diff options
author | Lauri Ojansivu <x@xet7.org> | 2019-01-22 16:29:42 +0200 |
---|---|---|
committer | GitHub <noreply@github.com> | 2019-01-22 16:29:42 +0200 |
commit | 6fbadbe5bce90fb3a67857b37d09fccc281744a2 (patch) | |
tree | 159262ecf22ad851d37f190edc4ba157a2aa12bc | |
parent | 44e4df2492b95226f1297e7f556d61b1afaab714 (diff) | |
parent | 26d7ba72aa85bd217fdb0e0e9ba16cdbdb9b4035 (diff) | |
download | wekan-6fbadbe5bce90fb3a67857b37d09fccc281744a2.tar.gz wekan-6fbadbe5bce90fb3a67857b37d09fccc281744a2.tar.bz2 wekan-6fbadbe5bce90fb3a67857b37d09fccc281744a2.zip |
Merge pull request #2118 from bentiss/export
Allow to call export from the API
-rw-r--r-- | models/export.js | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/models/export.js b/models/export.js index fa4894d9..50971c88 100644 --- a/models/export.js +++ b/models/export.js @@ -10,7 +10,7 @@ if (Meteor.isServer) { * @operation export * @tag Boards * - * @summary This route is used to export the board **FROM THE APPLICATION**. + * @summary This route is used to export the board. * * @description If user is already logged-in, pass loginToken as param * "authToken": '/api/boards/:boardId/export?authToken=:token' @@ -24,14 +24,16 @@ if (Meteor.isServer) { JsonRoutes.add('get', '/api/boards/:boardId/export', function(req, res) { const boardId = req.params.boardId; let user = null; - // todo XXX for real API, first look for token in Authentication: header - // then fallback to parameter + const loginToken = req.query.authToken; if (loginToken) { const hashToken = Accounts._hashLoginToken(loginToken); user = Meteor.users.findOne({ 'services.resume.loginTokens.hashedToken': hashToken, }); + } else { + Authentication.checkUserId(req.userId); + user = Users.findOne({ _id: req.userId, isAdmin: true }); } const exporter = new Exporter(boardId); |