pigallery2/src/backend/middlewares/RenderingMWs.ts

import {NextFunction, Request, Response} from 'express';
import {ErrorCodes, ErrorDTO} from '../../common/entities/Error';
import {Message} from '../../common/entities/Message';
import {Config, PrivateConfigClass} from '../../common/config/private/Config';
import {UserDTO, UserRoles} from '../../common/entities/UserDTO';
import {NotificationManager} from '../model/NotifocationManager';
import {Logger} from '../Logger';

export class RenderingMWs {

  public static renderResult(req: Request, res: Response, next: NextFunction) {
    if (typeof req.resultPipe === 'undefined') {
      return next();
    }

    return RenderingMWs.renderMessage(res, req.resultPipe);
  }


  public static renderSessionUser(req: Request, res: Response, next: NextFunction) {
    if (!(req.session.user)) {
      return next(new ErrorDTO(ErrorCodes.GENERAL_ERROR, 'User not exists'));
    }

    const user = <UserDTO>{
      id: req.session.user.id,
      name: req.session.user.name,
      csrfToken: req.session.user.csrfToken || req.csrfToken(),
      role: req.session.user.role,
      usedSharingKey: req.session.user.usedSharingKey,
      permissions: req.session.user.permissions
    };

    if (!user.csrfToken && req.csrfToken) {
      user.csrfToken = req.csrfToken();
    }

    RenderingMWs.renderMessage(res, user);
  }

  public static renderSharing(req: Request, res: Response, next: NextFunction) {
    if (!req.resultPipe) {
      return next();
    }

    const {password, creator, ...sharing} = req.resultPipe;
    RenderingMWs.renderMessage(res, sharing);
  }

  public static renderFile(req: Request, res: Response, next: NextFunction) {
    if (!req.resultPipe) {
      return next();
    }
    return res.sendFile(req.resultPipe, {maxAge: 31536000, dotfiles: 'allow'});
  }

  public static renderOK(req: Request, res: Response, next: NextFunction) {
    const message = new Message<string>(null, 'ok');
    res.json(message);
  }


  public static async renderConfig(req: Request, res: Response, next: NextFunction) {
    const originalConf = await Config.original();
    originalConf.Server.sessionSecret = null;
    const message = new Message<PrivateConfigClass>(null, <any>originalConf.toJSON({
      attachState: true,
      attachVolatile: true
    }));
    res.json(message);
  }


  public static renderError(err: any, req: Request, res: Response, next: NextFunction): any {

    if (err instanceof ErrorDTO) {
      if (err.details) {
        Logger.warn('Handled error:');
        console.log(err);
        delete (err.details); // do not send back error object to the client side

        // hide error details for non developers
        if (!(req.session.user && req.session.user.role >= UserRoles.Developer)) {
          delete (err.detailsStr);
        }
      }
      const message = new Message<any>(err, null);
      return res.json(message);
    }
    NotificationManager.error('unknown server error', err);
    return next(err);
  }


  protected static renderMessage<T>(res: Response, content: T) {
    const message = new Message<T>(null, content);
    res.json(message);
  }


}
improving tests 2018-03-30 15:30:30 -04:00			`import {NextFunction, Request, Response} from 'express';`
			`import {ErrorCodes, ErrorDTO} from '../../common/entities/Error';`
			`import {Message} from '../../common/entities/Message';`
upgrading to typeconfig2.0 2020-01-28 18:36:52 +01:00			`import {Config, PrivateConfigClass} from '../../common/config/private/Config';`
implementing csrf security for posts 2020-01-07 22:17:54 +01:00			`import {UserDTO, UserRoles} from '../../common/entities/UserDTO';`
improving tests 2018-03-30 15:30:30 -04:00			`import {NotificationManager} from '../model/NotifocationManager';`
			`import {Logger} from '../Logger';`
refactoring middleware rendering methods 2016-03-26 11:19:10 +01:00
			`export class RenderingMWs {`

adding angular-cli support (causes major refactoring) 2017-06-10 22:32:56 +02:00			`public static renderResult(req: Request, res: Response, next: NextFunction) {`
adding url base, improving code quality 2018-05-12 12:19:51 -04:00			`if (typeof req.resultPipe === 'undefined') {`
adding angular-cli support (causes major refactoring) 2017-06-10 22:32:56 +02:00			`return next();`
adding url base, improving code quality 2018-05-12 12:19:51 -04:00			`}`
refactoring middleware rendering methods 2016-03-26 11:19:10 +01:00
adding angular-cli support (causes major refactoring) 2017-06-10 22:32:56 +02:00			`return RenderingMWs.renderMessage(res, req.resultPipe);`
			`}`
refactoring middleware rendering methods 2016-03-26 11:19:10 +01:00

adding angular-cli support (causes major refactoring) 2017-06-10 22:32:56 +02:00			`public static renderSessionUser(req: Request, res: Response, next: NextFunction) {`
			`if (!(req.session.user)) {`
improving tests 2018-03-30 15:30:30 -04:00			`return next(new ErrorDTO(ErrorCodes.GENERAL_ERROR, 'User not exists'));`
refactoring middleware rendering methods 2016-03-26 11:19:10 +01:00			`}`

implementing csrf security for posts 2020-01-07 22:17:54 +01:00			`const user = <UserDTO>{`
			`id: req.session.user.id,`
			`name: req.session.user.name,`
			`csrfToken: req.session.user.csrfToken \|\| req.csrfToken(),`
			`role: req.session.user.role,`
			`usedSharingKey: req.session.user.usedSharingKey,`
			`permissions: req.session.user.permissions`
			`};`

			`if (!user.csrfToken && req.csrfToken) {`
			`user.csrfToken = req.csrfToken();`
			`}`

adding angular-cli support (causes major refactoring) 2017-06-10 22:32:56 +02:00			`RenderingMWs.renderMessage(res, user);`
			`}`
refactoring middleware rendering methods 2016-03-26 11:19:10 +01:00
implementing sharing 2017-07-03 19:17:49 +02:00			`public static renderSharing(req: Request, res: Response, next: NextFunction) {`
adding url base, improving code quality 2018-05-12 12:19:51 -04:00			`if (!req.resultPipe) {`
implementing sharing 2017-07-03 19:17:49 +02:00			`return next();`
adding url base, improving code quality 2018-05-12 12:19:51 -04:00			`}`
implementing sharing 2017-07-03 19:17:49 +02:00
implementing csrf security for posts 2020-01-07 22:17:54 +01:00			`const {password, creator, ...sharing} = req.resultPipe;`
implementing sharing 2017-07-03 19:17:49 +02:00			`RenderingMWs.renderMessage(res, sharing);`
			`}`

adding angular-cli support (causes major refactoring) 2017-06-10 22:32:56 +02:00			`public static renderFile(req: Request, res: Response, next: NextFunction) {`
adding url base, improving code quality 2018-05-12 12:19:51 -04:00			`if (!req.resultPipe) {`
adding angular-cli support (causes major refactoring) 2017-06-10 22:32:56 +02:00			`return next();`
adding url base, improving code quality 2018-05-12 12:19:51 -04:00			`}`
adding dotfile support 2019-12-29 23:25:22 +01:00			`return res.sendFile(req.resultPipe, {maxAge: 31536000, dotfiles: 'allow'});`
adding angular-cli support (causes major refactoring) 2017-06-10 22:32:56 +02:00			`}`

			`public static renderOK(req: Request, res: Response, next: NextFunction) {`
adding url base, improving code quality 2018-05-12 12:19:51 -04:00			`const message = new Message<string>(null, 'ok');`
adding angular-cli support (causes major refactoring) 2017-06-10 22:32:56 +02:00			`res.json(message);`
			`}`
refactoring middleware rendering methods 2016-03-26 11:19:10 +01:00
implementing database settings 2017-07-08 12:43:42 +02:00
upgrading to typeconfig2.0 2020-01-28 18:36:52 +01:00			`public static async renderConfig(req: Request, res: Response, next: NextFunction) {`
			`const originalConf = await Config.original();`
improving code quality. restricting secret to be accessible through rest api 2020-01-03 20:28:03 +01:00			`originalConf.Server.sessionSecret = null;`
implementing advanced settings 2020-02-04 19:37:47 +01:00			`const message = new Message<PrivateConfigClass>(null, <any>originalConf.toJSON({`
			`attachState: true,`
			`attachVolatile: true`
			`}));`
implementing database settings 2017-07-08 12:43:42 +02:00			`res.json(message);`
			`}`


adding angular-cli support (causes major refactoring) 2017-06-10 22:32:56 +02:00			`public static renderError(err: any, req: Request, res: Response, next: NextFunction): any {`
implementing improved error handling 2017-07-09 14:23:50 +02:00
implementing thumbnail settings 2017-07-15 12:47:11 +02:00			`if (err instanceof ErrorDTO) {`
improving config check and setting 2017-07-13 23:39:09 +02:00			`if (err.details) {`
fixing language switching error 2019-01-02 21:21:20 +01:00			`Logger.warn('Handled error:');`
			`console.log(err);`
minor bugfixes 2019-12-10 14:50:20 +01:00			`delete (err.details); // do not send back error object to the client side`

			`// hide error details for non developers`
improving config check and setting 2017-07-13 23:39:09 +02:00			`if (!(req.session.user && req.session.user.role >= UserRoles.Developer)) {`
minor bugfixes 2019-12-10 14:50:20 +01:00			`delete (err.detailsStr);`
improving config check and setting 2017-07-13 23:39:09 +02:00			`}`
implementing improved error handling 2017-07-09 14:23:50 +02:00			`}`
adding url base, improving code quality 2018-05-12 12:19:51 -04:00			`const message = new Message<any>(err, null);`
adding angular-cli support (causes major refactoring) 2017-06-10 22:32:56 +02:00			`return res.json(message);`
refactoring middleware rendering methods 2016-03-26 11:19:10 +01:00			`}`
improving tests 2018-03-30 15:30:30 -04:00			`NotificationManager.error('unknown server error', err);`
adding angular-cli support (causes major refactoring) 2017-06-10 22:32:56 +02:00			`return next(err);`
			`}`
refactoring middleware rendering methods 2016-03-26 11:19:10 +01:00

adding angular-cli support (causes major refactoring) 2017-06-10 22:32:56 +02:00			`protected static renderMessage<T>(res: Response, content: T) {`
adding url base, improving code quality 2018-05-12 12:19:51 -04:00			`const message = new Message<T>(null, content);`
adding angular-cli support (causes major refactoring) 2017-06-10 22:32:56 +02:00			`res.json(message);`
			`}`
refactoring middleware rendering methods 2016-03-26 11:19:10 +01:00

adding angular-cli support (causes major refactoring) 2017-06-10 22:32:56 +02:00			`}`