Skip to content

Commit 7ac6dd0

Browse files
catarakcatarak
committed
Merge branch 'master' into production-docker
2 parents a1d2acb + 032169e commit 7ac6dd0

File tree

2 files changed

+26
-9
lines changed

2 files changed

+26
-9
lines changed

server/controllers/file.controller.js

+25-8
Original file line numberDiff line numberDiff line change
@@ -9,8 +9,11 @@ import { deleteObjectsFromS3, getObjectKey } from './aws.controller';
99
// be fixed in mongoose soon
1010
// https://github.com/Automattic/mongoose/issues/4049
1111
export function createFile(req, res) {
12-
Project.findByIdAndUpdate(
13-
req.params.project_id,
12+
Project.findOneAndUpdate(
13+
{
14+
_id: req.params.project_id,
15+
user: req.user._id
16+
},
1417
{
1518
$push: {
1619
files: req.body
@@ -19,9 +22,9 @@ export function createFile(req, res) {
1922
{
2023
new: true
2124
}, (err, updatedProject) => {
22-
if (err) {
25+
if (err || !updatedProject) {
2326
console.log(err);
24-
res.json({ success: false });
27+
res.status(403).send({ success: false, message: 'Project does not exist, or user does not match owner.' });
2528
return;
2629
}
2730
const newFile = updatedProject.files[updatedProject.files.length - 1];
@@ -39,7 +42,9 @@ export function createFile(req, res) {
3942
}
4043

4144
function getAllDescendantIds(files, nodeId) {
42-
return files.find(file => file.id === nodeId).children
45+
const parentFile = files.find(file => file.id === nodeId);
46+
if (!parentFile) return [];
47+
return parentFile.children
4348
.reduce((acc, childId) => (
4449
[...acc, childId, ...getAllDescendantIds(files, childId)]
4550
), []);
@@ -75,12 +80,24 @@ function deleteChild(files, parentId, id) {
7580

7681
export function deleteFile(req, res) {
7782
Project.findById(req.params.project_id, (err, project) => {
83+
if (!project) {
84+
res.status(404).send({ success: false, message: 'Project does not exist.' });
85+
}
86+
if (!project.user.equals(req.user._id)) {
87+
res.status(403).send({ success: false, message: 'Session does not match owner of project.' });
88+
return;
89+
}
90+
91+
// make sure file exists for project
92+
const fileToDelete = project.files.find(file => file.id === req.params.file_id);
93+
if (!fileToDelete) {
94+
res.status(404).send({ success: false, message: 'File does not exist in project.' });
95+
return;
96+
}
97+
7898
const idsToDelete = getAllDescendantIds(project.files, req.params.file_id);
7999
deleteMany(project.files, [req.params.file_id, ...idsToDelete]);
80100
project.files = deleteChild(project.files, req.query.parentId, req.params.file_id);
81-
// project.files.id(req.params.file_id).remove();
82-
// const childrenArray = project.files.id(req.query.parentId).children;
83-
// project.files.id(req.query.parentId).children = childrenArray.filter(id => id !== req.params.file_id);
84101
project.save((innerErr) => {
85102
res.json(project.files);
86103
});

server/server.js

+1-1
Original file line numberDiff line numberDiff line change
@@ -113,8 +113,8 @@ app.use(passport.initialize());
113113
app.use(passport.session());
114114
app.use('/api', requestsOfTypeJSON(), users);
115115
app.use('/api', requestsOfTypeJSON(), sessions);
116-
app.use('/api', requestsOfTypeJSON(), projects);
117116
app.use('/api', requestsOfTypeJSON(), files);
117+
app.use('/api', requestsOfTypeJSON(), projects);
118118
app.use('/api', requestsOfTypeJSON(), aws);
119119
app.use(assetRoutes);
120120
// this is supposed to be TEMPORARY -- until i figure out

0 commit comments

Comments
 (0)