f.weber/homebrewery
0
0
Fork 0
mirror of https://github.com/naturalcrit/homebrewery.git synced 2025-12-26 20:22:42 +00:00
Code Wiki Activity

update googleActions and related files to use service-level auth where viable

Browse Source
This commit is contained in:
Charlie Humphreys
2022-02-14 22:21:58 -06:00
parent 42afbd3e70
commit 59d08a7414
3 changed files with 32 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/app.js
View File

@@ -25,7 +25,7 @@ const getBrewFromId = asyncHandler(async (id, accessType)=>{
if(id.length > 12) {
const googleId = id.slice(0, -12);
id = id.slice(-12);
brew = await GoogleActions.readFileMetadata(config.get('google_api_key'), googleId, id, accessType);
brew = await GoogleActions.readFileMetadata(googleId, id, accessType);
} else {
brew = await HomebrewModel.get(accessType == 'edit' ? { editId: id } : { shareId: id });
brew = brew.toObject(); // Convert MongoDB object to standard Javascript Object

69
server/googleActions.js
View File

@@ -5,7 +5,22 @@ const { nanoid } = require('nanoid');
const token = require('./token.js');
const config = require('./config.js');
//let oAuth2Client;
const keys = typeof(config.get('service_account')) == 'string' ?
JSON.parse(config.get('service_account')) :
config.get('service_account');
let serviceAuth;
try {
serviceAuth = google.auth.fromJSON(keys);
serviceAuth.scopes = [
'https://www.googleapis.com/auth/drive',
'https://www.googleapis.com/auth/drive.appdata',
'https://www.googleapis.com/auth/drive.file',
'https://www.googleapis.com/auth/drive.metadata'
];
} catch (err) {
console.warn(err);
}
google.options({ auth: serviceAuth || config.get('google_api_key') });
const GoogleActions = {
@@ -43,7 +58,7 @@ const GoogleActions = {
},
getGoogleFolder : async (auth)=>{
const drive = google.drive({ version: 'v3', auth: auth });
const drive = google.drive({ version: 'v3', auth });
fileMetadata = {
'name' : 'Homebrewery',
@@ -81,13 +96,11 @@ const GoogleActions = {
listGoogleBrews : async (req, res)=>{
oAuth2Client = GoogleActions.authCheck(req.account, res);
const oAuth2Client = GoogleActions.authCheck(req.account, res);
//TODO: Change to service account to allow non-owners to view published files.
// Requires a driveId parameter in the drive.files.list command
// const keys = JSON.parse(config.get('service_account'));
// const auth = google.auth.fromJSON(keys);
// auth.scopes = ['https://www.googleapis.com/auth/drive'];
// Then remove the `auth` parameter from the drive object initialization
const drive = google.drive({ version: 'v3', auth: oAuth2Client });
@@ -129,8 +142,8 @@ const GoogleActions = {
return brews;
},
existsGoogleBrew : async (auth, id)=>{
const drive = google.drive({ version: 'v3', auth: auth });
existsGoogleBrew : async (id)=>{
const drive = google.drive({ version: 'v3' });
const result = await drive.files.get({ fileId: id })
.catch((err)=>{
@@ -144,10 +157,10 @@ const GoogleActions = {
return false;
},
updateGoogleBrew : async (auth, brew)=>{
const drive = google.drive({ version: 'v3', auth: auth });
updateGoogleBrew : async (brew)=>{
const drive = google.drive({ version: 'v3' });
if(await GoogleActions.existsGoogleBrew(auth, brew.googleId) == true) {
if(await GoogleActions.existsGoogleBrew(brew.googleId) == true) {
await drive.files.update({
fileId : brew.googleId,
resource : {
@@ -180,7 +193,7 @@ const GoogleActions = {
},
newGoogleBrew : async (auth, brew)=>{
const drive = google.drive({ version: 'v3', auth: auth });
const drive = google.drive({ version: 'v3', auth });
const media = {
mimeType : 'text/plain',
@@ -248,9 +261,8 @@ const GoogleActions = {
return newHomebrew;
},
readFileMetadata : async (auth, id, accessId, accessType)=>{
const drive = google.drive({ version: 'v3', auth: auth });
readFileMetadata : async (id, accessId, accessType)=>{
const drive = google.drive({ version: 'v3' });
const obj = await drive.files.get({
fileId : id,
@@ -269,16 +281,7 @@ const GoogleActions = {
throw ('Share ID does not match');
}
//Access file using service account. Using API key only causes "automated query" lockouts after a while.
const keys = typeof(config.get('service_account')) == 'string' ?
JSON.parse(config.get('service_account')) :
config.get('service_account');
const serviceAuth = google.auth.fromJSON(keys);
serviceAuth.scopes = ['https://www.googleapis.com/auth/drive'];
const serviceDrive = google.drive({ version: 'v3', auth: serviceAuth });
const serviceDrive = google.drive({ version: 'v3' });
const file = await serviceDrive.files.get({
fileId : id,
@@ -320,8 +323,7 @@ const GoogleActions = {
},
deleteGoogleBrew : async (req, res, id)=>{
oAuth2Client = GoogleActions.authCheck(req.account, res);
const oAuth2Client = GoogleActions.authCheck(req.account, res);
const drive = google.drive({ version: 'v3', auth: oAuth2Client });
const googleId = id.slice(0, -12);
@@ -354,16 +356,7 @@ const GoogleActions = {
},
increaseView : async (id, accessId, accessType, brew)=>{
//service account because this is modifying another user's file properties
//so we need extended scope
const keys = typeof(config.get('service_account')) == 'string' ?
JSON.parse(config.get('service_account')) :
config.get('service_account');
const auth = google.auth.fromJSON(keys);
auth.scopes = ['https://www.googleapis.com/auth/drive'];
const drive = google.drive({ version: 'v3', auth: auth });
const drive = google.drive({ version: 'v3' });
await drive.files.update({
fileId : brew.googleId,
@@ -380,8 +373,6 @@ const GoogleActions = {
console.error(err);
//return res.status(500).send('Error while saving');
});
return;
}
};

6
server/homebrew.api.js
View File

@@ -167,15 +167,11 @@ const newGoogleBrew = async (req, res, next)=>{
};
const updateGoogleBrew = async (req, res, next)=>{
let oAuth2Client;
try { oAuth2Client = GoogleActions.authCheck(req.account, res); } catch (err) { return res.status(err.status).send(err.message); }
const brew = excludePropsFromUpdate(req.body);
brew.text = mergeBrewText(brew);
try {
const updatedBrew = await GoogleActions.updateGoogleBrew(oAuth2Client, brew);
const updatedBrew = await GoogleActions.updateGoogleBrew(brew);
return res.status(200).send(updatedBrew);
} catch (err) {
return res.status(err.response?.status || 500).send(err);