trilium/routes/api/script.js

53 lines
1.8 KiB
JavaScript
Raw Normal View History

"use strict";
const express = require('express');
const router = express.Router();
const auth = require('../../services/auth');
const wrap = require('express-promise-wrap').wrap;
const log = require('../../services/log');
const sql = require('../../services/sql');
const protected_session = require('../../services/protected_session');
router.post('/exec', auth.checkApiAuth, wrap(async (req, res, next) => {
log.info('Executing script: ' + req.body.script);
const ret = await eval("(" + req.body.script + ")()");
log.info('Execution result: ' + ret);
res.send(ret);
}));
router.get('/subtree/:noteId', auth.checkApiAuth, wrap(async (req, res, next) => {
const noteId = req.params.noteId;
res.send(await getSubTreeScripts(noteId, [noteId], req));
}));
async function getSubTreeScripts(parentId, includedNoteIds, dataKey) {
const children = await sql.getAll(`SELECT notes.note_id, notes.note_title, notes.note_text, notes.is_protected
FROM notes JOIN notes_tree USING(note_id)
WHERE notes_tree.is_deleted = 0 AND notes.is_deleted = 0
AND notes_tree.parent_note_id = ? AND notes.type = 'code'
2018-01-24 12:41:22 +08:00
AND (notes.mime = 'application/javascript' OR notes.mime = 'text/html')`, [parentId]);
protected_session.decryptNotes(dataKey, children);
let script = "\r\n";
for (const child of children) {
if (includedNoteIds.includes(child.note_id)) {
return;
}
includedNoteIds.push(child.note_id);
script += await getSubTreeScripts(child.note_id, includedNoteIds, dataKey);
script += child.note_text + "\r\n";
}
return script;
}
module.exports = router;