Press n or j to go to the next uncovered block, b, p or k for the previous block.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | 15x 15x | module.exports = (crowi, app) => { return async function(req, res, next) { try { const Attachment = crowi.model('Attachment') const Share = crowi.model('Share') const attachment = await Attachment.findById(req.params.id) const { uuid, secretKeyword } = await Share.findShareByPageId(attachment.page, { status: Share.STATUS_ACTIVE }) const { shareIds = [], secretKeywords = {} } = req.session const isNoExistKeyword = !secretKeyword const hasCorrectKeyword = secretKeywords[uuid] === secretKeyword const isAccessedSharedPage = shareIds.includes(uuid) const hasAccessRight = (isNoExistKeyword || hasCorrectKeyword) && isAccessedSharedPage if (hasAccessRight) { return next() } } catch (err) { // share url not found, but its okay // debug(err) } return crowi.middlewares.LoginRequired(req, res, next) } } |