jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Use concrete resource name instead of generic "resource"

Browse Source
This commit is contained in:
Girish Ramakrishnan
2021-09-20 22:39:35 -07:00
parent d1e8fded65
commit 0cfc3e03bb
4 changed files with 85 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

150
src/routes/apps.js
View File

@@ -66,15 +66,15 @@ async function load(req, res, next) {
if (error) return next(BoxError.toHttpError(error));
if (!result) return next(new HttpError(404, 'App not found'));
req.resource = result;
req.app = result;
next();
}
function getApp(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
next(new HttpSuccess(200, apps.removeInternalFields(req.resource)));
next(new HttpSuccess(200, apps.removeInternalFields(req.app)));
}
async function listByUser(req, res, next) {
@@ -89,9 +89,9 @@ async function listByUser(req, res, next) {
}
async function getAppIcon(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
const [error, icon] = await safe(apps.getIcon(req.resource, { original: req.query.original }));
const [error, icon] = await safe(apps.getIcon(req.app, { original: req.query.original }));
if (error) return next(BoxError.toHttpError(error));
res.send(icon);
@@ -161,11 +161,11 @@ async function install(req, res, next) {
async function setAccessRestriction(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (typeof req.body.accessRestriction !== 'object') return next(new HttpError(400, 'accessRestriction must be an object'));
const [error] = await safe(apps.setAccessRestriction(req.resource, req.body.accessRestriction, auditSource.fromRequest(req)));
const [error] = await safe(apps.setAccessRestriction(req.app, req.body.accessRestriction, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, {}));
@@ -173,11 +173,11 @@ async function setAccessRestriction(req, res, next) {
async function setLabel(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (typeof req.body.label !== 'string') return next(new HttpError(400, 'label must be a string'));
const [error] = await safe(apps.setLabel(req.resource, req.body.label, auditSource.fromRequest(req)));
const [error] = await safe(apps.setLabel(req.app, req.body.label, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, {}));
@@ -185,12 +185,12 @@ async function setLabel(req, res, next) {
async function setTags(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (!Array.isArray(req.body.tags)) return next(new HttpError(400, 'tags must be an array'));
if (req.body.tags.some((t) => typeof t !== 'string')) return next(new HttpError(400, 'tags array must contain strings'));
const [error] = await safe(apps.setTags(req.resource, req.body.tags, auditSource.fromRequest(req)));
const [error] = await safe(apps.setTags(req.app, req.body.tags, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, {}));
@@ -198,11 +198,11 @@ async function setTags(req, res, next) {
async function setIcon(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (req.body.icon !== null && typeof req.body.icon !== 'string') return next(new HttpError(400, 'icon is null or a base-64 image string'));
const [error] = await safe(apps.setIcon(req.resource, req.body.icon || null /* empty string means null */, auditSource.fromRequest(req)));
const [error] = await safe(apps.setIcon(req.app, req.body.icon || null /* empty string means null */, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, {}));
@@ -210,11 +210,11 @@ async function setIcon(req, res, next) {
async function setMemoryLimit(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (typeof req.body.memoryLimit !== 'number') return next(new HttpError(400, 'memoryLimit is not a number'));
const [error, result] = await safe(apps.setMemoryLimit(req.resource, req.body.memoryLimit, auditSource.fromRequest(req)));
const [error, result] = await safe(apps.setMemoryLimit(req.app, req.body.memoryLimit, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
@@ -222,11 +222,11 @@ async function setMemoryLimit(req, res, next) {
function setCpuShares(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (typeof req.body.cpuShares !== 'number') return next(new HttpError(400, 'cpuShares is not a number'));
apps.setCpuShares(req.resource, req.body.cpuShares, auditSource.fromRequest(req), function (error, result) {
apps.setCpuShares(req.app, req.body.cpuShares, auditSource.fromRequest(req), function (error, result) {
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
@@ -235,11 +235,11 @@ function setCpuShares(req, res, next) {
async function setAutomaticBackup(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (typeof req.body.enable !== 'boolean') return next(new HttpError(400, 'enable must be a boolean'));
const [error] = await safe(apps.setAutomaticBackup(req.resource, req.body.enable, auditSource.fromRequest(req)));
const [error] = await safe(apps.setAutomaticBackup(req.app, req.body.enable, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, {}));
@@ -247,11 +247,11 @@ async function setAutomaticBackup(req, res, next) {
async function setAutomaticUpdate(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (typeof req.body.enable !== 'boolean') return next(new HttpError(400, 'enable must be a boolean'));
const [error] = await safe(apps.setAutomaticUpdate(req.resource, req.body.enable, auditSource.fromRequest(req)));
const [error] = await safe(apps.setAutomaticUpdate(req.app, req.body.enable, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, {}));
@@ -259,13 +259,13 @@ async function setAutomaticUpdate(req, res, next) {
async function setReverseProxyConfig(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (req.body.robotsTxt !== null && typeof req.body.robotsTxt !== 'string') return next(new HttpError(400, 'robotsTxt is not a string'));
if (req.body.csp !== null && typeof req.body.csp !== 'string') return next(new HttpError(400, 'csp is not a string'));
const [error] = await safe(apps.setReverseProxyConfig(req.resource, req.body, auditSource.fromRequest(req)));
const [error] = await safe(apps.setReverseProxyConfig(req.app, req.body, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, {}));
@@ -273,7 +273,7 @@ async function setReverseProxyConfig(req, res, next) {
async function setCertificate(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (typeof req.body.location !== 'string') return next(new HttpError(400, 'location must be string')); // location may be an empty string
if (!req.body.domain) return next(new HttpError(400, 'domain is required'));
@@ -284,7 +284,7 @@ async function setCertificate(req, res, next) {
if (req.body.cert && !req.body.key) return next(new HttpError(400, 'key must be provided'));
if (!req.body.cert && req.body.key) return next(new HttpError(400, 'cert must be provided'));
const [error] = await safe(apps.setCertificate(req.resource, req.body, auditSource.fromRequest(req)));
const [error] = await safe(apps.setCertificate(req.app, req.body, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, {}));
@@ -292,12 +292,12 @@ async function setCertificate(req, res, next) {
async function setEnvironment(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (!req.body.env || typeof req.body.env !== 'object') return next(new HttpError(400, 'env must be an object'));
if (Object.keys(req.body.env).some((key) => typeof req.body.env[key] !== 'string')) return next(new HttpError(400, 'env must contain values as strings'));
const [error, result] = await safe(apps.setEnvironment(req.resource, req.body.env, auditSource.fromRequest(req)));
const [error, result] = await safe(apps.setEnvironment(req.app, req.body.env, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
@@ -305,11 +305,11 @@ async function setEnvironment(req, res, next) {
async function setDebugMode(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (req.body.debugMode !== null && typeof req.body.debugMode !== 'object') return next(new HttpError(400, 'debugMode must be an object'));
const [error, result] = await safe(apps.setDebugMode(req.resource, req.body.debugMode, auditSource.fromRequest(req)));
const [error, result] = await safe(apps.setDebugMode(req.app, req.body.debugMode, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
@@ -317,7 +317,7 @@ async function setDebugMode(req, res, next) {
async function setMailbox(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (typeof req.body.enable !== 'boolean') return next(new HttpError(400, 'enable must be a boolean'));
if (req.body.enable) {
@@ -325,7 +325,7 @@ async function setMailbox(req, res, next) {
if (typeof req.body.mailboxDomain !== 'string') return next(new HttpError(400, 'mailboxDomain must be a string'));
}
const [error, result] = await safe(apps.setMailbox(req.resource, req.body, auditSource.fromRequest(req)));
const [error, result] = await safe(apps.setMailbox(req.app, req.body, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
@@ -333,7 +333,7 @@ async function setMailbox(req, res, next) {
async function setLocation(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (typeof req.body.location !== 'string') return next(new HttpError(400, 'location must be string')); // location may be an empty string
if (!req.body.domain) return next(new HttpError(400, 'domain is required'));
@@ -354,7 +354,7 @@ async function setLocation(req, res, next) {
if ('overwriteDns' in req.body && typeof req.body.overwriteDns !== 'boolean') return next(new HttpError(400, 'overwriteDns must be boolean'));
if ('skipDnsSetup' in req.body && typeof req.body.skipDnsSetup !== 'boolean') return next(new HttpError(400, 'skipDnsSetup must be boolean'));
const [error, result] = await safe(apps.setLocation(req.resource, req.body, auditSource.fromRequest(req)));
const [error, result] = await safe(apps.setLocation(req.app, req.body, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
@@ -362,11 +362,11 @@ async function setLocation(req, res, next) {
async function setDataDir(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (req.body.dataDir !== null && typeof req.body.dataDir !== 'string') return next(new HttpError(400, 'dataDir must be a string'));
const [error, result] = await safe(apps.setDataDir(req.resource, req.body.dataDir, auditSource.fromRequest(req)));
const [error, result] = await safe(apps.setDataDir(req.app, req.body.dataDir, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
@@ -374,7 +374,7 @@ async function setDataDir(req, res, next) {
async function repair(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
const data = req.body;
@@ -388,7 +388,7 @@ async function repair(req, res, next) {
if (!data.dockerImage || typeof data.dockerImage !== 'string') return next(new HttpError(400, 'dockerImage must be a string'));
}
const [error, result] = await safe(apps.repair(req.resource, data, auditSource.fromRequest(req)));
const [error, result] = await safe(apps.repair(req.app, data, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
@@ -396,13 +396,13 @@ async function repair(req, res, next) {
async function restore(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
const data = req.body;
if (!data.backupId || typeof data.backupId !== 'string') return next(new HttpError(400, 'backupId must be non-empty string'));
const [error, result] = await safe(apps.restore(req.resource, data.backupId, auditSource.fromRequest(req)));
const [error, result] = await safe(apps.restore(req.app, data.backupId, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
@@ -410,7 +410,7 @@ async function restore(req, res, next) {
async function importApp(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
const data = req.body;
@@ -432,7 +432,7 @@ async function importApp(req, res, next) {
}
}
const [error, result] = await safe(apps.importApp(req.resource, data, auditSource.fromRequest(req)));
const [error, result] = await safe(apps.importApp(req.app, data, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
@@ -440,9 +440,9 @@ async function importApp(req, res, next) {
async function exportApp(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
const [error, result] = await safe(apps.exportApp(req.resource, {}, auditSource.fromRequest(req)));
const [error, result] = await safe(apps.exportApp(req.app, {}, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
@@ -450,7 +450,7 @@ async function exportApp(req, res, next) {
async function clone(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
var data = req.body;
@@ -462,52 +462,52 @@ async function clone(req, res, next) {
if ('overwriteDns' in req.body && typeof req.body.overwriteDns !== 'boolean') return next(new HttpError(400, 'overwriteDns must be boolean'));
if ('skipDnsSetup' in req.body && typeof req.body.skipDnsSetup !== 'boolean') return next(new HttpError(400, 'skipDnsSetup must be boolean'));
const [error, result] = await safe(apps.clone(req.resource, data, req.user, auditSource.fromRequest(req)));
const [error, result] = await safe(apps.clone(req.app, data, req.user, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(201, { id: result.id, taskId: result.taskId }));
}
async function backup(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
const [error, result] = await safe(apps.backup(req.resource));
const [error, result] = await safe(apps.backup(req.app));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
}
async function uninstall(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
const [error, result] = await safe(apps.uninstall(req.resource, auditSource.fromRequest(req)));
const [error, result] = await safe(apps.uninstall(req.app, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
}
async function start(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
const [error, result] = await safe(apps.start(req.resource, auditSource.fromRequest(req)));
const [error, result] = await safe(apps.start(req.app, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
}
async function stop(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
const [error, result] = await safe(apps.stop(req.resource, auditSource.fromRequest(req)));
const [error, result] = await safe(apps.stop(req.app, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
}
async function restart(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
const [error, result] = await safe(apps.restart(req.resource, auditSource.fromRequest(req)));
const [error, result] = await safe(apps.restart(req.app, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
@@ -515,7 +515,7 @@ async function restart(req, res, next) {
async function update(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
const data = req.body;
@@ -536,7 +536,7 @@ async function update(req, res, next) {
data.appStoreId = appStoreId;
data.manifest = manifest;
[error, result] = await safe(apps.updateApp(req.resource, data, auditSource.fromRequest(req)));
[error, result] = await safe(apps.updateApp(req.app, data, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));
@@ -544,7 +544,7 @@ async function update(req, res, next) {
// this route is for streaming logs
function getLogStream(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
var lines = 'lines' in req.query ? parseInt(req.query.lines, 10) : 10; // we ignore last-event-id
if (isNaN(lines)) return next(new HttpError(400, 'lines must be a valid number'));
@@ -559,7 +559,7 @@ function getLogStream(req, res, next) {
format: 'json'
};
apps.getLogs(req.resource, options, function (error, logStream) {
apps.getLogs(req.app, options, function (error, logStream) {
if (error) return next(BoxError.toHttpError(error));
res.writeHead(200, {
@@ -581,7 +581,7 @@ function getLogStream(req, res, next) {
}
function getLogs(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
var lines = 'lines' in req.query ? parseInt(req.query.lines, 10) : 10;
if (isNaN(lines)) return next(new HttpError(400, 'lines must be a number'));
@@ -592,12 +592,12 @@ function getLogs(req, res, next) {
format: req.query.format || 'json'
};
apps.getLogs(req.resource, options, function (error, logStream) {
apps.getLogs(req.app, options, function (error, logStream) {
if (error) return next(BoxError.toHttpError(error));
res.writeHead(200, {
'Content-Type': 'application/x-logs',
'Content-Disposition': `attachment; filename="${req.resource.id}.log"`,
'Content-Disposition': `attachment; filename="${req.app.id}.log"`,
'Cache-Control': 'no-cache',
'X-Accel-Buffering': 'no' // disable nginx buffering
});
@@ -628,7 +628,7 @@ function demuxStream(stream, stdin) {
}
async function exec(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
let cmd = null;
if (req.query.cmd) {
@@ -644,12 +644,12 @@ async function exec(req, res, next) {
const tty = req.query.tty === 'true';
if (safe.query(req.resource, 'manifest.addons.docker') && req.user.role !== users.ROLE_OWNER) return next(new HttpError(403, '"owner" role is requied to exec app with docker addon'));
if (safe.query(req.app, 'manifest.addons.docker') && req.user.role !== users.ROLE_OWNER) return next(new HttpError(403, '"owner" role is requied to exec app with docker addon'));
// in a badly configured reverse proxy, we might be here without an upgrade
if (req.headers['upgrade'] !== 'tcp') return next(new HttpError(404, 'exec requires TCP upgrade'));
const [error, duplexStream] = await safe(apps.exec(req.resource, { cmd: cmd, rows: rows, columns: columns, tty: tty }));
const [error, duplexStream] = await safe(apps.exec(req.app, { cmd: cmd, rows: rows, columns: columns, tty: tty }));
if (error) return next(BoxError.toHttpError(error));
req.clearTimeout();
@@ -668,7 +668,7 @@ async function exec(req, res, next) {
}
async function execWebSocket(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
let cmd = null;
if (req.query.cmd) {
@@ -687,7 +687,7 @@ async function execWebSocket(req, res, next) {
// in a badly configured reverse proxy, we might be here without an upgrade
if (req.headers['upgrade'] !== 'websocket') return next(new HttpError(404, 'exec requires websocket'));
const [error, duplexStream] = await safe(apps.exec(req.resource, { cmd: cmd, rows: rows, columns: columns, tty: tty }));
const [error, duplexStream] = await safe(apps.exec(req.app, { cmd: cmd, rows: rows, columns: columns, tty: tty }));
if (error) return next(BoxError.toHttpError(error));
req.clearTimeout();
@@ -716,7 +716,7 @@ async function execWebSocket(req, res, next) {
}
async function listBackups(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
const page = typeof req.query.page !== 'undefined' ? parseInt(req.query.page) : 1;
if (!page || page < 0) return next(new HttpError(400, 'page query param has to be a postive number'));
@@ -724,19 +724,19 @@ async function listBackups(req, res, next) {
const perPage = typeof req.query.per_page !== 'undefined'? parseInt(req.query.per_page) : 25;
if (!perPage || perPage < 0) return next(new HttpError(400, 'per_page query param has to be a postive number'));
const [error, result] = await safe(apps.listBackups(req.resource, page, perPage));
const [error, result] = await safe(apps.listBackups(req.app, page, perPage));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, { backups: result }));
}
function uploadFile(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (typeof req.query.file !== 'string' || !req.query.file) return next(new HttpError(400, 'file query argument must be provided'));
if (!req.files.file) return next(new HttpError(400, 'file must be provided as multipart'));
apps.uploadFile(req.resource, req.files.file.path, req.query.file, function (error) {
apps.uploadFile(req.app, req.files.file.path, req.query.file, function (error) {
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, {}));
@@ -744,11 +744,11 @@ function uploadFile(req, res, next) {
}
function downloadFile(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (typeof req.query.file !== 'string' || !req.query.file) return next(new HttpError(400, 'file query argument must be provided'));
apps.downloadFile(req.resource, req.query.file, function (error, stream, info) {
apps.downloadFile(req.app, req.query.file, function (error, stream, info) {
if (error) return next(BoxError.toHttpError(error));
var headers = {
@@ -765,7 +765,7 @@ function downloadFile(req, res, next) {
async function setMounts(req, res, next) {
assert.strictEqual(typeof req.body, 'object');
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.app, 'object');
if (!Array.isArray(req.body.mounts)) return next(new HttpError(400, 'mounts should be an array'));
for (let m of req.body.mounts) {
@@ -774,7 +774,7 @@ async function setMounts(req, res, next) {
if (typeof m.readOnly !== 'boolean') return next(new HttpError(400, 'readOnly must be a boolean'));
}
const [error, result] = await safe(apps.setMounts(req.resource, req.body.mounts, auditSource.fromRequest(req)));
const [error, result] = await safe(apps.setMounts(req.app, req.body.mounts, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, { taskId: result.taskId }));

10
src/routes/notifications.js
View File

@@ -21,14 +21,14 @@ async function load(req, res, next) {
if (error) return next(BoxError.toHttpError(error));
if (!result) return next(new HttpError(404, 'Notification not found'));
req.resource = result;
req.notification = result;
next();
}
function get(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.notification, 'object');
next(new HttpSuccess(200, req.resource));
next(new HttpSuccess(200, req.notification));
}
async function list(req, res, next) {
@@ -49,12 +49,12 @@ async function list(req, res, next) {
}
async function update(req, res, next) {
assert.strictEqual(typeof req.resource, 'object');
assert.strictEqual(typeof req.notification, 'object');
assert.strictEqual(typeof req.body, 'object');
if (typeof req.body.acknowledged !== 'boolean') return next(new HttpError(400, 'acknowledged must be a booliean'));
const [error] = await safe(notifications.update(req.resource, { acknowledged: req.body.acknowledged }));
const [error] = await safe(notifications.update(req.notification, { acknowledged: req.body.acknowledged }));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(204, {}));
}

2
src/routes/users.js
View File

@@ -33,7 +33,7 @@ async function load(req, res, next) {
const [error, result] = await safe(users.get(req.params.userId));
if (error) return next(BoxError.toHttpError(error));
if (!result) return next(new HttpError(404, 'User not found'));
req.resource = result;
req.resource = result; // this is not req.user because req.user is already the authenticated user
next();
}

8
src/routes/volumes.js
View File

@@ -23,7 +23,7 @@ async function load(req, res, next) {
const [error, result] = await safe(volumes.get(req.params.id));
if (error) return next(BoxError.toHttpError(error));
if (!result) return next(new HttpError(404, 'Volume not found'));
req.resource = result;
req.volume = result;
next();
}
@@ -46,13 +46,13 @@ async function add(req, res, next) {
async function get(req, res, next) {
assert.strictEqual(typeof req.params.id, 'string');
next(new HttpSuccess(200, volumes.removePrivateFields(req.resource)));
next(new HttpSuccess(200, volumes.removePrivateFields(req.volume)));
}
async function del(req, res, next) {
assert.strictEqual(typeof req.params.id, 'string');
const [error] = await safe(volumes.del(req.resource, auditSource.fromRequest(req)));
const [error] = await safe(volumes.del(req.volume, auditSource.fromRequest(req)));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(204));
}
@@ -69,7 +69,7 @@ async function list(req, res, next) {
async function getStatus(req, res, next) {
assert.strictEqual(typeof req.params.id, 'string');
const [error, status] = await safe(volumes.getStatus(req.resource));
const [error, status] = await safe(volumes.getStatus(req.volume));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(200, status));
}