fix: change errorForbidden function signature, add req into function parameter

a60814billy · a60814billy · commit 6b1ce381dfcc · 2020-02-26T11:13:45.000+08:00
avoid incorrect function parameter passing

Signed-off-by: BoHong Li &lt;raccoon@hackmd.io&gt;
diff --git a/lib/history/index.js b/lib/history/index.js
@@ -123,7 +123,7 @@ function historyGet (req, res) {
       })
     })
   } else {
-    return response.errorForbidden(res)
+    return response.errorForbidden(req, res)
   }
 }
 
@@ -164,7 +164,7 @@ function historyPost (req, res) {
       })
     }
   } else {
-    return response.errorForbidden(res)
+    return response.errorForbidden(req, res)
   }
 }
 
@@ -188,7 +188,7 @@ function historyDelete (req, res) {
       })
     }
   } else {
-    return response.errorForbidden(res)
+    return response.errorForbidden(req, res)
   }
 }
 
diff --git a/lib/imageRouter/index.js b/lib/imageRouter/index.js
@@ -21,7 +21,7 @@ imageRouter.post('/uploadimage', function (req, res) {
 
   form.parse(req, function (err, fields, files) {
     if (err || !files.image || !files.image.path) {
-      response.errorForbidden(res)
+      response.errorForbidden(req, res)
     } else {
       if (config.debug) {
         logger.info('SERVER received uploadimage: ' + JSON.stringify(files.image))
diff --git a/lib/note/index.js b/lib/note/index.js
@@ -66,7 +66,7 @@ async function showNote (req, res) {
   }
 
   if (!newCheckViewPermission(note, req.isAuthenticated(), userId)) {
-    return errorForbidden(res)
+    return errorForbidden(req, res)
   }
 
   // force to use note id
@@ -99,7 +99,7 @@ async function showPublishNote (req, res) {
   }
 
   if (!canViewNote(note, req.isAuthenticated(), req.user ? req.user.id : null)) {
-    return errorForbidden(req)
+    return errorForbidden(req, res)
   }
 
   if ((note.alias && shortid !== note.alias) || (!note.alias && shortid !== note.shortid)) {
@@ -150,7 +150,7 @@ async function noteActions (req, res) {
   }
 
   if (!canViewNote(note, req.isAuthenticated(), req.user ? req.user.id : null)) {
-    return errorForbidden(req)
+    return errorForbidden(req, res)
   }
 
   const action = req.params.action
@@ -171,7 +171,7 @@ async function noteActions (req, res) {
         actionPDF(req, res, note)
       } else {
         logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details')
-        errorForbidden(res)
+        errorForbidden(req, res)
       }
       break
     case 'gist':
diff --git a/lib/response.js b/lib/response.js
@@ -28,8 +28,7 @@ exports.checkViewPermission = checkViewPermission
 exports.newCheckViewPermission = newCheckViewPermission
 exports.responseCodiMD = responseCodiMD
 
-function errorForbidden (res) {
-  const { req } = res
+function errorForbidden (req, res) {
   if (req.user) {
     responseError(res, '403', 'Forbidden', 'oh no.')
   } else {
@@ -100,7 +99,7 @@ function newNote (req, res, next) {
   if (req.isAuthenticated()) {
     owner = req.user.id
   } else if (!config.allowAnonymous) {
-    return errorForbidden(res)
+    return errorForbidden(req, res)
   }
   models.Note.create({
     ownerId: owner,
@@ -161,7 +160,7 @@ function findNote (req, res, callback, include) {
         }
       }
       if (!checkViewPermission(req, note)) {
-        return errorForbidden(res)
+        return errorForbidden(req, res)
       } else {
         return callback(note)
       }
@@ -239,7 +238,7 @@ function githubActionGist (req, res, note) {
   var code = req.query.code
   var state = req.query.state
   if (!code || !state) {
-    return errorForbidden(res)
+    return errorForbidden(req, res)
   } else {
     var data = {
       client_id: config.github.clientID,
@@ -279,14 +278,14 @@ function githubActionGist (req, res, note) {
               res.setHeader('referer', '')
               res.redirect(body.html_url)
             } else {
-              return errorForbidden(res)
+              return errorForbidden(req, res)
             }
           })
         } else {
-          return errorForbidden(res)
+          return errorForbidden(req, res)
         }
       } else {
-        return errorForbidden(res)
+        return errorForbidden(req, res)
       }
     })
   }
@@ -334,7 +333,7 @@ function gitlabActionProjects (req, res, note) {
       return errorInternalError(res)
     })
   } else {
-    return errorForbidden(res)
+    return errorForbidden(req, res)
   }
 }
 
diff --git a/lib/user/index.js b/lib/user/index.js
@@ -37,7 +37,7 @@ exports.getMe = async (req, res) => {
 
 exports.deleteUser = async (req, res) => {
   if (!req.isAuthenticated()) {
-    return response.errorForbidden(res)
+    return response.errorForbidden(req, res)
   }
 
   const user = await models.User.findOne({
@@ -51,7 +51,7 @@ exports.deleteUser = async (req, res) => {
   }
 
   if (user.deleteToken !== req.params.token) {
-    return response.errorForbidden(res)
+    return response.errorForbidden(req, res)
   }
 
   await user.destroy()
@@ -60,7 +60,7 @@ exports.deleteUser = async (req, res) => {
 
 exports.exportMyData = (req, res) => {
   if (!req.isAuthenticated()) {
-    return response.errorForbidden(res)
+    return response.errorForbidden(req, res)
   }
 
   const archive = archiver('zip', {

Original file line number	Diff line number	Diff line change
`@@ -123,7 +123,7 @@ function historyGet (req, res) {`
`123`	`123`	`})`
`124`	`124`	`})`
`125`	`125`	`} else {`
`126`		`- return response.errorForbidden(res)`
	`126`	`+ return response.errorForbidden(req, res)`
`127`	`127`	`}`
`128`	`128`	`}`
`129`	`129`
`@@ -164,7 +164,7 @@ function historyPost (req, res) {`
`164`	`164`	`})`
`165`	`165`	`}`
`166`	`166`	`} else {`
`167`		`- return response.errorForbidden(res)`
	`167`	`+ return response.errorForbidden(req, res)`
`168`	`168`	`}`
`169`	`169`	`}`
`170`	`170`
`@@ -188,7 +188,7 @@ function historyDelete (req, res) {`
`188`	`188`	`})`
`189`	`189`	`}`
`190`	`190`	`} else {`
`191`		`- return response.errorForbidden(res)`
	`191`	`+ return response.errorForbidden(req, res)`
`192`	`192`	`}`
`193`	`193`	`}`
`194`	`194`
Original file line number	Diff line number	Diff line change
`@@ -66,7 +66,7 @@ async function showNote (req, res) {`
`66`	`66`	`}`
`67`	`67`
`68`	`68`	`if (!newCheckViewPermission(note, req.isAuthenticated(), userId)) {`
`69`		`- return errorForbidden(res)`
	`69`	`+ return errorForbidden(req, res)`
`70`	`70`	`}`
`71`	`71`
`72`	`72`	`// force to use note id`
`@@ -99,7 +99,7 @@ async function showPublishNote (req, res) {`
`99`	`99`	`}`
`100`	`100`
`101`	`101`	`if (!canViewNote(note, req.isAuthenticated(), req.user ? req.user.id : null)) {`
`102`		`- return errorForbidden(req)`
	`102`	`+ return errorForbidden(req, res)`
`103`	`103`	`}`
`104`	`104`
`105`	`105`	`if ((note.alias && shortid !== note.alias) \|\| (!note.alias && shortid !== note.shortid)) {`
`@@ -150,7 +150,7 @@ async function noteActions (req, res) {`
`150`	`150`	`}`
`151`	`151`
`152`	`152`	`if (!canViewNote(note, req.isAuthenticated(), req.user ? req.user.id : null)) {`
`153`		`- return errorForbidden(req)`
	`153`	`+ return errorForbidden(req, res)`
`154`	`154`	`}`
`155`	`155`
`156`	`156`	`const action = req.params.action`
`@@ -171,7 +171,7 @@ async function noteActions (req, res) {`
`171`	`171`	`actionPDF(req, res, note)`
`172`	`172`	`} else {`
`173`	`173`	`logger.error('PDF export failed: Disabled by config. Set "allowPDFExport: true" to enable. Check the documentation for details')`
`174`		`- errorForbidden(res)`
	`174`	`+ errorForbidden(req, res)`
`175`	`175`	`}`
`176`	`176`	`break`
`177`	`177`	`case 'gist':`
Original file line number	Diff line number	Diff line change
`@@ -37,7 +37,7 @@ exports.getMe = async (req, res) => {`
`37`	`37`
`38`	`38`	`exports.deleteUser = async (req, res) => {`
`39`	`39`	`if (!req.isAuthenticated()) {`
`40`		`- return response.errorForbidden(res)`
	`40`	`+ return response.errorForbidden(req, res)`
`41`	`41`	`}`
`42`	`42`
`43`	`43`	`const user = await models.User.findOne({`
`@@ -51,7 +51,7 @@ exports.deleteUser = async (req, res) => {`
`51`	`51`	`}`
`52`	`52`
`53`	`53`	`if (user.deleteToken !== req.params.token) {`
`54`		`- return response.errorForbidden(res)`
	`54`	`+ return response.errorForbidden(req, res)`
`55`	`55`	`}`
`56`	`56`
`57`	`57`	`await user.destroy()`
`@@ -60,7 +60,7 @@ exports.deleteUser = async (req, res) => {`
`60`	`60`
`61`	`61`	`exports.exportMyData = (req, res) => {`
`62`	`62`	`if (!req.isAuthenticated()) {`
`63`		`- return response.errorForbidden(res)`
	`63`	`+ return response.errorForbidden(req, res)`
`64`	`64`	`}`
`65`	`65`
`66`	`66`	`const archive = archiver('zip', {`