LailaTheElf/hedgedoc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1084 from hedgedoc/fix/double-freeurl-note-creation

Browse Source
This commit is contained in:
Yannick Bungers 2021-03-29 23:14:14 +02:00 committed by GitHub
commit 3a60f069cb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 18 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/errors.js
View File

@ -20,6 +20,9 @@ module.exports = {
errorBadRequest: function (res) { errorBadRequest: function (res) {
responseError(res, '400', 'Bad Request', 'something not right.') responseError(res, '400', 'Bad Request', 'something not right.')
}, },
errorConflict: function (res) {
responseError(res, '409', 'Conflict', 'This note already exists.')
},
errorTooLong: function (res) { errorTooLong: function (res) {
responseError(res, '413', 'Payload Too Large', 'Shorten your note!') responseError(res, '413', 'Payload Too Large', 'Shorten your note!')
}, },

17
lib/web/note/util.js
View File

@ -46,7 +46,7 @@ exports.checkViewPermission = function (req, note) {
} }
} }
exports.newNote = function (req, res, body) { exports.newNote = async function (req, res, body) {
let owner = null let owner = null
const noteId = req.params.noteId ? req.params.noteId : null const noteId = req.params.noteId ? req.params.noteId : null
if (req.isAuthenticated()) { if (req.isAuthenticated()) {
@ -60,6 +60,19 @@ exports.newNote = function (req, res, body) {
} else { } else {
return req.method === 'POST' ? errors.errorForbidden(res) : errors.errorNotFound(res) return req.method === 'POST' ? errors.errorForbidden(res) : errors.errorNotFound(res)
} }
try {
const count = await models.Note.count({
where: {
alias: req.alias
}
})
if (count > 0) {
return errors.errorConflict(res)
}
} catch (err) {
logger.error('Error while checking for possible duplicate: ' + err)
return errors.errorInternalError(res)
}
} }
models.Note.create({ models.Note.create({
ownerId: owner, ownerId: owner,
@ -69,7 +82,7 @@ exports.newNote = function (req, res, body) {
}).then(function (note) { }).then(function (note) {
return res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id))) return res.redirect(config.serverURL + '/' + (note.alias ? note.alias : models.Note.encodeNoteId(note.id)))
}).catch(function (err) { }).catch(function (err) {
logger.error(err) logger.error('Note could not be created: ' + err)
return errors.errorInternalError(res) return errors.errorInternalError(res)
}) })
} }