var express = require('express'); import DateUtils from '../../tools/utilities/DateUtils'; import StringUtils from '../../tools/utilities/StringUtils'; import RightsManager, { TASK_CREATE, TASK_UPDATE, TASK_READ, TASK_DELETE, OBJECT_CLIENT_ADMIN, OBJECT_CLIENT_USER, OBJECT_PROJECT_CLIENT, OBJECT_PROJECT_FOLIO, OBJECT_BOOKMARK, OBJECT_POST } from '../../tools/utilities/RightsManager'; var router = express.Router(); var multer = require('multer'); var fs = require('fs-extra'); var Models = require('../../models'); var uuidv4 = require('uuid/v4'); var md = require('markdown-it')('commonmark'); var sanitize = require('sanitize-html'); const dateUtils = new DateUtils(); const stringUtils = new StringUtils(); const rightsManager = new RightsManager(); var uploadPath = "./content/blog-images/" + dateUtils.getDate('year', new Date()) + "/" + dateUtils.getDate('month', new Date()); var Sequelize = require('sequelize'); const Op = Sequelize.Op; var _ = require('lodash'); fs.ensureDir(uploadPath, function(err) { //console.log(err) // => null // dir has now been created, including the directory it is to be placed in }) var storage = multer.diskStorage( { destination: function(req, file, cb) { cb(null, uploadPath) }, filename: function(req, file, cb) { var splice = file.originalname.split(':'); cb(null, splice[0]); } }); var feature_upload = multer( { storage: storage }).array('feature_image'); var post_upload = multer( { storage: storage }).array('post_image'); router.post("/sync", (req, res, next) => { let payload = req.body; Models.User.findById(req.session.user.id).then((user) => { if (rightsManager.check(user.role, OBJECT_POST, TASK_UPDATE)) { for (let index = 0; index < payload.length; index++) { const item = payload[index]; Models.FreshPost.findOne( { where: { "post": { [Op.contains]: { slug: item.post.slug } } } }).then(found =>{ if (!_.isEqual(item.post, found.post) ) found.update(item) }).catch(err=>{ Models.FreshPost.create(item).then(fresh =>{ //console.log(fresh) }) }) } res.json( { message: "postsSynced" }); } else { res.json( { message: "Nah. You can't do that. Talk to the admin, sport." }); } }); }) router.post('/jsontest-edit', function(req, res, next) { Models.FreshPost.findById(req.body.id).then(fresh => { fresh.update(req.body) res.json( { message: "jsonPostUpdated" }); }).catch(err => { console.log(err) }) }) router.get('/', function(req, res, next) { Models.Post.findAll( { order: [ ['id'] ] }).then(function(posts) { var count = posts.length; var list = []; for (let index = 0; index < count; index++) { let item = posts[index]; let post = { post: { uuid: item.uuid, title: item.title, slug: item.slug, tags: item.tags, feature: item.feature_image, author: "Are0h", html: item.html, plaintext: item.plaintext, featured: item.featured, published: item.published, page: item.page, created: item.created_at, updated: item.updated_at, deleted: false } } list.push(post); } res.json(list); }).catch(function(err) { //next(err); }) }) router.get('/json', function(req, res, next) { Models.FreshPost.findAll( { order: [ ['id', 'DESC'] ] }).then(function(posts) { res.json(posts) }).catch(function(err) { //next(err); }) }) /*** ADD POST */ router.post('/add', function(req, res, next) { if (!req.session.user) return res.json( { message: "You need to be logged in, champ." }); Models.User.findById(req.session.user.id).then((user) => { if (rightsManager.check(user.role, OBJECT_POST, TASK_CREATE)) { feature_upload(req, res, function(err) { if (err) { res.json( { message: err }); throw err; } else { var postImages = []; if (req.files != "") { for (let i = 0; i < req.files.length; i++) { postImages.push(req.files[i].path); } } else { console.log("NOTHING TO SAVE"); } Models.Post.sync().then(f => { var html = req.body.post_plaintext; html = html.replace(/<\/?span[^>]*>/g, ""); //removes highightjs styling console.log("REGULAR: " + html); let buffed = sanitize(html, { allowedTags: ['del', 'a', 'iframe', 'img'], allowedAttributes: { a: ['href', 'name', 'target'], img: ['src'], iframe: ['height', 'width', 'src', 'frameborder', 'allow', 'allowfullscreen'] } }) buffed = stringUtils.decodeHTML(buffed) Models.Post.create( { uuid: uuidv4(), title: req.body.title, slug: req.body.slug, plaintext: buffed, tags: req.body.tags, page: req.body.status_page, featured: req.body.status_feature, published: req.body.status_published, author_id: req.session.user.id, origin_date: new Date(req.body.origin_date), html: md.render(buffed, { html: true, xhtmlOut: true, }), feature_image: JSON.stringify(postImages) }).then(saved => { res.json( { message: "postAdded", postID: saved.slug }); }).catch(err => { console.log(err) }) }) } }); } else { res.json( { message: "Nah. You can't do that. Talk to the admin, sport." }); } }); }); /*** UPDATE POST */ router.post('/update/:id', function(req, res, next) { //console.log(req.body); if (!req.session.user) return res.json( { message: "You need to be logged in, champ." }); Models.User.findById(req.session.user.id).then((user) => { if (rightsManager.check(user.role, OBJECT_POST, TASK_UPDATE)) { feature_upload(req, res, function(err) { if (err) { res.json( { message: err }); throw err; } else { var postImages = []; if (req.files != "") { for (let i = 0; i < req.files.length; i++) { postImages.push(req.files[i].path); } } else { console.log("NOTHING TO SAVE"); } Models.Post.findOne( { where: { id: req.params.id } }).then(post => { if (postImages.length == 0) postImages = JSON.parse(post.feature_image); var html = req.body.post_plaintext; html = html.replace(/<\/?span[^>]*>/g, ""); //removes highightjs styling let cleaned = sanitize(html, { allowedTags: ['del', 'a', 'iframe', 'img'], allowedAttributes: { a: ['href', 'name', 'target'], img: ['src'], iframe: ['height', 'width', 'src', 'frameborder', 'allow', 'allowfullscreen'] } }) cleaned = stringUtils.decodeHTML(cleaned) post.update( { title: req.body.title, slug: req.body.slug, plaintext: cleaned, origin_date: new Date(req.body.origin_date), tags: req.body.tags, page: req.body.status_page, featured: req.body.status_feature, published: req.body.status_published, html: md.render(cleaned, { html: true, xhtmlOut: true }), feature_image: JSON.stringify(postImages) }).then(updated => { res.json( { message: "postUpdated" }); }).catch(err => { console.log(err) res.json( { message: "postError", error: err }); }) }).catch(err => { //console.log(err) res.json( { message: "postError", error: err }); }) } }); } else { res.json( { message: "Nah. You can't do that. Talk to the admin, sport." }); } }); }); /*** POST IMAGE */ router.post('/add-post-image', function(req, res, next) { //console.log(req.body); if (!req.session.user) return res.json( { message: "You need to be logged in, champ." }); Models.User.findById(req.session.user.id).then((user) => { if (rightsManager.check(user.role, OBJECT_POST, TASK_CREATE)) { post_upload(req, res, function(err) { if (err) { //console.log('Error in Saving Entry: ' + err); res.json( { message: err }); throw err; } else { var postImage = req.files[0].path; return res.json( { message: "post image added", url: postImage.substr(7, postImage.length) }); } }); } else { res.json( { message: "Nah. You can't do that. Talk to the admin, sport." }); } }); }); router.post('/delete/:id', function(req, res, next) { if (!req.session.user) return res.json( { message: "You need to be logged in, champ." }); Models.User.findById(req.session.user.id).then((user) => { if (rightsManager.check(user.role, OBJECT_POST, TASK_DELETE)) { Models.Post.findOne( { where: { id: req.params.id } }).then(post => { post.destroy().then(deleted => { res.json( { message: "postDeleted" }); }) }).catch(err => { console.log(err); }) } else { res.json( { message: "Nah. You can't do that. Talk to the admin, sport." }); } }); }); module.exports = router;