forked from cory/tildefriends
		
	js: Move /save to C.
This commit is contained in:
		
							
								
								
									
										211
									
								
								core/core.js
									
									
									
									
									
								
							
							
						
						
									
										211
									
								
								core/core.js
									
									
									
									
									
								
							| @@ -932,148 +932,83 @@ async function blobHandler(request, response, blobId, uri) { | ||||
| 	} | ||||
|  | ||||
| 	let process; | ||||
| 	if (uri == '/save') { | ||||
| 		let match; | ||||
| 		if ((match = /^\/\~(\w+)\/(\w+)$/.exec(blobId))) { | ||||
| 			let user = match[1]; | ||||
| 			let appName = match[2]; | ||||
| 			let credentials = await httpd.auth_query(request.headers); | ||||
| 			if ( | ||||
| 				credentials && | ||||
| 				credentials.session && | ||||
| 				(credentials.session.name == user || | ||||
| 					(credentials.permissions.administration && user == 'core')) | ||||
| 			) { | ||||
| 				let database = new Database(user); | ||||
| 	let data; | ||||
| 	let match; | ||||
| 	let id; | ||||
| 	let app_id = blobId; | ||||
| 	let packageOwner; | ||||
| 	let packageName; | ||||
| 	if ((match = /^\/\~(\w+)\/(\w+)$/.exec(blobId))) { | ||||
| 		packageOwner = match[1]; | ||||
| 		packageName = match[2]; | ||||
| 		let db = new Database(match[1]); | ||||
| 		app_id = await db.get('path:' + match[2]); | ||||
| 	} | ||||
|  | ||||
| 				let app_object = JSON.parse(utf8Decode(request.body)); | ||||
| 				let previous_id = await database.get('path:' + appName); | ||||
| 				if (previous_id) { | ||||
| 					try { | ||||
| 						let previous_object = JSON.parse( | ||||
| 							utf8Decode(await ssb.blobGet(previous_id)) | ||||
| 						); | ||||
| 						delete previous_object.previous; | ||||
| 						delete app_object.previous; | ||||
| 						if (JSON.stringify(previous_object) == JSON.stringify(app_object)) { | ||||
| 							response.writeHead(200, { | ||||
| 								'Content-Type': 'text/plain; charset=utf-8', | ||||
| 							}); | ||||
| 							response.end('/' + previous_id); | ||||
| 							return; | ||||
| 						} | ||||
| 					} catch {} | ||||
| 				} | ||||
| 				app_object.previous = previous_id; | ||||
| 				let newBlobId = await ssb.blobStore(JSON.stringify(app_object)); | ||||
|  | ||||
| 				let apps = new Set(); | ||||
| 				let apps_original = await database.get('apps'); | ||||
| 				try { | ||||
| 					apps = new Set(JSON.parse(apps_original)); | ||||
| 				} catch {} | ||||
| 				if (!apps.has(appName)) { | ||||
| 					apps.add(appName); | ||||
| 				} | ||||
| 				apps = JSON.stringify([...apps].sort()); | ||||
| 				if (apps != apps_original) { | ||||
| 					await database.set('apps', apps); | ||||
| 				} | ||||
| 				await database.set('path:' + appName, newBlobId); | ||||
| 				response.writeHead(200, {'Content-Type': 'text/plain; charset=utf-8'}); | ||||
| 				response.end('/' + newBlobId); | ||||
| 			} else { | ||||
| 				response.writeHead(401, {'Content-Type': 'text/plain; charset=utf-8'}); | ||||
| 				response.end('401 Unauthorized'); | ||||
| 				return; | ||||
| 			} | ||||
| 		} else if (blobId === '') { | ||||
| 			let newBlobId = await ssb.blobStore(request.body); | ||||
| 			response.writeHead(200, {'Content-Type': 'text/plain; charset=utf-8'}); | ||||
| 			response.end('/' + newBlobId); | ||||
| 	let app_object = JSON.parse(utf8Decode(await ssb.blobGet(app_id))); | ||||
| 	id = app_object?.files[uri.substring(1)]; | ||||
| 	if (!id && app_object?.files['handler.js']) { | ||||
| 		let answer; | ||||
| 		try { | ||||
| 			answer = await useAppHandler( | ||||
| 				response, | ||||
| 				app_id, | ||||
| 				uri.substring(1), | ||||
| 				request.query ? form.decodeForm(request.query) : undefined, | ||||
| 				request.headers, | ||||
| 				packageOwner, | ||||
| 				packageName | ||||
| 			); | ||||
| 		} catch (error) { | ||||
| 			data = utf8Encode( | ||||
| 				`Internal Server Error\n\n${error?.message}\n${error?.stack}` | ||||
| 			); | ||||
| 			response.writeHead(500, { | ||||
| 				'Content-Type': 'text/plain; charset=utf-8', | ||||
| 				'Content-Length': data.length, | ||||
| 			}); | ||||
| 			response.end(data); | ||||
| 			return; | ||||
| 		} | ||||
| 		if (answer && typeof answer.data == 'string') { | ||||
| 			answer.data = utf8Encode(answer.data); | ||||
| 		} | ||||
| 		sendData( | ||||
| 			response, | ||||
| 			answer?.data, | ||||
| 			answer?.content_type, | ||||
| 			Object.assign(answer?.headers ?? {}, { | ||||
| 				'Access-Control-Allow-Origin': '*', | ||||
| 				'Content-Security-Policy': k_content_security_policy, | ||||
| 			}), | ||||
| 			answer.status_code | ||||
| 		); | ||||
| 	} else if (id) { | ||||
| 		if ( | ||||
| 			request.headers['if-none-match'] && | ||||
| 			request.headers['if-none-match'] == '"' + id + '"' | ||||
| 		) { | ||||
| 			let headers = { | ||||
| 				'Access-Control-Allow-Origin': '*', | ||||
| 				'Content-Security-Policy': k_content_security_policy, | ||||
| 				'Content-Length': '0', | ||||
| 			}; | ||||
| 			response.writeHead(304, headers); | ||||
| 			response.end(); | ||||
| 		} else { | ||||
| 			response.writeHead(400, {'Content-Type': 'text/plain; charset=utf-8'}); | ||||
| 			response.end('Invalid name.'); | ||||
| 			let headers = { | ||||
| 				ETag: '"' + id + '"', | ||||
| 				'Access-Control-Allow-Origin': '*', | ||||
| 				'Content-Security-Policy': k_content_security_policy, | ||||
| 			}; | ||||
| 			data = await ssb.blobGet(id); | ||||
| 			let type = | ||||
| 				httpd.mime_type_from_extension(uri) || | ||||
| 				httpd.mime_type_from_magic_bytes(data); | ||||
| 			sendData(response, data, type, headers); | ||||
| 		} | ||||
| 	} else { | ||||
| 		let data; | ||||
| 		let match; | ||||
| 		let id; | ||||
| 		let app_id = blobId; | ||||
| 		let packageOwner; | ||||
| 		let packageName; | ||||
| 		if ((match = /^\/\~(\w+)\/(\w+)$/.exec(blobId))) { | ||||
| 			packageOwner = match[1]; | ||||
| 			packageName = match[2]; | ||||
| 			let db = new Database(match[1]); | ||||
| 			app_id = await db.get('path:' + match[2]); | ||||
| 		} | ||||
|  | ||||
| 		let app_object = JSON.parse(utf8Decode(await ssb.blobGet(app_id))); | ||||
| 		id = app_object?.files[uri.substring(1)]; | ||||
| 		if (!id && app_object?.files['handler.js']) { | ||||
| 			let answer; | ||||
| 			try { | ||||
| 				answer = await useAppHandler( | ||||
| 					response, | ||||
| 					app_id, | ||||
| 					uri.substring(1), | ||||
| 					request.query ? form.decodeForm(request.query) : undefined, | ||||
| 					request.headers, | ||||
| 					packageOwner, | ||||
| 					packageName | ||||
| 				); | ||||
| 			} catch (error) { | ||||
| 				data = utf8Encode( | ||||
| 					`Internal Server Error\n\n${error?.message}\n${error?.stack}` | ||||
| 				); | ||||
| 				response.writeHead(500, { | ||||
| 					'Content-Type': 'text/plain; charset=utf-8', | ||||
| 					'Content-Length': data.length, | ||||
| 				}); | ||||
| 				response.end(data); | ||||
| 				return; | ||||
| 			} | ||||
| 			if (answer && typeof answer.data == 'string') { | ||||
| 				answer.data = utf8Encode(answer.data); | ||||
| 			} | ||||
| 			sendData( | ||||
| 				response, | ||||
| 				answer?.data, | ||||
| 				answer?.content_type, | ||||
| 				Object.assign(answer?.headers ?? {}, { | ||||
| 					'Access-Control-Allow-Origin': '*', | ||||
| 					'Content-Security-Policy': k_content_security_policy, | ||||
| 				}), | ||||
| 				answer.status_code | ||||
| 			); | ||||
| 		} else if (id) { | ||||
| 			if ( | ||||
| 				request.headers['if-none-match'] && | ||||
| 				request.headers['if-none-match'] == '"' + id + '"' | ||||
| 			) { | ||||
| 				let headers = { | ||||
| 					'Access-Control-Allow-Origin': '*', | ||||
| 					'Content-Security-Policy': k_content_security_policy, | ||||
| 					'Content-Length': '0', | ||||
| 				}; | ||||
| 				response.writeHead(304, headers); | ||||
| 				response.end(); | ||||
| 			} else { | ||||
| 				let headers = { | ||||
| 					ETag: '"' + id + '"', | ||||
| 					'Access-Control-Allow-Origin': '*', | ||||
| 					'Content-Security-Policy': k_content_security_policy, | ||||
| 				}; | ||||
| 				data = await ssb.blobGet(id); | ||||
| 				let type = | ||||
| 					httpd.mime_type_from_extension(uri) || | ||||
| 					httpd.mime_type_from_magic_bytes(data); | ||||
| 				sendData(response, data, type, headers); | ||||
| 			} | ||||
| 		} else { | ||||
| 			sendData(response, data, undefined, {}); | ||||
| 		} | ||||
| 		sendData(response, data, undefined, {}); | ||||
| 	} | ||||
| } | ||||
|  | ||||
|   | ||||
		Reference in New Issue
	
	Block a user