jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Make gravatar support explicit only

Browse Source
This commit is contained in:
Johannes Zellner
2021-07-07 14:31:39 +02:00
parent cdad2a80d4
commit 81e6cd6195
4 changed files with 23 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/routes/profile.js
+8 -14
View File
@@ -6,7 +6,6 @@ exports = module.exports = {
update,
getAvatar,
setAvatar,
clearAvatar,
changePassword,
setTwoFactorAuthenticationSecret,
enableTwoFactorAuthentication,
@@ -16,6 +15,7 @@ exports = module.exports = {
const assert = require('assert'),
auditSource = require('../auditsource.js'),
BoxError = require('../boxerror.js'),
constants = require('../constants.js'),
HttpError = require('connect-lastmile').HttpError,
HttpSuccess = require('connect-lastmile').HttpSuccess,
safe = require('safetydance'),
@@ -75,10 +75,14 @@ function update(req, res, next) {
async function setAvatar(req, res, next) {
assert.strictEqual(typeof req.user, 'object');
if (!req.files.avatar) return next(new HttpError(400, 'avatar is missing'));
let avatar = req.body.avatar;
const avatar = safe.fs.readFileSync(req.files.avatar.path);
if (!avatar) return next(BoxError.toHttpError(new BoxError(BoxError.FS_ERROR, safe.error.message)));
if (req.files && req.files.avatar) {
avatar = safe.fs.readFileSync(req.files.avatar.path);
if (!avatar) return next(BoxError.toHttpError(new BoxError(BoxError.FS_ERROR, safe.error.message)));
} else if (avatar !== constants.AVATAR_GRAVATAR && avatar !== constants.AVATAR_NONE) {
return next(new HttpError(400, `avatar must be a file, ${constants.AVATAR_GRAVATAR} or ${constants.AVATAR_NONE}`));
}
const [error] = await safe(users.setAvatar(req.user.id, avatar));
if (error) return next(BoxError.toHttpError(error));
@@ -86,21 +90,11 @@ async function setAvatar(req, res, next) {
next(new HttpSuccess(202, {}));
}
async function clearAvatar(req, res, next) {
assert.strictEqual(typeof req.user, 'object');
const [error] = await safe(users.setAvatar(req.user.id, null));
if (error) return next(BoxError.toHttpError(error));
next(new HttpSuccess(202, {}));
}
async function getAvatar(req, res, next) {
assert.strictEqual(typeof req.params.identifier, 'string');
const [error, avatar] = await safe(users.getAvatar(req.params.identifier));
if (error) return next(BoxError.toHttpError(error));
if (!avatar) return next(new HttpError(404, 'User not found'));
res.send(avatar);
}