Press n or j to go to the next uncovered block, b, p or k for the previous block.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 | 16x | import Crowi from 'server/crowi' export default (crowi: Crowi) => { return async function(req, res, next) { try { const Attachment = crowi.model('Attachment') const Share = crowi.model('Share') const attachment = await Attachment.findById(req.params.id) if (!attachment) { return res.sendStatus(404) } const { uuid, secretKeyword } = await Share.findShareByPageId(attachment.page, { status: Share.STATUS_ACTIVE }) const { shareIds = [], secretKeywords = {} } = req.session const isNoExistKeyword = !secretKeyword const hasCorrectKeyword = secretKeywords[uuid] === secretKeyword const isAccessedSharedPage = shareIds.includes(uuid) const hasAccessRight = (isNoExistKeyword || hasCorrectKeyword) && isAccessedSharedPage if (hasAccessRight) { return next() } } catch (err) { // share url not found, but its okay // debug(err) } return crowi.middlewares.LoginRequired(req, res, next) } } |