diff options
author | Johannes Zellner <johannes@nebulon.de> | 2017-06-12 09:30:03 +0200 |
---|---|---|
committer | Johannes Zellner <johannes@nebulon.de> | 2017-06-12 09:30:06 +0200 |
commit | 3d45c9610fce33a99d1b95aaa56eadf0bffd76b5 (patch) | |
tree | c8fb80eb0c8d26f95ca50d9e2a03eab6760f1cf3 /models/export.js | |
parent | 76f6f8caa4a60aaf3b39d50c0599dcfadd7f30d8 (diff) | |
download | wekan-3d45c9610fce33a99d1b95aaa56eadf0bffd76b5.tar.gz wekan-3d45c9610fce33a99d1b95aaa56eadf0bffd76b5.tar.bz2 wekan-3d45c9610fce33a99d1b95aaa56eadf0bffd76b5.zip |
Reenable the export feature
Fixes #1055
Diffstat (limited to 'models/export.js')
-rw-r--r-- | models/export.js | 44 |
1 files changed, 22 insertions, 22 deletions
diff --git a/models/export.js b/models/export.js index 7a363dd3..7b22f45d 100644 --- a/models/export.js +++ b/models/export.js @@ -9,33 +9,33 @@ if (Meteor.isServer) { /* * This route is used to export the board FROM THE APPLICATION. * If user is already logged-in, pass loginToken as param "authToken": - * '/api/boards/:boardId?authToken=:token' + * '/api/boards/:boardId/export?authToken=:token' * * See https://blog.kayla.com.au/server-side-route-authentication-in-meteor/ * for detailed explanations */ - // JsonRoutes.add('get', '/api/boards/:boardId', function (req, res) { - // const boardId = req.params.boardId; - // let user = null; - // // todo XXX for real API, first look for token in Authentication: header - // // then fallback to parameter - // const loginToken = req.query.authToken; - // if (loginToken) { - // const hashToken = Accounts._hashLoginToken(loginToken); - // user = Meteor.users.findOne({ - // 'services.resume.loginTokens.hashedToken': hashToken, - // }); - // } + JsonRoutes.add('get', '/api/boards/:boardId/export', function (req, res) { + const boardId = req.params.boardId; + let user = null; + // todo XXX for real API, first look for token in Authentication: header + // then fallback to parameter + const loginToken = req.query.authToken; + if (loginToken) { + const hashToken = Accounts._hashLoginToken(loginToken); + user = Meteor.users.findOne({ + 'services.resume.loginTokens.hashedToken': hashToken, + }); + } - // const exporter = new Exporter(boardId); - // if(exporter.canExport(user)) { - // JsonRoutes.sendResult(res, 200, exporter.build()); - // } else { - // // we could send an explicit error message, but on the other hand the only - // // way to get there is by hacking the UI so let's keep it raw. - // JsonRoutes.sendResult(res, 403); - // } - // }); + const exporter = new Exporter(boardId); + if(exporter.canExport(user)) { + JsonRoutes.sendResult(res, { code: 200, data: exporter.build() }); + } else { + // we could send an explicit error message, but on the other hand the only + // way to get there is by hacking the UI so let's keep it raw. + JsonRoutes.sendResult(res, 403); + } + }); } class Exporter { |