|
|
|
|
'use strict';
|
|
|
|
|
|
|
|
|
|
const path = require('path');
|
|
|
|
|
const fs = require('fs');
|
|
|
|
|
const winston = require('winston');
|
|
|
|
|
const converter = require('json-2-csv');
|
|
|
|
|
const archiver = require('archiver');
|
|
|
|
|
const util = require('util');
|
|
|
|
|
|
|
|
|
|
const db = require('../database');
|
|
|
|
|
const user = require('../user');
|
|
|
|
|
const meta = require('../meta');
|
|
|
|
|
const posts = require('../posts');
|
|
|
|
|
const batch = require('../batch');
|
|
|
|
|
const events = require('../events');
|
|
|
|
|
const privileges = require('../privileges');
|
|
|
|
|
const accountHelpers = require('./accounts/helpers');
|
|
|
|
|
|
|
|
|
|
const userController = module.exports;
|
|
|
|
|
|
|
|
|
|
userController.getCurrentUser = async function (req, res) {
|
|
|
|
|
if (!req.loggedIn) {
|
|
|
|
|
return res.status(401).json('not-authorized');
|
|
|
|
|
}
|
|
|
|
|
const userslug = await user.getUserField(req.uid, 'userslug');
|
|
|
|
|
const userData = await accountHelpers.getUserDataByUserSlug(userslug, req.uid);
|
|
|
|
|
res.json(userData);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
userController.getUserByUID = async function (req, res, next) {
|
|
|
|
|
await byType('uid', req, res, next);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
userController.getUserByUsername = async function (req, res, next) {
|
|
|
|
|
await byType('username', req, res, next);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
userController.getUserByEmail = async function (req, res, next) {
|
|
|
|
|
await byType('email', req, res, next);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
async function byType(type, req, res, next) {
|
|
|
|
|
const userData = await userController.getUserDataByField(req.uid, type, req.params[type]);
|
|
|
|
|
if (!userData) {
|
|
|
|
|
return next();
|
|
|
|
|
}
|
|
|
|
|
res.json(userData);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
userController.getUserDataByField = async function (callerUid, field, fieldValue) {
|
|
|
|
|
let uid = null;
|
|
|
|
|
if (field === 'uid') {
|
|
|
|
|
uid = fieldValue;
|
|
|
|
|
} else if (field === 'username') {
|
|
|
|
|
uid = await user.getUidByUsername(fieldValue);
|
|
|
|
|
} else if (field === 'email') {
|
|
|
|
|
uid = await user.getUidByEmail(fieldValue);
|
|
|
|
|
}
|
|
|
|
|
if (!uid) {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
return await userController.getUserDataByUID(callerUid, uid);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
userController.getUserDataByUID = async function (callerUid, uid) {
|
|
|
|
|
if (!parseInt(uid, 10)) {
|
|
|
|
|
throw new Error('[[error:no-user]]');
|
|
|
|
|
}
|
|
|
|
|
const canView = await privileges.global.can('view:users', callerUid);
|
|
|
|
|
if (!canView) {
|
|
|
|
|
throw new Error('[[error:no-privileges]]');
|
|
|
|
|
}
|
|
|
|
|
const [userData, settings] = await Promise.all([
|
|
|
|
|
user.getUserData(uid),
|
|
|
|
|
user.getSettings(uid),
|
|
|
|
|
]);
|
|
|
|
|
|
|
|
|
|
if (!userData) {
|
|
|
|
|
throw new Error('[[error:no-user]]');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
userData.email = settings.showemail && !meta.config.hideEmail ? userData.email : undefined;
|
|
|
|
|
userData.fullname = settings.showfullname && !meta.config.hideFullname ? userData.fullname : undefined;
|
|
|
|
|
|
|
|
|
|
return userData;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
const json2csv = util.promisify(function (payload, options, callback) {
|
|
|
|
|
converter.json2csv(payload, callback, options);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
userController.exportPosts = async function (req, res) {
|
|
|
|
|
var payload = [];
|
|
|
|
|
await batch.processSortedSet('uid:' + res.locals.uid + ':posts', async function (pids) {
|
|
|
|
|
let postData = await posts.getPostsData(pids);
|
|
|
|
|
// Remove empty post references and convert newlines in content
|
|
|
|
|
postData = postData.filter(Boolean).map(function (post) {
|
|
|
|
|
post.content = '"' + post.content.replace(/\n/g, '\\n').replace(/"/g, '\\"') + '"';
|
|
|
|
|
return post;
|
|
|
|
|
});
|
|
|
|
|
payload = payload.concat(postData);
|
|
|
|
|
}, {
|
|
|
|
|
batch: 500,
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
const csv = await json2csv(payload, {
|
|
|
|
|
checkSchemaDifferences: false,
|
|
|
|
|
emptyFieldValue: '',
|
|
|
|
|
});
|
|
|
|
|
res.set('Content-Type', 'text/csv').set('Content-Disposition', 'attachment; filename="' + res.locals.uid + '_posts.csv"').send(csv);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
userController.exportUploads = function (req, res, next) {
|
|
|
|
|
const targetUid = res.locals.uid;
|
|
|
|
|
const archivePath = path.join(__dirname, '../../build/export', targetUid + '_uploads.zip');
|
|
|
|
|
const archive = archiver('zip', {
|
|
|
|
|
zlib: { level: 9 }, // Sets the compression level.
|
|
|
|
|
});
|
|
|
|
|
const maxAge = 1000 * 60 * 60 * 24; // 1 day
|
|
|
|
|
const rootDirectory = path.join(__dirname, '../../public/uploads/');
|
|
|
|
|
const trimPath = function (path) {
|
|
|
|
|
return path.replace(rootDirectory, '');
|
|
|
|
|
};
|
|
|
|
|
let isFresh = false;
|
|
|
|
|
const sendFile = function () {
|
|
|
|
|
events.log({
|
|
|
|
|
type: 'export:uploads',
|
|
|
|
|
uid: req.uid,
|
|
|
|
|
targetUid: targetUid,
|
|
|
|
|
ip: req.ip,
|
|
|
|
|
fresh: isFresh,
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
res.sendFile(targetUid + '_uploads.zip', {
|
|
|
|
|
root: path.join(__dirname, '../../build/export'),
|
|
|
|
|
headers: {
|
|
|
|
|
'Content-Disposition': 'attachment; filename=' + targetUid + '_uploads.zip',
|
|
|
|
|
maxAge: maxAge,
|
|
|
|
|
},
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
// Check for existing file, if exists and is < 1 day in age, send this instead
|
|
|
|
|
try {
|
|
|
|
|
fs.accessSync(archivePath, fs.constants.F_OK | fs.constants.R_OK);
|
|
|
|
|
isFresh = (Date.now() - fs.statSync(archivePath).mtimeMs) < maxAge;
|
|
|
|
|
if (isFresh) {
|
|
|
|
|
return sendFile();
|
|
|
|
|
}
|
|
|
|
|
} catch (err) {
|
|
|
|
|
// File doesn't exist, continue
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const output = fs.createWriteStream(archivePath);
|
|
|
|
|
output.on('close', sendFile);
|
|
|
|
|
|
|
|
|
|
archive.on('warning', function (err) {
|
|
|
|
|
switch (err.code) {
|
|
|
|
|
case 'ENOENT':
|
|
|
|
|
winston.warn('[user/export/uploads] File not found: ' + trimPath(err.path));
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
winston.warn('[user/export/uploads] Unexpected warning: ' + err.message);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
archive.on('error', function (err) {
|
|
|
|
|
switch (err.code) {
|
|
|
|
|
case 'EACCES':
|
|
|
|
|
winston.error('[user/export/uploads] File inaccessible: ' + trimPath(err.path));
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
winston.error('[user/export/uploads] Unable to construct archive: ' + err.message);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
res.sendStatus(500);
|
|
|
|
|
});
|
|
|
|
|
|
|
|
|
|
archive.pipe(output);
|
|
|
|
|
winston.verbose('[user/export/uploads] Collating uploads for uid ' + targetUid);
|
|
|
|
|
user.collateUploads(targetUid, archive, function (err) {
|
|
|
|
|
if (err) {
|
|
|
|
|
return next(err);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
archive.finalize();
|
|
|
|
|
});
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
userController.exportProfile = async function (req, res) {
|
|
|
|
|
const targetUid = res.locals.uid;
|
|
|
|
|
const objects = await db.getObjects(['user:' + targetUid, 'user:' + targetUid + ':settings']);
|
|
|
|
|
Object.assign(objects[0], objects[1]);
|
|
|
|
|
delete objects[0].password;
|
|
|
|
|
|
|
|
|
|
const csv = await json2csv(objects[0], {});
|
|
|
|
|
res.set('Content-Type', 'text/csv').set('Content-Disposition', 'attachment; filename="' + targetUid + '_profile.csv"').send(csv);
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
require('../promisify')(userController, [
|
|
|
|
|
'getCurrentUser', 'getUserByUID', 'getUserByUsername', 'getUserByEmail',
|
|
|
|
|
'exportPosts', 'exportUploads', 'exportProfile',
|
|
|
|
|
]);
|
