Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-11-10 07:55:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

#8344 (#8346)

Browse Source 
* feat: wip

* feat: wrap middlewares

* feat: middleware errors

* feat: more middleware changes

* fix: remove unused async

* fix: prevent version errors from blocking acp render

* feat: wrap more middlewares
This commit is contained in:
Barış Soner Uşaklı
2020-06-03 20:18:42 -04:00
committed by GitHub
parent 023942da7d
commit dcb85ee7a1
9 changed files with 218 additions and 231 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
src/middleware/user.js
View File

@@ -1,6 +1,5 @@
'use strict';
const util = require('util');
const nconf = require('nconf');
const winston = require('winston');
@@ -8,7 +7,7 @@ const meta = require('../meta');
const user = require('../user');
const privileges = require('../privileges');
const plugins = require('../plugins');
const helpers = require('./helpers');
const auth = require('../routes/authentication');
const controllers = {
@@ -16,9 +15,9 @@ const controllers = {
};
module.exports = function (middleware) {
async function authenticate(req, res, next, callback) {
async function authenticate(req, res) {
if (req.loggedIn) {
return next();
return true;
}
await plugins.fireHook('response:middleware.authenticate', {
@@ -28,35 +27,35 @@ module.exports = function (middleware) {
});
if (!res.headersSent) {
auth.setAuthVars(req, res, function () {
if (req.loggedIn && req.user && req.user.uid) {
return next();
}
callback();
});
auth.setAuthVars(req);
}
return !res.headersSent;
}
middleware.authenticate = function middlewareAuthenticate(req, res, next) {
authenticate(req, res, next, function () {
controllers.helpers.notAllowed(req, res, next);
});
};
middleware.authenticate = helpers.try(async function middlewareAuthenticate(req, res, next) {
if (!await authenticate(req, res)) {
return;
}
if (!req.loggedIn) {
return controllers.helpers.notAllowed(req, res);
}
next();
});
const authenticateAsync = util.promisify(middleware.authenticate);
middleware.authenticateOrGuest = helpers.try(async function authenticateOrGuest(req, res, next) {
if (!await authenticate(req, res)) {
return;
}
next();
});
middleware.authenticateOrGuest = function authenticateOrGuest(req, res, next) {
authenticate(req, res, next, next);
};
middleware.ensureSelfOrGlobalPrivilege = helpers.try(async function ensureSelfOrGlobalPrivilege(req, res, next) {
await ensureSelfOrMethod(user.isAdminOrGlobalMod, req, res, next);
});
middleware.ensureSelfOrGlobalPrivilege = function ensureSelfOrGlobalPrivilege(req, res, next) {
ensureSelfOrMethod(user.isAdminOrGlobalMod, req, res, next);
};
middleware.ensureSelfOrPrivileged = function ensureSelfOrPrivileged(req, res, next) {
ensureSelfOrMethod(user.isPrivileged, req, res, next);
};
middleware.ensureSelfOrPrivileged = helpers.try(async function ensureSelfOrPrivileged(req, res, next) {
await ensureSelfOrMethod(user.isPrivileged, req, res, next);
});
async function ensureSelfOrMethod(method, req, res, next) {
/*
@@ -67,7 +66,7 @@ module.exports = function (middleware) {
return controllers.helpers.notAllowed(req, res);
}
if (req.uid === parseInt(res.locals.uid, 10)) {
return setImmediate(next);
return next();
}
const allowed = await method(req.uid);
if (!allowed) {
@@ -77,12 +76,12 @@ module.exports = function (middleware) {
return next();
}
middleware.checkGlobalPrivacySettings = function checkGlobalPrivacySettings(req, res, next) {
middleware.checkGlobalPrivacySettings = helpers.try(async function checkGlobalPrivacySettings(req, res, next) {
winston.warn('[middleware], checkGlobalPrivacySettings deprecated, use canViewUsers or canViewGroups');
middleware.canViewUsers(req, res, next);
};
await middleware.canViewUsers(req, res, next);
});
middleware.canViewUsers = async function canViewUsers(req, res, next) {
middleware.canViewUsers = helpers.try(async function canViewUsers(req, res, next) {
if (parseInt(res.locals.uid, 10) === req.uid) {
return next();
}
@@ -91,19 +90,24 @@ module.exports = function (middleware) {
return next();
}
controllers.helpers.notAllowed(req, res);
};
});
middleware.canViewGroups = async function canViewGroups(req, res, next) {
middleware.canViewGroups = helpers.try(async function canViewGroups(req, res, next) {
const canView = await privileges.global.can('view:groups', req.uid);
if (canView) {
return next();
}
controllers.helpers.notAllowed(req, res);
};
});
middleware.checkAccountPermissions = async function checkAccountPermissions(req, res, next) {
middleware.checkAccountPermissions = helpers.try(async function checkAccountPermissions(req, res, next) {
// This middleware ensures that only the requested user and admins can pass
await authenticateAsync(req, res);
if (!await authenticate(req, res)) {
return;
}
if (!req.loggedIn) {
return controllers.helpers.notAllowed(req, res);
}
const uid = await user.getUidByUserslug(req.params.userslug);
let allowed = await privileges.users.canEdit(req.uid, uid);
if (allowed) {
@@ -117,17 +121,17 @@ module.exports = function (middleware) {
return next();
}
controllers.helpers.notAllowed(req, res);
};
});
middleware.redirectToAccountIfLoggedIn = async function redirectToAccountIfLoggedIn(req, res, next) {
middleware.redirectToAccountIfLoggedIn = helpers.try(async function redirectToAccountIfLoggedIn(req, res, next) {
if (req.session.forceLogin || req.uid <= 0) {
return next();
}
const userslug = await user.getUserField(req.uid, 'userslug');
controllers.helpers.redirect(res, '/user/' + userslug);
};
});
middleware.redirectUidToUserslug = async function redirectUidToUserslug(req, res, next) {
middleware.redirectUidToUserslug = helpers.try(async function redirectUidToUserslug(req, res, next) {
const uid = parseInt(req.params.uid, 10);
if (uid <= 0) {
return next();
@@ -140,18 +144,18 @@ module.exports = function (middleware) {
.replace('uid', 'user')
.replace(uid, function () { return userslug; });
controllers.helpers.redirect(res, path);
};
});
middleware.redirectMeToUserslug = async function redirectMeToUserslug(req, res) {
middleware.redirectMeToUserslug = helpers.try(async function redirectMeToUserslug(req, res) {
const userslug = await user.getUserField(req.uid, 'userslug');
if (!userslug) {
return controllers.helpers.notAllowed(req, res);
}
const path = req.path.replace(/^(\/api)?\/me/, '/user/' + userslug);
controllers.helpers.redirect(res, path);
};
});
middleware.isAdmin = async function isAdmin(req, res, next) {
middleware.isAdmin = helpers.try(async function isAdmin(req, res, next) {
const isAdmin = await user.isAdministrator(req.uid);
if (!isAdmin) {
return controllers.helpers.notAllowed(req, res);
@@ -186,7 +190,7 @@ module.exports = function (middleware) {
} else {
res.redirect(nconf.get('relative_path') + '/login?local=1');
}
};
});
middleware.requireUser = function (req, res, next) {
if (req.loggedIn) {