You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
173 lines
4.8 KiB
CoffeeScript
173 lines
4.8 KiB
CoffeeScript
Promise = require "bluebird"
|
|
router = require("express-promise-router")()
|
|
moment = require "moment"
|
|
slug = require "slug"
|
|
scrypt = require "scrypt-for-humans"
|
|
|
|
rfr = require "rfr"
|
|
config = rfr "config"
|
|
authMiddleware = rfr "lib/middleware-auth"
|
|
useCsrf = rfr "lib/use-csrf"
|
|
persist = rfr "lib/persist"
|
|
|
|
# TODO: This needs to go into a better place...?
|
|
expressBrute = require "express-brute"
|
|
persistBrute = require "../lib/persist-brute"
|
|
|
|
bruteStore = new persistBrute(persist: persist)
|
|
brute = new expressBrute(bruteStore)
|
|
|
|
# Routes
|
|
|
|
router.get "/login", brute.prevent, (req, res) ->
|
|
res.render "admin/login"
|
|
|
|
router.post "/login", (req, res) ->
|
|
Promise.try ->
|
|
scrypt.verifyHash req.body.password, config.admin.hash
|
|
.then ->
|
|
if req.body.username == config.admin.username
|
|
req.session.isAdmin = true
|
|
res.redirect "/admin"
|
|
else
|
|
res.redirect "/admin/login"
|
|
.catch scrypt.PasswordError, (err) ->
|
|
res.redirect "/admin/login"
|
|
|
|
router.post "/logout", authMiddleware, (req, res) ->
|
|
delete req.session.isAdmin
|
|
res.redirect "/"
|
|
|
|
router.get "/", authMiddleware, (req, res) ->
|
|
Promise.try ->
|
|
req.model("BlogPost").getAll()
|
|
.then (blogPosts) ->
|
|
variables = req.persist.getItem("variableTypes")
|
|
.map (type) ->
|
|
return {
|
|
key: type.name
|
|
type: type.type
|
|
value: req.persist.getItem("var:#{type.name}")
|
|
}
|
|
.sort (one, other) ->
|
|
if one.key > other.key
|
|
return 1
|
|
else
|
|
return -1
|
|
|
|
taskTypes = req.persist.getItem "taskTypes"
|
|
.map (type) ->
|
|
return {
|
|
name: type
|
|
running: req.persist.getItem "task:#{type}:running"
|
|
queued: req.persist.getItem "task:#{type}:queued"
|
|
failed: req.persist.getItem "task:#{type}:failed"
|
|
completed: req.persist.getItem "task:#{type}:completed"
|
|
}
|
|
|
|
res.render "admin/index",
|
|
variables: variables
|
|
taskTypes: taskTypes
|
|
blogPosts: blogPosts.toJSON()
|
|
|
|
router.post "/variables", authMiddleware, (req, res) ->
|
|
Promise.try ->
|
|
req.persist.getItem("variableTypes")
|
|
.map (variable) ->
|
|
key = variable.name
|
|
|
|
value = switch variable.type
|
|
when "boolean" then req.body[key]?
|
|
when "text", "string" then req.body[key].toString()
|
|
when "number" then parseFloat(req.body[key])
|
|
|
|
req.persist.setItem "var:#{key}", value
|
|
.then ->
|
|
res.redirect "/admin"
|
|
|
|
router.post "/search", authMiddleware, (req, res) ->
|
|
Promise.try ->
|
|
switch req.body.field
|
|
when "slug"
|
|
req.model("Document").getAllWhere "SlugId": req.body.query, [], require: false
|
|
when "filename"
|
|
req.model("Document").query (qb) ->
|
|
qb.where "OriginalFilename", "like", "%#{req.body.query}%"
|
|
.fetchAll(require: false)
|
|
.then (results) ->
|
|
results = results.map (result) ->
|
|
resultObject = result.toJSON()
|
|
resultObject.Uploaded = moment(result.get("Uploaded")).format "MMM Do, YYYY hh:mm:ss"
|
|
return resultObject
|
|
|
|
res.render "admin/search", results: results
|
|
|
|
router.post "/documents", authMiddleware, (req, res) ->
|
|
Promise.try ->
|
|
Object.keys(req.body)
|
|
.map (item) -> /^document\[([0-9]+)\]$/.exec(item)?[1]
|
|
.filter (item) -> item?
|
|
.map (item) -> parseInt item
|
|
.map (documentId) ->
|
|
req.model("Document").find documentId
|
|
.map (document) ->
|
|
switch req.body.action
|
|
when "public" then document.set("Public": 1).saveChanges()
|
|
when "private" then document.set("Public": 0).saveChanges()
|
|
when "thumbnail" then req.taskRunner.do "thumbnail", id: document.get("SlugId")
|
|
when "mirror" then req.taskRunner.do "mirror", id: document.get("SlugId")
|
|
when "restore" then document.set("Disabled": 0).saveChanges()
|
|
when "abuse"
|
|
abuseReason = req.body.abuseReason
|
|
if not abuseReason? or abuseReason.trim?()?.length == 0
|
|
abuseReason = null
|
|
document.set("Disabled": 1, "DisabledReason": abuseReason).saveChanges()
|
|
.then (documents) ->
|
|
res.redirect "/admin"
|
|
|
|
router.get "/blog/new", authMiddleware, (req, res) ->
|
|
res.render "admin/blog", post: {}
|
|
|
|
router.get "/blog/delete/:id", authMiddleware, (req, res) ->
|
|
Promise.try ->
|
|
req.model("BlogPost").find(req.params.id)
|
|
.then (post) ->
|
|
res.render "admin/blog-delete", post: post.toJSON()
|
|
|
|
router.post "/blog/delete/:id", authMiddleware, (req, res) ->
|
|
Promise.try ->
|
|
req.model("BlogPost").find(req.params.id)
|
|
.then (post) ->
|
|
post.destroy()
|
|
.then ->
|
|
res.redirect "/admin"
|
|
|
|
router.get "/blog/edit/:id", authMiddleware, (req, res) ->
|
|
Promise.try ->
|
|
req.model("BlogPost").find(req.params.id)
|
|
.then (post) ->
|
|
res.render "admin/blog", post: post.toJSON()
|
|
|
|
router.post "/blog/edit/:id?", authMiddleware, (req, res) ->
|
|
Promise.try ->
|
|
if req.params.id?
|
|
req.model("BlogPost").find(req.params.id)
|
|
else
|
|
req.model("BlogPost").forge()
|
|
.then (post) ->
|
|
post.set
|
|
Title: req.body.title
|
|
Body: req.body.body
|
|
Edited: new Date()
|
|
|
|
if post.isNew()
|
|
post.set
|
|
Posted: new Date()
|
|
Slug: slug(req.body.title)
|
|
|
|
post.save()
|
|
.then ->
|
|
res.redirect "/admin"
|
|
|
|
module.exports = router
|