Update:Express middleware sets req.user to new data model, openid permissions functions moved to new data model

2025-06-24 17:59:06 +02:00 · 2024-08-11 16:07:29 -05:00 · 2024-08-11 16:07:29 -05:00 · 2472b86284
commit 2472b86284
parent 29a15858f4
29 changed files with 474 additions and 430 deletions
--- a/server/controllers/PodcastController.js
+++ b/server/controllers/PodcastController.js
@ -16,8 +16,7 @@ const LibraryItem = require('../objects/LibraryItem')

 /**
 * @typedef RequestUserObjects
- * @property {import('../models/User')} userNew
- * @property {import('../objects/user/User')} user
+ * @property {import('../models/User')} user
 *
 * @typedef {Request & RequestUserObjects} RequestWithUser
 */
@ -33,8 +32,8 @@ class PodcastController {
   * @param {Response} res
   */
  async create(req, res) {
-    if (!req.userNew.isAdminOrUp) {
-      Logger.error(`[PodcastController] Non-admin user "${req.userNew.username}" attempted to create podcast`)
+    if (!req.user.isAdminOrUp) {
+      Logger.error(`[PodcastController] Non-admin user "${req.user.username}" attempted to create podcast`)
      return res.sendStatus(403)
    }
    const payload = req.body
@ -134,8 +133,8 @@ class PodcastController {
   * @param {Response} res
   */
  async getPodcastFeed(req, res) {
-    if (!req.userNew.isAdminOrUp) {
-      Logger.error(`[PodcastController] Non-admin user "${req.userNew.username}" attempted to get podcast feed`)
+    if (!req.user.isAdminOrUp) {
+      Logger.error(`[PodcastController] Non-admin user "${req.user.username}" attempted to get podcast feed`)
      return res.sendStatus(403)
    }

@ -160,8 +159,8 @@ class PodcastController {
   * @param {Response} res
   */
  async getFeedsFromOPMLText(req, res) {
-    if (!req.userNew.isAdminOrUp) {
-      Logger.error(`[PodcastController] Non-admin user "${req.userNew.username}" attempted to get feeds from opml`)
+    if (!req.user.isAdminOrUp) {
+      Logger.error(`[PodcastController] Non-admin user "${req.user.username}" attempted to get feeds from opml`)
      return res.sendStatus(403)
    }

@ -183,8 +182,8 @@ class PodcastController {
   * @param {Response} res
   */
  async bulkCreatePodcastsFromOpmlFeedUrls(req, res) {
-    if (!req.userNew.isAdminOrUp) {
-      Logger.error(`[PodcastController] Non-admin user "${req.userNew.username}" attempted to bulk create podcasts`)
+    if (!req.user.isAdminOrUp) {
+      Logger.error(`[PodcastController] Non-admin user "${req.user.username}" attempted to bulk create podcasts`)
      return res.sendStatus(403)
    }

@ -218,8 +217,8 @@ class PodcastController {
   * @param {Response} res
   */
  async checkNewEpisodes(req, res) {
-    if (!req.userNew.isAdminOrUp) {
-      Logger.error(`[PodcastController] Non-admin user "${req.userNew.username}" attempted to check/download episodes`)
+    if (!req.user.isAdminOrUp) {
+      Logger.error(`[PodcastController] Non-admin user "${req.user.username}" attempted to check/download episodes`)
      return res.sendStatus(403)
    }

@ -246,8 +245,8 @@ class PodcastController {
   * @param {Response} res
   */
  clearEpisodeDownloadQueue(req, res) {
-    if (!req.userNew.isAdminOrUp) {
-      Logger.error(`[PodcastController] Non-admin user "${req.userNew.username}" attempting to clear download queue`)
+    if (!req.user.isAdminOrUp) {
+      Logger.error(`[PodcastController] Non-admin user "${req.user.username}" attempting to clear download queue`)
      return res.sendStatus(403)
    }
    this.podcastManager.clearDownloadQueue(req.params.id)
@ -297,8 +296,8 @@ class PodcastController {
   * @param {Response} res
   */
  async downloadEpisodes(req, res) {
-    if (!req.userNew.isAdminOrUp) {
-      Logger.error(`[PodcastController] Non-admin user "${req.userNew.username}" attempted to download episodes`)
+    if (!req.user.isAdminOrUp) {
+      Logger.error(`[PodcastController] Non-admin user "${req.user.username}" attempted to download episodes`)
      return res.sendStatus(403)
    }
    const libraryItem = req.libraryItem
@ -320,8 +319,8 @@ class PodcastController {
   * @param {Response} res
   */
  async quickMatchEpisodes(req, res) {
-    if (!req.userNew.isAdminOrUp) {
-      Logger.error(`[PodcastController] Non-admin user "${req.userNew.username}" attempted to download episodes`)
+    if (!req.user.isAdminOrUp) {
+      Logger.error(`[PodcastController] Non-admin user "${req.user.username}" attempted to download episodes`)
      return res.sendStatus(403)
    }

@ -469,15 +468,15 @@ class PodcastController {
    }

    // Check user can access this library item
-    if (!req.userNew.checkCanAccessLibraryItem(item)) {
+    if (!req.user.checkCanAccessLibraryItem(item)) {
      return res.sendStatus(403)
    }

-    if (req.method == 'DELETE' && !req.userNew.canDelete) {
-      Logger.warn(`[PodcastController] User "${req.userNew.username}" attempted to delete without permission`)
+    if (req.method == 'DELETE' && !req.user.canDelete) {
+      Logger.warn(`[PodcastController] User "${req.user.username}" attempted to delete without permission`)
      return res.sendStatus(403)
-    } else if ((req.method == 'PATCH' || req.method == 'POST') && !req.userNew.canUpdate) {
-      Logger.warn(`[PodcastController] User "${req.userNew.username}" attempted to update without permission`)
+    } else if ((req.method == 'PATCH' || req.method == 'POST') && !req.user.canUpdate) {
+      Logger.warn(`[PodcastController] User "${req.user.username}" attempted to update without permission`)
      return res.sendStatus(403)
    }