2017-10-22 09:10:33 +08:00
|
|
|
"use strict";
|
|
|
|
|
2017-10-15 11:31:44 +08:00
|
|
|
const express = require('express');
|
|
|
|
const router = express.Router();
|
2017-11-05 23:41:54 +08:00
|
|
|
const auth = require('../../services/auth');
|
2017-10-16 07:47:05 +08:00
|
|
|
const sql = require('../../services/sql');
|
2017-11-05 23:41:54 +08:00
|
|
|
const notes = require('../../services/notes');
|
2017-11-27 12:10:23 +08:00
|
|
|
const log = require('../../services/log');
|
2018-01-16 09:54:22 +08:00
|
|
|
const utils = require('../../services/utils');
|
2017-11-13 10:40:26 +08:00
|
|
|
const protected_session = require('../../services/protected_session');
|
2018-01-14 09:53:00 +08:00
|
|
|
const tree = require('../../services/tree');
|
2018-01-21 10:56:03 +08:00
|
|
|
const sync_table = require('../../services/sync_table');
|
2018-01-07 22:35:44 +08:00
|
|
|
const wrap = require('express-promise-wrap').wrap;
|
2017-10-15 11:31:44 +08:00
|
|
|
|
2018-01-07 22:35:44 +08:00
|
|
|
router.get('/:noteId', auth.checkApiAuth, wrap(async (req, res, next) => {
|
2017-11-15 13:04:26 +08:00
|
|
|
const noteId = req.params.noteId;
|
2017-10-15 11:31:44 +08:00
|
|
|
|
2018-01-30 06:41:59 +08:00
|
|
|
const detail = await sql.getRow("SELECT * FROM notes WHERE noteId = ?", [noteId]);
|
2017-10-15 11:31:44 +08:00
|
|
|
|
2017-11-27 12:10:23 +08:00
|
|
|
if (!detail) {
|
|
|
|
log.info("Note " + noteId + " has not been found.");
|
|
|
|
|
|
|
|
return res.status(404).send({});
|
|
|
|
}
|
|
|
|
|
2018-01-25 11:13:41 +08:00
|
|
|
protected_session.decryptNote(req, detail);
|
2017-11-13 10:40:26 +08:00
|
|
|
|
2017-10-15 11:31:44 +08:00
|
|
|
res.send({
|
2017-12-11 01:56:59 +08:00
|
|
|
detail: detail
|
2017-10-15 11:31:44 +08:00
|
|
|
});
|
2018-01-07 22:35:44 +08:00
|
|
|
}));
|
2017-10-15 11:31:44 +08:00
|
|
|
|
2018-01-07 22:35:44 +08:00
|
|
|
router.post('/:parentNoteId/children', auth.checkApiAuth, wrap(async (req, res, next) => {
|
2018-01-29 10:57:46 +08:00
|
|
|
const sourceId = req.headers.source_id;
|
2017-11-23 12:16:54 +08:00
|
|
|
const parentNoteId = req.params.parentNoteId;
|
2018-01-28 23:37:43 +08:00
|
|
|
const newNote = req.body;
|
2017-10-15 11:31:44 +08:00
|
|
|
|
2018-01-28 06:18:19 +08:00
|
|
|
await sql.doInTransaction(async () => {
|
2018-01-28 23:37:43 +08:00
|
|
|
const { noteId, noteTreeId, note } = await notes.createNewNote(parentNoteId, newNote, req, sourceId);
|
2017-10-15 11:31:44 +08:00
|
|
|
|
2018-01-28 06:18:19 +08:00
|
|
|
res.send({
|
2018-01-29 08:30:14 +08:00
|
|
|
'noteId': noteId,
|
|
|
|
'noteTreeId': noteTreeId,
|
2018-01-28 23:37:43 +08:00
|
|
|
'note': note
|
2018-01-28 06:18:19 +08:00
|
|
|
});
|
2017-10-30 06:50:28 +08:00
|
|
|
});
|
2018-01-07 22:35:44 +08:00
|
|
|
}));
|
2017-10-15 11:31:44 +08:00
|
|
|
|
2018-01-07 22:35:44 +08:00
|
|
|
router.put('/:noteId', auth.checkApiAuth, wrap(async (req, res, next) => {
|
2017-11-15 10:54:12 +08:00
|
|
|
const note = req.body;
|
2017-11-15 13:04:26 +08:00
|
|
|
const noteId = req.params.noteId;
|
2018-01-29 10:57:46 +08:00
|
|
|
const sourceId = req.headers.source_id;
|
2017-12-17 10:23:35 +08:00
|
|
|
const dataKey = protected_session.getDataKey(req);
|
2017-11-05 23:41:54 +08:00
|
|
|
|
2017-12-17 10:23:35 +08:00
|
|
|
await notes.updateNote(noteId, note, dataKey, sourceId);
|
2017-10-15 11:31:44 +08:00
|
|
|
|
|
|
|
res.send({});
|
2018-01-07 22:35:44 +08:00
|
|
|
}));
|
2017-10-15 11:31:44 +08:00
|
|
|
|
2018-01-07 22:35:44 +08:00
|
|
|
router.get('/', auth.checkApiAuth, wrap(async (req, res, next) => {
|
2018-02-05 11:44:15 +08:00
|
|
|
let {attrFilters, searchText} = parseFilters(req.query.search);
|
2017-10-15 11:31:44 +08:00
|
|
|
|
2018-02-05 11:44:15 +08:00
|
|
|
const {query, params} = getSearchQuery(attrFilters, searchText);
|
|
|
|
|
|
|
|
const noteIds = await sql.getColumn(query, params);
|
2017-10-15 11:31:44 +08:00
|
|
|
|
2018-01-16 09:54:22 +08:00
|
|
|
res.send(noteIds);
|
2018-01-07 22:35:44 +08:00
|
|
|
}));
|
2017-10-15 11:31:44 +08:00
|
|
|
|
2018-02-05 11:44:15 +08:00
|
|
|
function parseFilters(searchText) {
|
|
|
|
const attrFilters = [];
|
|
|
|
|
|
|
|
const attrRegex = /(\b(and|or)\s+)?@(!?)([\w_-]+|"[^"]+")((=|!=|<|<=|>|>=)([\w_-]+|"[^"]+"))?/i;
|
|
|
|
|
|
|
|
let match = attrRegex.exec(searchText);
|
|
|
|
|
|
|
|
function trimQuotes(str) { return str.startsWith('"') ? str.substr(1, str.length - 2) : str; }
|
|
|
|
|
|
|
|
while (match != null) {
|
|
|
|
const relation = match[2] !== undefined ? match[2].toLowerCase() : 'and';
|
|
|
|
const operator = match[3] === '!' ? 'not-exists' : 'exists';
|
|
|
|
|
|
|
|
attrFilters.push({
|
|
|
|
relation: relation,
|
|
|
|
name: trimQuotes(match[4]),
|
|
|
|
operator: match[6] !== undefined ? match[6] : operator,
|
|
|
|
value: match[7] !== undefined ? trimQuotes(match[7]) : null
|
|
|
|
});
|
|
|
|
|
|
|
|
// remove attributes from further fulltext search
|
2018-02-06 11:25:25 +08:00
|
|
|
searchText = searchText.split(match[0]).join('');
|
2018-02-05 11:44:15 +08:00
|
|
|
|
|
|
|
match = attrRegex.exec(searchText);
|
|
|
|
}
|
|
|
|
|
|
|
|
return {attrFilters, searchText};
|
|
|
|
}
|
|
|
|
|
|
|
|
function getSearchQuery(attrFilters, searchText) {
|
|
|
|
const joins = [];
|
|
|
|
const joinParams = [];
|
|
|
|
let where = '1';
|
|
|
|
const whereParams = [];
|
|
|
|
|
|
|
|
let i = 1;
|
|
|
|
|
|
|
|
for (const filter of attrFilters) {
|
|
|
|
joins.push(`LEFT JOIN attributes AS attr${i} ON attr${i}.noteId = notes.noteId AND attr${i}.name = ?`);
|
|
|
|
joinParams.push(filter.name);
|
|
|
|
|
|
|
|
where += " " + filter.relation + " ";
|
|
|
|
|
|
|
|
if (filter.operator === 'exists') {
|
|
|
|
where += `attr${i}.attributeId IS NOT NULL`;
|
|
|
|
}
|
|
|
|
else if (filter.operator === 'not-exists') {
|
|
|
|
where += `attr${i}.attributeId IS NULL`;
|
|
|
|
}
|
|
|
|
else if (filter.operator === '=' || filter.operator === '!=') {
|
|
|
|
where += `attr${i}.value ${filter.operator} ?`;
|
|
|
|
whereParams.push(filter.value);
|
|
|
|
}
|
|
|
|
else if ([">", ">=", "<", "<="].includes(filter.operator)) {
|
|
|
|
const floatParam = parseFloat(filter.value);
|
|
|
|
|
|
|
|
if (isNaN(floatParam)) {
|
|
|
|
where += `attr${i}.value ${filter.operator} ?`;
|
|
|
|
whereParams.push(filter.value);
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
where += `CAST(attr${i}.value AS DECIMAL) ${filter.operator} ?`;
|
|
|
|
whereParams.push(floatParam);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
throw new Error("Unknown operator " + filter.operator);
|
|
|
|
}
|
|
|
|
|
|
|
|
i++;
|
|
|
|
}
|
|
|
|
|
|
|
|
let searchCondition = '';
|
|
|
|
const searchParams = [];
|
|
|
|
|
|
|
|
if (searchText.trim() !== '') {
|
|
|
|
// searching in protected notes is pointless because of encryption
|
|
|
|
searchCondition = ' AND (notes.isProtected = 0 AND (notes.title LIKE ? OR notes.content LIKE ?))';
|
|
|
|
|
|
|
|
searchText = '%' + searchText.trim() + '%';
|
|
|
|
|
|
|
|
searchParams.push(searchText);
|
|
|
|
searchParams.push(searchText); // two occurences in searchCondition
|
|
|
|
}
|
|
|
|
|
|
|
|
const query = `SELECT notes.noteId FROM notes
|
|
|
|
${joins.join('\r\n')}
|
|
|
|
WHERE
|
|
|
|
notes.isDeleted = 0
|
|
|
|
AND (${where})
|
|
|
|
${searchCondition}`;
|
|
|
|
|
|
|
|
const params = joinParams.concat(whereParams).concat(searchParams);
|
|
|
|
|
|
|
|
return { query, params };
|
|
|
|
}
|
|
|
|
|
2018-01-14 06:00:40 +08:00
|
|
|
router.put('/:noteId/sort', auth.checkApiAuth, wrap(async (req, res, next) => {
|
|
|
|
const noteId = req.params.noteId;
|
2018-01-29 10:57:46 +08:00
|
|
|
const sourceId = req.headers.source_id;
|
2018-01-14 06:00:40 +08:00
|
|
|
const dataKey = protected_session.getDataKey(req);
|
|
|
|
|
2018-01-14 09:53:00 +08:00
|
|
|
await tree.sortNotesAlphabetically(noteId, dataKey, sourceId);
|
2018-01-14 06:00:40 +08:00
|
|
|
|
2018-01-14 09:53:00 +08:00
|
|
|
res.send({});
|
|
|
|
}));
|
2018-01-14 06:00:40 +08:00
|
|
|
|
2018-01-14 09:53:00 +08:00
|
|
|
router.put('/:noteId/protect-sub-tree/:isProtected', auth.checkApiAuth, wrap(async (req, res, next) => {
|
|
|
|
const noteId = req.params.noteId;
|
|
|
|
const isProtected = !!parseInt(req.params.isProtected);
|
|
|
|
const dataKey = protected_session.getDataKey(req);
|
2018-01-29 10:57:46 +08:00
|
|
|
const sourceId = req.headers.source_id;
|
2018-01-14 06:00:40 +08:00
|
|
|
|
2018-01-14 09:53:00 +08:00
|
|
|
await sql.doInTransaction(async () => {
|
|
|
|
await notes.protectNoteRecursively(noteId, dataKey, isProtected, sourceId);
|
2018-01-14 06:00:40 +08:00
|
|
|
});
|
|
|
|
|
|
|
|
res.send({});
|
|
|
|
}));
|
|
|
|
|
2018-01-24 12:41:22 +08:00
|
|
|
router.put(/\/(.*)\/type\/(.*)\/mime\/(.*)/, auth.checkApiAuth, wrap(async (req, res, next) => {
|
|
|
|
const noteId = req.params[0];
|
|
|
|
const type = req.params[1];
|
|
|
|
const mime = req.params[2];
|
2018-01-29 10:57:46 +08:00
|
|
|
const sourceId = req.headers.source_id;
|
2018-01-21 10:56:03 +08:00
|
|
|
|
|
|
|
await sql.doInTransaction(async () => {
|
2018-01-29 08:30:14 +08:00
|
|
|
await sql.execute("UPDATE notes SET type = ?, mime = ?, dateModified = ? WHERE noteId = ?",
|
2018-01-22 12:36:09 +08:00
|
|
|
[type, mime, utils.nowDate(), noteId]);
|
2018-01-21 10:56:03 +08:00
|
|
|
|
|
|
|
await sync_table.addNoteSync(noteId, sourceId);
|
|
|
|
});
|
|
|
|
|
|
|
|
res.send({});
|
|
|
|
}));
|
|
|
|
|
2017-10-15 11:31:44 +08:00
|
|
|
module.exports = router;
|