, next) { assert.strictEqual(typeof req.params.id, 'string'); - next(new HttpSuccess(200, volumes.removePrivateFields(req.resource))); + next(new HttpSuccess(200, volumes.removePrivateFields(req.volume))); } async function del(req, res, next) { assert.strictEqual(typeof req.params.id, 'string'); - const [error] = await safe(volumes.del(req.resource, auditSource.fromRequest(req))); + const [error] = await safe(volumes.del(req.volume, auditSource.fromRequest(req))); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(204)); } @@ -69,7 +69,7 @@ async function list(req, res, next) { async function getStatus(req, res, next) { assert.strictEqual(typeof req.params.id, 'string'); - const [error, status] = await safe(volumes.getStatus(req.resource)); + const [error, status] = await safe(volumes.getStatus(req.volume)); if (error) return next(BoxError.toHttpError(error)); next(new HttpSuccess(200, status)); }