f.weber/homebrewery
0
0
Fork 0
mirror of https://github.com/naturalcrit/homebrewery.git synced 2025-12-27 22:22:42 +00:00
Code Wiki Activity

Merge pull request #2026 from jeddai/google-service-auth

Browse Source 
Update Google interactions to prefer the service account where viable
This commit is contained in:
Trevor Buckner
2022-02-16 23:17:25 -05:00
committed by GitHub
parent a679c615ed 8ea2780a44
commit ca7b758dd4
3 changed files with 71 additions and 108 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
server/app.js
View File

@@ -25,7 +25,7 @@ const getBrewFromId = asyncHandler(async (id, accessType)=>{
if(id.length > 12) { if(id.length > 12) {
const googleId = id.slice(0, -12); const googleId = id.slice(0, -12);
id = id.slice(-12); id = id.slice(-12);
brew = await GoogleActions.readFileMetadata(config.get('google_api_key'), googleId, id, accessType); brew = await GoogleActions.getGoogleBrew(googleId, id, accessType);
} else { } else {
brew = await HomebrewModel.get(accessType == 'edit' ? { editId: id } : { shareId: id }); brew = await HomebrewModel.get(accessType == 'edit' ? { editId: id } : { shareId: id });
brew = brew.toObject(); // Convert MongoDB object to standard Javascript Object brew = brew.toObject(); // Convert MongoDB object to standard Javascript Object
@@ -200,13 +200,16 @@ app.get('/user/:username', async (req, res, next)=>{
}); });
if(ownAccount && req?.account?.googleId){ if(ownAccount && req?.account?.googleId){
const googleBrews = await GoogleActions.listGoogleBrews(req, res) const auth = await GoogleActions.authCheck(req.account, res);
.catch((err)=>{ let googleBrews = await GoogleActions.listGoogleBrews(auth)
console.error(err); .catch((err)=>{
}); console.error(err);
});
if(googleBrews) if(googleBrews) {
googleBrews = googleBrews.map((brew)=>({ ...brew, authors: [req.account.username] }));
brews = _.concat(brews, googleBrews); brews = _.concat(brews, googleBrews);
}
} }
req.brews = _.map(brews, (brew)=>{ req.brews = _.map(brews, (brew)=>{

152
server/googleActions.js
View File

@@ -5,7 +5,20 @@ const { nanoid } = require('nanoid');
const token = require('./token.js'); const token = require('./token.js');
const config = require('./config.js'); const config = require('./config.js');
//let oAuth2Client; const keys = typeof(config.get('service_account')) == 'string' ?
JSON.parse(config.get('service_account')) :
config.get('service_account');
let serviceAuth;
try {
serviceAuth = google.auth.fromJSON(keys);
serviceAuth.scopes = [
'https://www.googleapis.com/auth/drive'
];
} catch (err) {
console.warn(err);
console.log('Please make sure that a Google Service Account is set up properly in your config files.');
}
google.options({ auth: serviceAuth || config.get('google_api_key') });
const GoogleActions = { const GoogleActions = {
@@ -43,7 +56,7 @@ const GoogleActions = {
}, },
getGoogleFolder : async (auth)=>{ getGoogleFolder : async (auth)=>{
const drive = google.drive({ version: 'v3', auth: auth }); const drive = google.drive({ version: 'v3', auth });
fileMetadata = { fileMetadata = {
'name' : 'Homebrewery', 'name' : 'Homebrewery',
@@ -79,17 +92,8 @@ const GoogleActions = {
return folderId; return folderId;
}, },
listGoogleBrews : async (req, res)=>{ listGoogleBrews : async (auth)=>{
const drive = google.drive({ version: 'v3', auth });
oAuth2Client = GoogleActions.authCheck(req.account, res);
//TODO: Change to service account to allow non-owners to view published files.
// Requires a driveId parameter in the drive.files.list command
// const keys = JSON.parse(config.get('service_account'));
// const auth = google.auth.fromJSON(keys);
// auth.scopes = ['https://www.googleapis.com/auth/drive'];
const drive = google.drive({ version: 'v3', auth: oAuth2Client });
const obj = await drive.files.list({ const obj = await drive.files.list({
pageSize : 1000, pageSize : 1000,
@@ -97,18 +101,18 @@ const GoogleActions = {
q : 'mimeType != \'application/vnd.google-apps.folder\' and trashed = false' q : 'mimeType != \'application/vnd.google-apps.folder\' and trashed = false'
}) })
.catch((err)=>{ .catch((err)=>{
console.log(`Error Listing Google Brews`); console.log(`Error Listing Google Brews`);
console.error(err); console.error(err);
throw (err); throw (err);
//TODO: Should break out here, but continues on for some reason. //TODO: Should break out here, but continues on for some reason.
}); });
if(!obj.data.files.length) { if(!obj.data.files.length) {
console.log('No files found.'); console.log('No files found.');
} }
const brews = obj.data.files.map((file)=>{ const brews = obj.data.files.map((file)=>{
return { return {
text : '', text : '',
shareId : file.properties.shareId, shareId : file.properties.shareId,
editId : file.properties.editId, editId : file.properties.editId,
@@ -122,65 +126,47 @@ const GoogleActions = {
views : parseInt(file.properties.views), views : parseInt(file.properties.views),
tags : '', tags : '',
published : file.properties.published ? file.properties.published == 'true' : false, published : file.properties.published ? file.properties.published == 'true' : false,
authors : [req.account.username], //TODO: properly save and load authors to google drive
systems : [] systems : []
}; };
}); });
return brews; return brews;
}, },
existsGoogleBrew : async (auth, id)=>{ updateGoogleBrew : async (brew)=>{
const drive = google.drive({ version: 'v3', auth: auth }); const drive = google.drive({ version: 'v3' });
const result = await drive.files.get({ fileId: id }) await drive.files.update({
.catch((err)=>{ fileId : brew.googleId,
console.log('error checking file exists...'); resource : {
console.error(err); name : `${brew.title}.txt`,
return false; description : `${brew.description}`,
}); properties : {
title : brew.title,
if(result){return true;} published : brew.published,
version : brew.version,
return false; renderer : brew.renderer,
}, tags : brew.tags,
pageCount : brew.pageCount,
updateGoogleBrew : async (auth, brew)=>{ systems : brew.systems.join()
const drive = google.drive({ version: 'v3', auth: auth });
if(await GoogleActions.existsGoogleBrew(auth, brew.googleId) == true) {
await drive.files.update({
fileId : brew.googleId,
resource : {
name : `${brew.title}.txt`,
description : `${brew.description}`,
properties : {
title : brew.title,
published : brew.published,
version : brew.version,
renderer : brew.renderer,
tags : brew.tags,
pageCount : brew.pageCount,
systems : brew.systems.join()
}
},
media : {
mimeType : 'text/plain',
body : brew.text
} }
}) },
.catch((err)=>{ media : {
console.log('Error saving to google'); mimeType : 'text/plain',
console.error(err); body : brew.text
throw (err); }
//return res.status(500).send('Error while saving'); })
}); .catch((err)=>{
} console.log('Error saving to google');
console.error(err);
throw (err);
//return res.status(500).send('Error while saving');
});
return (brew); return (brew);
}, },
newGoogleBrew : async (auth, brew)=>{ newGoogleBrew : async (auth, brew)=>{
const drive = google.drive({ version: 'v3', auth: auth }); const drive = google.drive({ version: 'v3', auth });
const media = { const media = {
mimeType : 'text/plain', mimeType : 'text/plain',
@@ -248,9 +234,8 @@ const GoogleActions = {
return newHomebrew; return newHomebrew;
}, },
readFileMetadata : async (auth, id, accessId, accessType)=>{ getGoogleBrew : async (id, accessId, accessType)=>{
const drive = google.drive({ version: 'v3' });
const drive = google.drive({ version: 'v3', auth: auth });
const obj = await drive.files.get({ const obj = await drive.files.get({
fileId : id, fileId : id,
@@ -269,16 +254,7 @@ const GoogleActions = {
throw ('Share ID does not match'); throw ('Share ID does not match');
} }
//Access file using service account. Using API key only causes "automated query" lockouts after a while. const serviceDrive = google.drive({ version: 'v3' });
const keys = typeof(config.get('service_account')) == 'string' ?
JSON.parse(config.get('service_account')) :
config.get('service_account');
const serviceAuth = google.auth.fromJSON(keys);
serviceAuth.scopes = ['https://www.googleapis.com/auth/drive'];
const serviceDrive = google.drive({ version: 'v3', auth: serviceAuth });
const file = await serviceDrive.files.get({ const file = await serviceDrive.files.get({
fileId : id, fileId : id,
@@ -319,10 +295,8 @@ const GoogleActions = {
} }
}, },
deleteGoogleBrew : async (req, res, id)=>{ deleteGoogleBrew : async (auth, id)=>{
const drive = google.drive({ version: 'v3', auth });
oAuth2Client = GoogleActions.authCheck(req.account, res);
const drive = google.drive({ version: 'v3', auth: oAuth2Client });
const googleId = id.slice(0, -12); const googleId = id.slice(0, -12);
const accessId = id.slice(-12); const accessId = id.slice(-12);
@@ -334,7 +308,6 @@ const GoogleActions = {
.catch((err)=>{ .catch((err)=>{
console.log('Error loading from Google'); console.log('Error loading from Google');
console.error(err); console.error(err);
return;
}); });
if(obj && obj.data.properties.editId != accessId) { if(obj && obj.data.properties.editId != accessId) {
@@ -349,21 +322,10 @@ const GoogleActions = {
console.log('Can\'t delete Google file'); console.log('Can\'t delete Google file');
console.error(err); console.error(err);
}); });
return res.status(200).send();
}, },
increaseView : async (id, accessId, accessType, brew)=>{ increaseView : async (id, accessId, accessType, brew)=>{
//service account because this is modifying another user's file properties const drive = google.drive({ version: 'v3' });
//so we need extended scope
const keys = typeof(config.get('service_account')) == 'string' ?
JSON.parse(config.get('service_account')) :
config.get('service_account');
const auth = google.auth.fromJSON(keys);
auth.scopes = ['https://www.googleapis.com/auth/drive'];
const drive = google.drive({ version: 'v3', auth: auth });
await drive.files.update({ await drive.files.update({
fileId : brew.googleId, fileId : brew.googleId,
@@ -380,8 +342,6 @@ const GoogleActions = {
console.error(err); console.error(err);
//return res.status(500).send('Error while saving'); //return res.status(500).send('Error while saving');
}); });
return;
} }
}; };

12
server/homebrew.api.js
View File

@@ -167,15 +167,11 @@ const newGoogleBrew = async (req, res, next)=>{
}; };
const updateGoogleBrew = async (req, res, next)=>{ const updateGoogleBrew = async (req, res, next)=>{
let oAuth2Client;
try { oAuth2Client = GoogleActions.authCheck(req.account, res); } catch (err) { return res.status(err.status).send(err.message); }
const brew = excludePropsFromUpdate(req.body); const brew = excludePropsFromUpdate(req.body);
brew.text = mergeBrewText(brew); brew.text = mergeBrewText(brew);
try { try {
const updatedBrew = await GoogleActions.updateGoogleBrew(oAuth2Client, brew); const updatedBrew = await GoogleActions.updateGoogleBrew(brew);
return res.status(200).send(updatedBrew); return res.status(200).send(updatedBrew);
} catch (err) { } catch (err) {
return res.status(err.response?.status || 500).send(err); return res.status(err.response?.status || 500).send(err);
@@ -189,6 +185,10 @@ router.put('/api/update/:id', updateBrew);
router.put('/api/updateGoogle/:id', updateGoogleBrew); router.put('/api/updateGoogle/:id', updateGoogleBrew);
router.delete('/api/:id', deleteBrew); router.delete('/api/:id', deleteBrew);
router.get('/api/remove/:id', deleteBrew); router.get('/api/remove/:id', deleteBrew);
router.get('/api/removeGoogle/:id', (req, res)=>{GoogleActions.deleteGoogleBrew(req, res, req.params.id);}); router.get('/api/removeGoogle/:id', async (req, res)=>{
const auth = await GoogleActions.authCheck(req.account, res);
await GoogleActions.deleteGoogleBrew(auth, req.params.id);
return res.status(200).send();
});
module.exports = router; module.exports = router;