refactor: removed useless code, cleaned up, fixed permissions

author: Pitu <[email protected]> 2019-10-12 21:14:19 +0900
committer: Pitu <[email protected]> 2019-10-12 21:14:19 +0900
commit: bca8fbcd839d2239e3f6f141f662fbbc74726835 (patch)
tree: 174fb569e7ae5fb3daf4cbfbfb0d957db976074b /src
parent: Added new links to the navbar (diff)
download: host.fuwn.me-bca8fbcd839d2239e3f6f141f662fbbc74726835.tar.xz
host.fuwn.me-bca8fbcd839d2239e3f6f141f662fbbc74726835.zip
23 files changed, 54 insertions, 187 deletions
diff --git a/src/api/database/seeds/initial.js b/src/api/database/seeds/initial.js
index bb4ce8c..280fd74 100644
--- a/src/api/database/seeds/initial.js
+++ b/src/api/database/seeds/initial.js
@@ -3,7 +3,7 @@ const moment = require('moment');
 
 exports.seed = async db => {
 	const now = moment.utc().toDate();
-	const user = await db.table('users').where({ username: 'root' }).first();
+	const user = await db.table('users').where({ username: process.env.ADMIN_ACCOUNT }).first();
 	if (user) return;
 	try {
 		const hash = await bcrypt.hash(process.env.ADMIN_PASSWORD, 10);
diff --git a/src/api/routes/albums/albumDELETE.js b/src/api/routes/albums/albumDELETE.js
index 2aa9942..96698b4 100644
--- a/src/api/routes/albums/albumDELETE.js
+++ b/src/api/routes/albums/albumDELETE.js
@@ -14,7 +14,7 @@ class albumDELETE extends Route {
 			Check if the album exists
 		*/
 		const album = await db.table('albums').where({ id, userId: user.id }).first();
-		if (!album) return res.status(400).json({ message: 'The file doesn\'t exist or doesn\'t belong to the user' });
+		if (!album) return res.status(400).json({ message: 'The album doesn\'t exist or doesn\'t belong to the user' });
 
 		try {
 			/*
diff --git a/src/api/routes/albums/albumPurgeDELETE.js b/src/api/routes/albums/albumPurgeDELETE.js
index 5a67c8e..a63eafc 100644
--- a/src/api/routes/albums/albumPurgeDELETE.js
+++ b/src/api/routes/albums/albumPurgeDELETE.js
@@ -14,7 +14,7 @@ class albumDELETE extends Route {
 			Check if the album exists
 		*/
 		const album = await db.table('albums').where({ id, userId: user.id }).first();
-		if (!album) return res.status(400).json({ message: 'The file doesn\'t exist or doesn\'t belong to the user' });
+		if (!album) return res.status(400).json({ message: 'The album doesn\'t exist or doesn\'t belong to the user' });
 
 		try {
 			await Util.deleteAllFilesFromAlbum(id);
diff --git a/src/api/routes/albums/albumsGET.js b/src/api/routes/albums/albumsGET.js
index 3be1213..c61ad03 100644
--- a/src/api/routes/albums/albumsGET.js
+++ b/src/api/routes/albums/albumsGET.js
@@ -18,6 +18,8 @@ class albumsGET extends Route {
 			.select('id', 'name', 'createdAt', 'editedAt');
 
 		for (const album of albums) {
+			// TODO: Optimize the shit out of this.
+
 			/*
 				Fetch every public link the album has
 			*/
diff --git a/src/api/routes/albums/link/linkDELETE.js b/src/api/routes/albums/link/linkDELETE.js
index 7adcaac..904687f 100644
--- a/src/api/routes/albums/link/linkDELETE.js
+++ b/src/api/routes/albums/link/linkDELETE.js
@@ -6,13 +6,13 @@ class linkDELETE extends Route {
 		super('/album/link/delete/:identifier', 'delete');
 	}
 
-	async run(req, res, db) {
+	async run(req, res, db, user) {
 		const { identifier } = req.params;
 		if (!identifier) return res.status(400).json({ message: 'Invalid identifier supplied' });
 
 		try {
 			const link = await db.table('links')
-				.where({ identifier })
+				.where({ identifier, userId: user.id })
 				.first();
 
 			dump(link);
diff --git a/src/api/routes/albums/link/linkPOST.js b/src/api/routes/albums/link/linkPOST.js
index 297348c..6009922 100644
--- a/src/api/routes/albums/link/linkPOST.js
+++ b/src/api/routes/albums/link/linkPOST.js
@@ -1,6 +1,5 @@
 const Route = require('../../../structures/Route');
 const Util = require('../../../utils/Util');
-const log = require('../../../utils/Log');
 
 class linkPOST extends Route {
 	constructor() {
@@ -15,7 +14,7 @@ class linkPOST extends Route {
 		/*
 			Make sure the album exists
 		*/
-		const exists = await db.table('albums').where('id', albumId).first();
+		const exists = await db.table('albums').where({ id: albumId, userId: user.id }).first();
 		if (!exists) return res.status(400).json({ message: 'Album doesn\t exist' });
 
 		/*
diff --git a/src/api/routes/baseGET.js b/src/api/routes/baseGET.js
deleted file mode 100644
index a6c01ea..0000000
--- a/src/api/routes/baseGET.js
+++ /dev/null
@@ -1,13 +0,0 @@
-const Route = require('../structures/Route');
-
-class verifyGET extends Route {
-	constructor() {
-		super('/', 'get', { bypassAuth: true });
-	}
-
-	run(req, res) {
-		return res.json({ message: 'Hai hai api desu.' });
-	}
-}
-
-module.exports = verifyGET;
diff --git a/src/api/routes/files/albumAddPOST.js b/src/api/routes/files/albumAddPOST.js
index fc4ee71..af39caa 100644
--- a/src/api/routes/files/albumAddPOST.js
+++ b/src/api/routes/files/albumAddPOST.js
@@ -5,11 +5,17 @@ class albumAddPOST extends Route {
 		super('/file/album/add', 'post');
 	}
 
-	async run(req, res, db) {
+	async run(req, res, db, user) {
 		if (!req.body) return res.status(400).json({ message: 'No body provided' });
 		const { fileId, albumId } = req.body;
 		if (!fileId || !albumId) return res.status(400).json({ message: 'No id provided' });
 
+		// Make sure both file and album belong to the user
+		const file = await db.table('files').where({ id: fileId, userId: user.id }).first();
+		if (!file) return res.status(400).json({ message: 'File doesn\'t exist.' });
+		const album = await db.table('albums').where({ id: albumId, userId: user.id }).first();
+		if (!album) return res.status(400).json({ message: 'Album doesn\'t exist.' });
+
 		try {
 			await db.table('albumsFiles')
 				.insert({ fileId, albumId });
diff --git a/src/api/routes/files/albumDelPOST.js b/src/api/routes/files/albumDelPOST.js
index fd6bbd0..9a4b87b 100644
--- a/src/api/routes/files/albumDelPOST.js
+++ b/src/api/routes/files/albumDelPOST.js
@@ -5,11 +5,17 @@ class albumDelPOST extends Route {
 		super('/file/album/del', 'post');
 	}
 
-	async run(req, res, db) {
+	async run(req, res, db, user) {
 		if (!req.body) return res.status(400).json({ message: 'No body provided' });
 		const { fileId, albumId } = req.body;
 		if (!fileId || !albumId) return res.status(400).json({ message: 'No id provided' });
 
+		// Make sure both file and album belong to the user
+		const file = await db.table('files').where({ id: fileId, userId: user.id }).first();
+		if (!file) return res.status(400).json({ message: 'File doesn\'t exist.' });
+		const album = await db.table('albums').where({ id: albumId, userId: user.id }).first();
+		if (!album) return res.status(400).json({ message: 'Album doesn\'t exist.' });
+
 		try {
 			await db.table('albumsFiles')
 				.where({ fileId, albumId })
diff --git a/src/api/routes/files/tagAddPOST.js b/src/api/routes/files/tagAddPOST.js
index 9d334d8..25467ab 100644
--- a/src/api/routes/files/tagAddPOST.js
+++ b/src/api/routes/files/tagAddPOST.js
@@ -5,11 +5,15 @@ class tagAddPOST extends Route {
 		super('/file/tag/add', 'post');
 	}
 
-	run(req, res, db) {
+	async run(req, res, db, user) {
 		if (!req.body) return res.status(400).json({ message: 'No body provided' });
 		const { fileId, tagNames } = req.body;
 		if (!fileId || !tagNames.length) return res.status(400).json({ message: 'No tags provided' });
 
+		// Make sure the file belongs to the user
+		const file = await db.table('files').where({ id: fileId, userId: user.id }).first();
+		if (!file) return res.status(400).json({ message: 'File doesn\'t exist.' });
+
 		tagNames.forEach(async tag => {
 			try {
 				await db.table('fileTags').insert({ fileId, tag });
diff --git a/src/api/routes/files/tagDelPOST.js b/src/api/routes/files/tagDelPOST.js
deleted file mode 100644
index fd6bbd0..0000000
--- a/src/api/routes/files/tagDelPOST.js
+++ /dev/null
@@ -1,27 +0,0 @@
-const Route = require('../../structures/Route');
-
-class albumDelPOST extends Route {
-	constructor() {
-		super('/file/album/del', 'post');
-	}
-
-	async run(req, res, db) {
-		if (!req.body) return res.status(400).json({ message: 'No body provided' });
-		const { fileId, albumId } = req.body;
-		if (!fileId || !albumId) return res.status(400).json({ message: 'No id provided' });
-
-		try {
-			await db.table('albumsFiles')
-				.where({ fileId, albumId })
-				.delete();
-		} catch (error) {
-			return super.error(res, error);
-		}
-
-		return res.json({
-			message: 'Successfully removed file from album'
-		});
-	}
-}
-
-module.exports = albumDelPOST;
diff --git a/src/api/routes/files/uploadPOST.js b/src/api/routes/files/uploadPOST.js
index 5c6bcb0..6996a6e 100644
--- a/src/api/routes/files/uploadPOST.js
+++ b/src/api/routes/files/uploadPOST.js
@@ -19,10 +19,14 @@ class uploadPOST extends Route {
 		super('/upload.....', 'post', { bypassAuth: true });
 	}
 
-	async run(req, res, db) {
+	run(req, res) {
+		return res.status(201).send();
+
+		/*
 		const user = await Util.isAuthorized(req);
 		if (!user && process.env.PUBLIC_MODE == 'false') return res.status(401).json({ message: 'Not authorized to use this resource' });
 		return this.uploadFile(req, res, db, user);
+		*/
 	}
 
 	async processFile(req, res, db, user, file) {
diff --git a/src/api/routes/verifyGET.js b/src/api/routes/verifyGET.js
index 5875dbb..2f370e8 100644
--- a/src/api/routes/verifyGET.js
+++ b/src/api/routes/verifyGET.js
@@ -6,15 +6,13 @@ class verifyGET extends Route {
 	}
 
 	run(req, res, db, user) {
-		const returnUser = {
-			id:	user.id,
-			username: user.username,
-			isAdmin: user.isAdmin
-		};
-
 		return res.json({
 			message: 'Successfully verified token',
-			user: returnUser
+			user: {
+				id:	user.id,
+				username: user.username,
+				isAdmin: user.isAdmin
+			}
 		});
 	}
 }
diff --git a/src/site/assets/styles/style.scss b/src/site/assets/styles/style.scss
index f73fb96..6486878 100644
--- a/src/site/assets/styles/style.scss
+++ b/src/site/assets/styles/style.scss
@@ -83,6 +83,16 @@ div#drag-overlay {
 	}
 }
 
+
+section.hero {
+	&.dashboard {
+		// background-color: $backgroundLight1 !important;
+		div.hero-body {
+			align-items: baseline;
+		}
+	}
+}
+
 section input, section a.button {
 	font-size: 14px !important;
 }
diff --git a/src/site/components/grid/Grid.vue b/src/site/components/grid/Grid.vue
index 5f98b9d..19acde9 100644
--- a/src/site/components/grid/Grid.vue
+++ b/src/site/components/grid/Grid.vue
@@ -172,11 +172,6 @@ export default {
 			searchTerm: null
 		};
 	},
-	computed: {
-		config() {
-			return this.$store.state.config;
-		}
-	},
 	mounted() {
 		this.$search.items(this.files);
 	},
diff --git a/src/site/components/navbar/Navbar.vue b/src/site/components/navbar/Navbar.vue
index 403d7c9..78eb650 100644
--- a/src/site/components/navbar/Navbar.vue
+++ b/src/site/components/navbar/Navbar.vue
@@ -50,30 +50,6 @@
 				<i class="icon-ecommerce-safebox" /> {{ config.serviceName }}
 			</router-link>
 
-			<!--
-			<template v-if="loggedIn">
-				<router-link
-					to="/dashboard/uploads"
-					class="navbar-item no-active"
-					exact><i class="hidden"/>Uploads</router-link>
-
-				<router-link
-					to="/dashboard/albums"
-					class="navbar-item no-active"
-					exact><i class="hidden"/>Albums</router-link>
-
-				<router-link
-					to="/dashboard/tags"
-					class="navbar-item no-active"
-					exact><i class="hidden"/>Tags</router-link>
-
-				<router-link
-					to="/dashboard/settings"
-					class="navbar-item no-active"
-					exact><i class="hidden"/>Settings</router-link>
-			</template>
-			-->
-
 			<div class="spacer" />
 
 			<template v-if="loggedIn">
@@ -126,9 +102,6 @@ export default {
 		loggedIn() {
 			return this.$store.state.loggedIn;
 		},
-		user() {
-			return this.$store.state.user;
-		},
 		config() {
 			return this.$store.state.config;
 		}
diff --git a/src/site/pages/dashboard/account.vue b/src/site/pages/dashboard/account.vue
index 8955844..6ecc885 100644
--- a/src/site/pages/dashboard/account.vue
+++ b/src/site/pages/dashboard/account.vue
@@ -1,21 +1,5 @@
-<style lang="scss" scoped>
-	@import '~/assets/styles/_colors.scss';
-	section { background-color: $backgroundLight1 !important; }
-	section.hero div.hero-body {
-		align-items: baseline;
-	}
-	div.search-container {
-		display: flex;
-		justify-content: center;
-	}
-</style>
-<style lang="scss">
-	@import '~/assets/styles/_colors.scss';
-</style>
-
-
 <template>
-	<section class="hero is-fullheight">
+	<section class="hero is-fullheight dashboard">
 		<div class="hero-body">
 			<div class="container">
 				<div class="columns">
@@ -95,11 +79,6 @@ export default {
 			user: {}
 		};
 	},
-	computed: {
-		config() {
-			return this.$store.state.config;
-		}
-	},
 	metaInfo() {
 		return { title: 'Account' };
 	},
diff --git a/src/site/pages/dashboard/albums/_id.vue b/src/site/pages/dashboard/albums/_id.vue
index 964a416..c2f6a18 100644
--- a/src/site/pages/dashboard/albums/_id.vue
+++ b/src/site/pages/dashboard/albums/_id.vue
@@ -9,7 +9,7 @@
 </style>
 
 <template>
-	<section class="hero is-fullheight">
+	<section class="hero is-fullheight dashboard">
 		<div class="hero-body">
 			<div class="container">
 				<div class="columns">
@@ -71,11 +71,6 @@ export default {
 			showingModalForFile: null
 		};
 	},
-	computed: {
-		config() {
-			return this.$store.state.config;
-		}
-	},
 	metaInfo() {
 		return { title: 'Album' };
 	},
diff --git a/src/site/pages/dashboard/albums/index.vue b/src/site/pages/dashboard/albums/index.vue
index 123f1cd..9333ffa 100644
--- a/src/site/pages/dashboard/albums/index.vue
+++ b/src/site/pages/dashboard/albums/index.vue
@@ -1,14 +1,5 @@
 <style lang="scss" scoped>
 	@import '~/assets/styles/_colors.scss';
-	section { background-color: $backgroundLight1 !important; }
-	section.hero div.hero-body {
-		align-items: baseline;
-	}
-	div.search-container {
-		display: flex;
-		justify-content: center;
-	}
-
 	div.view-container {
 		padding: 2rem;
 	}
@@ -130,7 +121,7 @@
 
 
 <template>
-	<section class="hero is-fullheight">
+	<section class="hero is-fullheight dashboard">
 		<div class="hero-body">
 			<div class="container">
 				<div class="columns">
diff --git a/src/site/pages/dashboard/index.vue b/src/site/pages/dashboard/index.vue
index 3f9e8e0..9419fa1 100644
--- a/src/site/pages/dashboard/index.vue
+++ b/src/site/pages/dashboard/index.vue
@@ -1,15 +1,9 @@
 <style lang="scss" scoped>
-	@import '~/assets/styles/_colors.scss';
-	section { background-color: $backgroundLight1 !important; }
-	section.hero div.hero-body {
-		align-items: baseline;
-	}
-
 	.albumsModal .columns .column { padding: .25rem; }
 </style>
 
 <template>
-	<section class="hero is-fullheight">
+	<section class="hero is-fullheight dashboard">
 		<div class="hero-body">
 			<div class="container">
 				<div class="columns">
@@ -71,11 +65,6 @@ export default {
 			showingModalForFile: null
 		};
 	},
-	computed: {
-		config() {
-			return this.$store.state.config;
-		}
-	},
 	metaInfo() {
 		return { title: 'Uploads' };
 	},
diff --git a/src/site/pages/dashboard/settings.vue b/src/site/pages/dashboard/settings.vue
index 1b9adcb..35a23e8 100644
--- a/src/site/pages/dashboard/settings.vue
+++ b/src/site/pages/dashboard/settings.vue
@@ -1,21 +1,5 @@
-<style lang="scss" scoped>
-	@import '~/assets/styles/_colors.scss';
-	section { background-color: $backgroundLight1 !important; }
-	section.hero div.hero-body {
-		align-items: baseline;
-	}
-	div.search-container {
-		display: flex;
-		justify-content: center;
-	}
-</style>
-<style lang="scss">
-	@import '~/assets/styles/_colors.scss';
-</style>
-
-
 <template>
-	<section class="hero is-fullheight">
+	<section class="hero is-fullheight dashboard">
 		<div class="hero-body">
 			<div class="container">
 				<div class="columns">
@@ -25,11 +9,6 @@
 					<div class="column">
 						<h2 class="subtitle">Service settings</h2>
 						<hr>
-						<!--
-						<h1 class="title">Uploads</h1>
-						<h2 class="subtitle">Keep track of all your uploads in here</h2>
-						<hr>
-						-->
 
 						<b-field label="Service name"
 							message="Please enter the name which this service is gonna be identified as"
@@ -130,11 +109,6 @@ export default {
 			options: {}
 		};
 	},
-	computed: {
-		config() {
-			return this.$store.state.config;
-		}
-	},
 	metaInfo() {
 		return { title: 'Settings' };
 	},
diff --git a/src/site/pages/dashboard/tags/index.vue b/src/site/pages/dashboard/tags/index.vue
index 7dd917b..bc9ae57 100644
--- a/src/site/pages/dashboard/tags/index.vue
+++ b/src/site/pages/dashboard/tags/index.vue
@@ -1,14 +1,5 @@
 <style lang="scss" scoped>
 	@import '~/assets/styles/_colors.scss';
-	section { background-color: $backgroundLight1 !important; }
-	section.hero div.hero-body {
-		align-items: baseline;
-	}
-	div.search-container {
-		display: flex;
-		justify-content: center;
-	}
-
 	div.view-container {
 		padding: 2rem;
 	}
@@ -130,7 +121,7 @@
 
 
 <template>
-	<section class="hero is-fullheight">
+	<section class="hero is-fullheight dashboard">
 		<div class="hero-body">
 			<div class="container">
 				<div class="columns">
diff --git a/src/site/pages/dashboard/users.vue b/src/site/pages/dashboard/users.vue
index ff80ea1..66ccebe 100644
--- a/src/site/pages/dashboard/users.vue
+++ b/src/site/pages/dashboard/users.vue
@@ -1,14 +1,5 @@
 <style lang="scss" scoped>
 	@import '~/assets/styles/_colors.scss';
-	section { background-color: $backgroundLight1 !important; }
-	section.hero div.hero-body {
-		align-items: baseline;
-	}
-	div.search-container {
-		display: flex;
-		justify-content: center;
-	}
-
 	div.view-container {
 		padding: 2rem;
 	}
@@ -130,7 +121,7 @@
 
 
 <template>
-	<section class="hero is-fullheight">
+	<section class="hero is-fullheight dashboard">
 		<div class="hero-body">
 			<div class="container">
 				<div class="columns">
author	Pitu <[email protected]>	2019-10-12 21:14:19 +0900
committer	Pitu <[email protected]>	2019-10-12 21:14:19 +0900
commit	bca8fbcd839d2239e3f6f141f662fbbc74726835 (patch)
tree	174fb569e7ae5fb3daf4cbfbfb0d957db976074b /src
parent	Added new links to the navbar (diff)
download	host.fuwn.me-bca8fbcd839d2239e3f6f141f662fbbc74726835.tar.xz host.fuwn.me-bca8fbcd839d2239e3f6f141f662fbbc74726835.zip