From ccafee7a217467181e8c6d61b8e62fc6c9a11696 Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Sun, 13 Oct 2024 13:44:33 +1300 Subject: [PATCH 01/28] Get text from textBin in brew object --- server/admin.api.js | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/server/admin.api.js b/server/admin.api.js index 0ec6a9c88..37aef9f16 100644 --- a/server/admin.api.js +++ b/server/admin.api.js @@ -76,8 +76,12 @@ router.get('/admin/lookup/:id', mw.adminOnly, async (req, res, next)=>{ .then((brew)=>{ if(!brew) // No document found return res.status(404).json({ error: 'Document not found' }); - else + else { + if(!brew.text && brew.textBin){ + brew.text = zlib.inflateRawSync(brew.textBin); + } return res.json(brew); + } }) .catch((err)=>{ console.error(err); From 6bc865144a1f89d96081613b12e1015d90e5df22 Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Sun, 13 Oct 2024 13:45:11 +1300 Subject: [PATCH 02/28] Add cleaning function to API --- server/admin.api.js | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/server/admin.api.js b/server/admin.api.js index 37aef9f16..534646efc 100644 --- a/server/admin.api.js +++ b/server/admin.api.js @@ -104,6 +104,37 @@ router.get('/admin/finduncompressed', mw.adminOnly, (req, res)=>{ }); }); +/* Cleans `` from the "text" field of a brew */ +router.put('/admin/clean/script/:id', (req, res)=>{ + console.log(`[ADMIN] Cleaning script tags from ShareID ${req.params.id}`); + + function cleanText(text){return text.replaceAll(/(<\/?s)cript/gi, '');}; + + HomebrewModel.findOne({ shareId: req.params.id }) + .then((brew)=>{ + if(!brew) + return res.status(404).send('Brew not found'); + + if(!brew.text && brew.textBin) { + brew.text = zlib.inflateRawSync(brew.textBin); + } + + const properties = ['text', 'description', 'title']; + properties.forEach((property)=>{ + brew[property] = cleanText(brew[property]); + }); + + brew.textBin = zlib.deflateRawSync(brew.text); + brew.text = undefined; + + return brew.save(); + }) + .then((obj)=>res.status(200).send(obj)) + .catch((err)=>{ + console.error(err); + res.status(500).send('Error while saving'); + }); +}); /* Compresses the "text" field of a brew to binary */ router.put('/admin/compress/:id', (req, res)=>{ From 63f4104f816be59e0335b84d002086b7897c2eda Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Sun, 13 Oct 2024 13:45:24 +1300 Subject: [PATCH 03/28] Add UI to Admin page --- .../admin/brewUtils/brewLookup/brewLookup.jsx | 30 +++++++++++++++---- 1 file changed, 25 insertions(+), 5 deletions(-) diff --git a/client/admin/brewUtils/brewLookup/brewLookup.jsx b/client/admin/brewUtils/brewLookup/brewLookup.jsx index 50a2f2015..180e46b72 100644 --- a/client/admin/brewUtils/brewLookup/brewLookup.jsx +++ b/client/admin/brewUtils/brewLookup/brewLookup.jsx @@ -12,17 +12,18 @@ const BrewLookup = createClass({ }, getInitialState() { return { - query : '', - foundBrew : null, - searching : false, - error : null + query : '', + foundBrew : null, + searching : false, + error : null, + checkForScript : false }; }, handleChange(e){ this.setState({ query: e.target.value }); }, lookup(){ - this.setState({ searching: true, error: null }); + this.setState({ searching: true, error: null, checkForScript: false }); request.get(`/admin/lookup/${this.state.query}`) .then((res)=>this.setState({ foundBrew: res.body })) @@ -30,6 +31,23 @@ const BrewLookup = createClass({ .finally(()=>this.setState({ searching: false })); }, + checkForScript(){ + const brew = this.state.foundBrew; + const scriptCheck = brew.text.match(/(<\/?s)cript/); + this.setState({ + checkForScript : !!scriptCheck + }); + }, + + cleanScript(){ + if(!this.state.foundBrew?.shareId) return; + + request.put(`/admin/clean/script/${this.state.foundBrew.shareId}`) + .then((res)=>this.setState({ foundBrew: res.body })) + .catch((err)=>this.setState({ error: err })) + .finally(()=>this.setState({ checkForScript: false })); + }, + renderFoundBrew(){ const brew = this.state.foundBrew; return
@@ -52,6 +70,8 @@ const BrewLookup = createClass({
Num of Views
{brew.views}
+ + {this.state.checkForScript && }
; }, From d3cc5c890ba95a050d7b51cf9c6cf3eb69bb179a Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Thu, 24 Oct 2024 17:20:55 +1300 Subject: [PATCH 04/28] Display number of SCRIPT tags detected in brew --- client/admin/brewUtils/brewLookup/brewLookup.jsx | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/client/admin/brewUtils/brewLookup/brewLookup.jsx b/client/admin/brewUtils/brewLookup/brewLookup.jsx index 180e46b72..fa5784501 100644 --- a/client/admin/brewUtils/brewLookup/brewLookup.jsx +++ b/client/admin/brewUtils/brewLookup/brewLookup.jsx @@ -16,14 +16,15 @@ const BrewLookup = createClass({ foundBrew : null, searching : false, error : null, - checkForScript : false + checkForScript : false, + scriptCount : undefined }; }, handleChange(e){ this.setState({ query: e.target.value }); }, lookup(){ - this.setState({ searching: true, error: null, checkForScript: false }); + this.setState({ searching: true, error: null, checkForScript: false, scriptCount: undefined }); request.get(`/admin/lookup/${this.state.query}`) .then((res)=>this.setState({ foundBrew: res.body })) @@ -35,7 +36,8 @@ const BrewLookup = createClass({ const brew = this.state.foundBrew; const scriptCheck = brew.text.match(/(<\/?s)cript/); this.setState({ - checkForScript : !!scriptCheck + checkForScript : !!scriptCheck, + scriptCount : scriptCheck?.length || 0 }); }, @@ -45,7 +47,7 @@ const BrewLookup = createClass({ request.put(`/admin/clean/script/${this.state.foundBrew.shareId}`) .then((res)=>this.setState({ foundBrew: res.body })) .catch((err)=>this.setState({ error: err })) - .finally(()=>this.setState({ checkForScript: false })); + .finally(()=>this.setState({ checkForScript: false, scriptCount: 0 })); }, renderFoundBrew(){ @@ -71,6 +73,7 @@ const BrewLookup = createClass({
{brew.views}
+ {(typeof this.state.scriptCount == 'number') &&

Number of SCRIPT tags found: {this.state.scriptCount}

} {this.state.checkForScript && } ; }, From db1fdca3ab57e30d244277cf8fea74b5487f10b7 Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Thu, 24 Oct 2024 20:45:12 +1300 Subject: [PATCH 05/28] Automatically check for SCRIPT tags --- .../admin/brewUtils/brewLookup/brewLookup.jsx | 38 ++++++++++++------- .../brewUtils/brewLookup/brewLookup.less | 6 +++ 2 files changed, 30 insertions(+), 14 deletions(-) create mode 100644 client/admin/brewUtils/brewLookup/brewLookup.less diff --git a/client/admin/brewUtils/brewLookup/brewLookup.jsx b/client/admin/brewUtils/brewLookup/brewLookup.jsx index fa5784501..922613559 100644 --- a/client/admin/brewUtils/brewLookup/brewLookup.jsx +++ b/client/admin/brewUtils/brewLookup/brewLookup.jsx @@ -1,3 +1,5 @@ +require('./brewLookup.less'); + const React = require('react'); const createClass = require('create-react-class'); const cx = require('classnames'); @@ -27,18 +29,21 @@ const BrewLookup = createClass({ this.setState({ searching: true, error: null, checkForScript: false, scriptCount: undefined }); request.get(`/admin/lookup/${this.state.query}`) - .then((res)=>this.setState({ foundBrew: res.body })) + .then((res)=>{ + const foundBrew = res.body; + const scriptCheck = foundBrew.text.match(/(<\/?s)cript/); + this.setState({ + foundBrew : foundBrew, + scriptCount : scriptCheck?.length || 0, + checkForScript : scriptCheck?.length > 0 + }); + }) .catch((err)=>this.setState({ error: err })) - .finally(()=>this.setState({ searching: false })); - }, - - checkForScript(){ - const brew = this.state.foundBrew; - const scriptCheck = brew.text.match(/(<\/?s)cript/); - this.setState({ - checkForScript : !!scriptCheck, - scriptCount : scriptCheck?.length || 0 - }); + .finally(()=>{ + this.setState({ + searching : false + }); + }); }, cleanScript(){ @@ -71,10 +76,15 @@ const BrewLookup = createClass({
Num of Views
{brew.views}
+ +
Number of SCRIPT tags detected
+
{this.state.scriptCount}
- - {(typeof this.state.scriptCount == 'number') &&

Number of SCRIPT tags found: {this.state.scriptCount}

} - {this.state.checkForScript && } + {this.state.checkForScript && +
+ +
+ } ; }, diff --git a/client/admin/brewUtils/brewLookup/brewLookup.less b/client/admin/brewUtils/brewLookup/brewLookup.less new file mode 100644 index 000000000..da15e3a64 --- /dev/null +++ b/client/admin/brewUtils/brewLookup/brewLookup.less @@ -0,0 +1,6 @@ +.brewLookup { + .cleanButton { + display : inline-block; + width : 100%; + } +} \ No newline at end of file From e3619bb1fc29d261753f6e01f87df0538703a0eb Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Fri, 25 Oct 2024 00:11:02 +1300 Subject: [PATCH 06/28] Add global flag to regex --- client/admin/brewUtils/brewLookup/brewLookup.jsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/admin/brewUtils/brewLookup/brewLookup.jsx b/client/admin/brewUtils/brewLookup/brewLookup.jsx index 922613559..8814e465a 100644 --- a/client/admin/brewUtils/brewLookup/brewLookup.jsx +++ b/client/admin/brewUtils/brewLookup/brewLookup.jsx @@ -31,7 +31,7 @@ const BrewLookup = createClass({ request.get(`/admin/lookup/${this.state.query}`) .then((res)=>{ const foundBrew = res.body; - const scriptCheck = foundBrew.text.match(/(<\/?s)cript/); + const scriptCheck = foundBrew.text.match(/(<\/?s)cript/g); this.setState({ foundBrew : foundBrew, scriptCount : scriptCheck?.length || 0, From 28894adeabc3187fa4791091b28bb0c30f422f90 Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Fri, 25 Oct 2024 11:17:44 +1300 Subject: [PATCH 07/28] Add error check for no brew found --- client/admin/brewUtils/brewLookup/brewLookup.jsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/admin/brewUtils/brewLookup/brewLookup.jsx b/client/admin/brewUtils/brewLookup/brewLookup.jsx index 8814e465a..ab938854e 100644 --- a/client/admin/brewUtils/brewLookup/brewLookup.jsx +++ b/client/admin/brewUtils/brewLookup/brewLookup.jsx @@ -31,7 +31,7 @@ const BrewLookup = createClass({ request.get(`/admin/lookup/${this.state.query}`) .then((res)=>{ const foundBrew = res.body; - const scriptCheck = foundBrew.text.match(/(<\/?s)cript/g); + const scriptCheck = foundBrew?.text.match(/(<\/?s)cript/g); this.setState({ foundBrew : foundBrew, scriptCount : scriptCheck?.length || 0, From 948f03b5b86bc9c8cc3fbdf1b2fc07726dbfb394 Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Fri, 25 Oct 2024 11:18:36 +1300 Subject: [PATCH 08/28] Add admin access type to getBrew --- server/homebrew.api.js | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/server/homebrew.api.js b/server/homebrew.api.js index 213b341ca..c6c9ab0f8 100644 --- a/server/homebrew.api.js +++ b/server/homebrew.api.js @@ -87,8 +87,18 @@ const api = { // Get relevant IDs for the brew const { id, googleId } = api.getId(req); + const accessMap = { + edit : { editId: id }, + share : { shareId: id }, + admin : { + $or : [ + { editId: { $regex: req.params.id, $options: 'i' } }, + { shareId: { $regex: req.params.id, $options: 'i' } }, + ] } + }; + // Try to find the document in the Homebrewery database -- if it doesn't exist, that's fine. - let stub = await HomebrewModel.get(accessType === 'edit' ? { editId: id } : { shareId: id }) + let stub = await HomebrewModel.get(accessMap[accessType]) .catch((err)=>{ if(googleId) { console.warn(`Unable to find document stub for ${accessType}Id ${id}`); From ac2de613c5d0e23947b2f4266868428ae517f848 Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Fri, 25 Oct 2024 11:19:55 +1300 Subject: [PATCH 09/28] Change Admin lookup to use Homebrew.API getBrew instead --- server/admin.api.js | 31 +++++++++++++------------------ 1 file changed, 13 insertions(+), 18 deletions(-) diff --git a/server/admin.api.js b/server/admin.api.js index 11e336c22..3d1688129 100644 --- a/server/admin.api.js +++ b/server/admin.api.js @@ -5,6 +5,9 @@ const Moment = require('moment'); const templateFn = require('../client/template.js'); const zlib = require('zlib'); +const HomebrewAPI = require('./homebrew.api.js'); +const asyncHandler = require('express-async-handler'); + process.env.ADMIN_USER = process.env.ADMIN_USER || 'admin'; process.env.ADMIN_PASS = process.env.ADMIN_PASS || 'password3'; @@ -66,27 +69,19 @@ router.post('/admin/cleanup', mw.adminOnly, (req, res)=>{ }); /* Searches for matching edit or share id, also attempts to partial match */ -router.get('/admin/lookup/:id', mw.adminOnly, async (req, res, next)=>{ - HomebrewModel.findOne({ - $or : [ - { editId: { $regex: req.params.id, $options: 'i' } }, - { shareId: { $regex: req.params.id, $options: 'i' } }, - ] - }).exec() - .then((brew)=>{ - if(!brew) // No document found +router.get('/admin/lookup/:id', mw.adminOnly, asyncHandler(HomebrewAPI.getBrew('admin', true)), async (req, res, next)=>{ + const brew = req?.brew ?? undefined; + + try { + if(!brew){ + // No document found return res.status(404).json({ error: 'Document not found' }); - else { - if(!brew.text && brew.textBin){ - brew.text = zlib.inflateRawSync(brew.textBin); - } - return res.json(brew); } - }) - .catch((err)=>{ + return res.json(brew); + } catch (err) { console.error(err); return res.status(500).json({ error: 'Internal Server Error' }); - }); + } }); /* Find 50 brews that aren't compressed yet */ @@ -179,7 +174,7 @@ router.get('/admin/notification/all', async (req, res, next)=>{ try { const notifications = await NotificationModel.getAll(); return res.json(notifications); - + } catch (error) { console.log('Error getting all notifications: ', error.message); return res.status(500).json({ message: error.message }); From 63f6f6d3c6e733317e03530692309e9009f033c5 Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Fri, 25 Oct 2024 11:27:28 +1300 Subject: [PATCH 10/28] Fix new getBrew access type --- server/homebrew.api.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/server/homebrew.api.js b/server/homebrew.api.js index c6c9ab0f8..cd44c0e13 100644 --- a/server/homebrew.api.js +++ b/server/homebrew.api.js @@ -92,8 +92,8 @@ const api = { share : { shareId: id }, admin : { $or : [ - { editId: { $regex: req.params.id, $options: 'i' } }, - { shareId: { $regex: req.params.id, $options: 'i' } }, + { editId: { $regex: id, $options: 'i' } }, + { shareId: { $regex: id, $options: 'i' } }, ] } }; From 898be28af3c6753dd4234653d85eedfbad1eebe4 Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Fri, 25 Oct 2024 11:40:17 +1300 Subject: [PATCH 11/28] Fix Homebrew API parameter --- server/admin.api.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/admin.api.js b/server/admin.api.js index 3d1688129..4a1569950 100644 --- a/server/admin.api.js +++ b/server/admin.api.js @@ -69,7 +69,7 @@ router.post('/admin/cleanup', mw.adminOnly, (req, res)=>{ }); /* Searches for matching edit or share id, also attempts to partial match */ -router.get('/admin/lookup/:id', mw.adminOnly, asyncHandler(HomebrewAPI.getBrew('admin', true)), async (req, res, next)=>{ +router.get('/admin/lookup/:id', mw.adminOnly, asyncHandler(HomebrewAPI.getBrew('admin', false)), async (req, res, next)=>{ const brew = req?.brew ?? undefined; try { From fea8f157a7d41b88447a574da1aa404e01883e83 Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Fri, 25 Oct 2024 17:45:12 +1300 Subject: [PATCH 12/28] Change script clean to use Homebrew API update --- server/admin.api.js | 33 ++++++++++++--------------------- 1 file changed, 12 insertions(+), 21 deletions(-) diff --git a/server/admin.api.js b/server/admin.api.js index 4a1569950..e0ff2131c 100644 --- a/server/admin.api.js +++ b/server/admin.api.js @@ -7,6 +7,7 @@ const zlib = require('zlib'); const HomebrewAPI = require('./homebrew.api.js'); const asyncHandler = require('express-async-handler'); +const { splitTextStyleAndMetadata } = require('../shared/helpers.js'); process.env.ADMIN_USER = process.env.ADMIN_USER || 'admin'; process.env.ADMIN_PASS = process.env.ADMIN_PASS || 'password3'; @@ -100,35 +101,25 @@ router.get('/admin/finduncompressed', mw.adminOnly, (req, res)=>{ }); /* Cleans `` from the "text" field of a brew */ -router.put('/admin/clean/script/:id', (req, res)=>{ +router.put('/admin/clean/script/:id', asyncHandler(HomebrewAPI.getBrew('admin', false)), async (req, res)=>{ console.log(`[ADMIN] Cleaning script tags from ShareID ${req.params.id}`); function cleanText(text){return text.replaceAll(/(<\/?s)cript/gi, '');}; - HomebrewModel.findOne({ shareId: req.params.id }) - .then((brew)=>{ - if(!brew) - return res.status(404).send('Brew not found'); + const brew = req.brew; - if(!brew.text && brew.textBin) { - brew.text = zlib.inflateRawSync(brew.textBin); - } + const properties = ['text', 'description', 'title']; + properties.forEach((property)=>{ + brew[property] = cleanText(brew[property]); + }); + // Tag cleaning is commented out as it is impossible to enter a script tag in tags + // brew.tags = cleanText(brew.tags.join('\n')).split('\n'); - const properties = ['text', 'description', 'title']; - properties.forEach((property)=>{ - brew[property] = cleanText(brew[property]); - }); + splitTextStyleAndMetadata(brew); - brew.textBin = zlib.deflateRawSync(brew.text); - brew.text = undefined; + req.body = brew; - return brew.save(); - }) - .then((obj)=>res.status(200).send(obj)) - .catch((err)=>{ - console.error(err); - res.status(500).send('Error while saving'); - }); + return await HomebrewAPI.updateBrew(req, res); }); /* Compresses the "text" field of a brew to binary */ From a29aca32e7eab4eb80aea9605ad2e2d8220754df Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Tue, 29 Oct 2024 20:42:53 +1300 Subject: [PATCH 13/28] Display createdAt time --- client/admin/brewUtils/brewLookup/brewLookup.jsx | 3 +++ 1 file changed, 3 insertions(+) diff --git a/client/admin/brewUtils/brewLookup/brewLookup.jsx b/client/admin/brewUtils/brewLookup/brewLookup.jsx index ab938854e..234aaf78e 100644 --- a/client/admin/brewUtils/brewLookup/brewLookup.jsx +++ b/client/admin/brewUtils/brewLookup/brewLookup.jsx @@ -71,6 +71,9 @@ const BrewLookup = createClass({
Share Link
/share/{brew.shareId}
+
Created Time
+
{brew.createdAt ? Moment(brew.createdAt).toLocaleString() : 'No creation date'}
+
Last Updated
{Moment(brew.updatedAt).fromNow()}
From bd26f02ddb33fd55f634723136dba7ace3ca15e7 Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Sun, 10 Nov 2024 19:23:42 +1300 Subject: [PATCH 14/28] Remove getBrew admin regex search --- server/homebrew.api.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/server/homebrew.api.js b/server/homebrew.api.js index cd44c0e13..65d4c8051 100644 --- a/server/homebrew.api.js +++ b/server/homebrew.api.js @@ -92,8 +92,8 @@ const api = { share : { shareId: id }, admin : { $or : [ - { editId: { $regex: id, $options: 'i' } }, - { shareId: { $regex: id, $options: 'i' } }, + { editId: id }, + { shareId: id }, ] } }; From 27f14b042b8b65b86dcccfb0ef091dcab859af5a Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Sun, 10 Nov 2024 19:24:54 +1300 Subject: [PATCH 15/28] Remove comment about irrelevant tag cleaning --- server/admin.api.js | 2 -- 1 file changed, 2 deletions(-) diff --git a/server/admin.api.js b/server/admin.api.js index e0ff2131c..9fa2f0a69 100644 --- a/server/admin.api.js +++ b/server/admin.api.js @@ -112,8 +112,6 @@ router.put('/admin/clean/script/:id', asyncHandler(HomebrewAPI.getBrew('admin', properties.forEach((property)=>{ brew[property] = cleanText(brew[property]); }); - // Tag cleaning is commented out as it is impossible to enter a script tag in tags - // brew.tags = cleanText(brew.tags.join('\n')).split('\n'); splitTextStyleAndMetadata(brew); From 952b67aed3be3aaf1b31f47563fc19f3f5dc57f5 Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Sun, 10 Nov 2024 19:29:28 +1300 Subject: [PATCH 16/28] Remove checkForScript state --- .../admin/brewUtils/brewLookup/brewLookup.jsx | 22 +++++++++---------- 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/client/admin/brewUtils/brewLookup/brewLookup.jsx b/client/admin/brewUtils/brewLookup/brewLookup.jsx index 234aaf78e..7b7fd1b2e 100644 --- a/client/admin/brewUtils/brewLookup/brewLookup.jsx +++ b/client/admin/brewUtils/brewLookup/brewLookup.jsx @@ -14,28 +14,26 @@ const BrewLookup = createClass({ }, getInitialState() { return { - query : '', - foundBrew : null, - searching : false, - error : null, - checkForScript : false, - scriptCount : undefined + query : '', + foundBrew : null, + searching : false, + error : null, + scriptCount : 0 }; }, handleChange(e){ this.setState({ query: e.target.value }); }, lookup(){ - this.setState({ searching: true, error: null, checkForScript: false, scriptCount: undefined }); + this.setState({ searching: true, error: null, scriptCount: 0 }); request.get(`/admin/lookup/${this.state.query}`) .then((res)=>{ const foundBrew = res.body; const scriptCheck = foundBrew?.text.match(/(<\/?s)cript/g); this.setState({ - foundBrew : foundBrew, - scriptCount : scriptCheck?.length || 0, - checkForScript : scriptCheck?.length > 0 + foundBrew : foundBrew, + scriptCount : scriptCheck?.length || 0, }); }) .catch((err)=>this.setState({ error: err })) @@ -52,7 +50,7 @@ const BrewLookup = createClass({ request.put(`/admin/clean/script/${this.state.foundBrew.shareId}`) .then((res)=>this.setState({ foundBrew: res.body })) .catch((err)=>this.setState({ error: err })) - .finally(()=>this.setState({ checkForScript: false, scriptCount: 0 })); + .finally(()=>this.setState({ scriptCount: 0 })); }, renderFoundBrew(){ @@ -83,7 +81,7 @@ const BrewLookup = createClass({
Number of SCRIPT tags detected
{this.state.scriptCount}
- {this.state.checkForScript && + {this.state.scriptCount > 0 &&
From b3793a33307b9738f2a714860bf2efff928b6b95 Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Sun, 10 Nov 2024 19:30:57 +1300 Subject: [PATCH 17/28] Simplify scriptCount logic --- client/admin/brewUtils/brewLookup/brewLookup.jsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/admin/brewUtils/brewLookup/brewLookup.jsx b/client/admin/brewUtils/brewLookup/brewLookup.jsx index 7b7fd1b2e..a4f462a0e 100644 --- a/client/admin/brewUtils/brewLookup/brewLookup.jsx +++ b/client/admin/brewUtils/brewLookup/brewLookup.jsx @@ -81,7 +81,7 @@ const BrewLookup = createClass({
Number of SCRIPT tags detected
{this.state.scriptCount}
- {this.state.scriptCount > 0 && + {this.state.scriptCount &&
From ee811e94e19404981735d13b32adb14607c9456a Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Sun, 10 Nov 2024 19:34:19 +1300 Subject: [PATCH 18/28] Remove error handling that can never trigger --- server/admin.api.js | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/server/admin.api.js b/server/admin.api.js index 9fa2f0a69..29e32d6dc 100644 --- a/server/admin.api.js +++ b/server/admin.api.js @@ -72,17 +72,7 @@ router.post('/admin/cleanup', mw.adminOnly, (req, res)=>{ /* Searches for matching edit or share id, also attempts to partial match */ router.get('/admin/lookup/:id', mw.adminOnly, asyncHandler(HomebrewAPI.getBrew('admin', false)), async (req, res, next)=>{ const brew = req?.brew ?? undefined; - - try { - if(!brew){ - // No document found - return res.status(404).json({ error: 'Document not found' }); - } - return res.json(brew); - } catch (err) { - console.error(err); - return res.status(500).json({ error: 'Internal Server Error' }); - } + return res.json(brew); }); /* Find 50 brews that aren't compressed yet */ From 033b7fa44ff14a84f7ab15b18acac3c4f37f4040 Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Sun, 10 Nov 2024 19:35:57 +1300 Subject: [PATCH 19/28] Lint fix --- server/homebrew.api.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/server/homebrew.api.js b/server/homebrew.api.js index 65d4c8051..e156f3c85 100644 --- a/server/homebrew.api.js +++ b/server/homebrew.api.js @@ -305,9 +305,8 @@ const api = { req.params.id = currentTheme.theme; req.params.renderer = currentTheme.renderer; - } + } else { //=== Static Themes ===// - else { const localSnippets = `${req.params.renderer}_${req.params.id}`; // Just log the name for loading on client const localStyle = `@import url(\"/themes/${req.params.renderer}/${req.params.id}/style.css\");`; completeSnippets.push(localSnippets); From 2dafbf20802bc42a7b6abd5df2d835784f5df578 Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Sun, 10 Nov 2024 20:19:30 +1300 Subject: [PATCH 20/28] Simplify Admin brew lookup function --- server/admin.api.js | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/server/admin.api.js b/server/admin.api.js index 29e32d6dc..bc179ff7b 100644 --- a/server/admin.api.js +++ b/server/admin.api.js @@ -71,8 +71,7 @@ router.post('/admin/cleanup', mw.adminOnly, (req, res)=>{ /* Searches for matching edit or share id, also attempts to partial match */ router.get('/admin/lookup/:id', mw.adminOnly, asyncHandler(HomebrewAPI.getBrew('admin', false)), async (req, res, next)=>{ - const brew = req?.brew ?? undefined; - return res.json(brew); + return res.json(req.brew); }); /* Find 50 brews that aren't compressed yet */ From dc1d40512b9c1aed90ee4b69dd464f214d5bc62f Mon Sep 17 00:00:00 2001 From: "G.Ambatte" Date: Sun, 10 Nov 2024 21:45:17 +1300 Subject: [PATCH 21/28] Reinstate length check --- client/admin/brewUtils/brewLookup/brewLookup.jsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/admin/brewUtils/brewLookup/brewLookup.jsx b/client/admin/brewUtils/brewLookup/brewLookup.jsx index a4f462a0e..7b7fd1b2e 100644 --- a/client/admin/brewUtils/brewLookup/brewLookup.jsx +++ b/client/admin/brewUtils/brewLookup/brewLookup.jsx @@ -81,7 +81,7 @@ const BrewLookup = createClass({
Number of SCRIPT tags detected
{this.state.scriptCount}
- {this.state.scriptCount && + {this.state.scriptCount > 0 &&
From 4e4463fe4dc863fb54d55368acf296f618e45431 Mon Sep 17 00:00:00 2001 From: David Bolack Date: Mon, 11 Nov 2024 11:17:00 -0600 Subject: [PATCH 22/28] Fix Issue 3718 by bounds checking prerender. --- client/homebrew/brewRenderer/brewRenderer.jsx | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/client/homebrew/brewRenderer/brewRenderer.jsx b/client/homebrew/brewRenderer/brewRenderer.jsx index 1c45269cf..4685775b9 100644 --- a/client/homebrew/brewRenderer/brewRenderer.jsx +++ b/client/homebrew/brewRenderer/brewRenderer.jsx @@ -161,7 +161,8 @@ const BrewRenderer = (props)=>{ renderedPages.length = 0; // Render currently-edited page first so cross-page effects (variables, links) can propagate out first - renderedPages[props.currentEditorCursorPageNum - 1] = renderPage(rawPages[props.currentEditorCursorPageNum - 1], props.currentEditorCursorPageNum - 1); + if(rawPages.length > props.currentEditorCursorPageNum -1) + renderedPages[props.currentEditorCursorPageNum - 1] = renderPage(rawPages[props.currentEditorCursorPageNum - 1], props.currentEditorCursorPageNum - 1); _.forEach(rawPages, (page, index)=>{ if((isInView(index) || !renderedPages[index]) && typeof window !== 'undefined'){ From 107aa34ee40fdbdad23970d17b500c5e1f9de4ce Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Nov 2024 03:12:02 +0000 Subject: [PATCH 23/28] Bump dompurify from 3.1.7 to 3.2.0 Bumps [dompurify](https://github.com/cure53/DOMPurify) from 3.1.7 to 3.2.0. - [Release notes](https://github.com/cure53/DOMPurify/releases) - [Commits](https://github.com/cure53/DOMPurify/compare/3.1.7...3.2.0) --- updated-dependencies: - dependency-name: dompurify dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package-lock.json | 8 ++++---- package.json | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index ae99df672..bc3530f17 100644 --- a/package-lock.json +++ b/package-lock.json @@ -21,7 +21,7 @@ "cookie-parser": "^1.4.7", "create-react-class": "^15.7.0", "dedent-tabs": "^0.10.3", - "dompurify": "^3.1.7", + "dompurify": "^3.2.0", "expr-eval": "^2.0.2", "express": "^4.21.1", "express-async-handler": "^1.2.0", @@ -5455,9 +5455,9 @@ } }, "node_modules/dompurify": { - "version": "3.1.7", - "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.1.7.tgz", - "integrity": "sha512-VaTstWtsneJY8xzy7DekmYWEOZcmzIe3Qb3zPd4STve1OBTa+e+WmS1ITQec1fZYXI3HCsOZZiSMpG6oxoWMWQ==" + "version": "3.2.0", + "resolved": "https://registry.npmjs.org/dompurify/-/dompurify-3.2.0.tgz", + "integrity": "sha512-AMdOzK44oFWqHEi0wpOqix/fUNY707OmoeFDnbi3Q5I8uOpy21ufUA5cDJPr0bosxrflOVD/H2DMSvuGKJGfmQ==" }, "node_modules/duplexer2": { "version": "0.1.4", diff --git a/package.json b/package.json index a48423f50..f31fed0f5 100644 --- a/package.json +++ b/package.json @@ -98,7 +98,7 @@ "cookie-parser": "^1.4.7", "create-react-class": "^15.7.0", "dedent-tabs": "^0.10.3", - "dompurify": "^3.1.7", + "dompurify": "^3.2.0", "expr-eval": "^2.0.2", "express": "^4.21.1", "express-async-handler": "^1.2.0", From 8c6c8f861d31f3fe910f7f82a01be9538b6cc935 Mon Sep 17 00:00:00 2001 From: Trevor Buckner Date: Tue, 12 Nov 2024 00:08:56 -0500 Subject: [PATCH 24/28] Automatically re-check for scripts Adding a separate `keepText` field for the `updateBrew()` API might be a bandaid for something that should be looked at more deeply as a separate refactor, considering `updateBrew()` is configured to just return the stub and not the whole document. For now, re-scanning for script tags after updating can be as simple as just re-looking up the brew. --- client/admin/brewUtils/brewLookup/brewLookup.jsx | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/client/admin/brewUtils/brewLookup/brewLookup.jsx b/client/admin/brewUtils/brewLookup/brewLookup.jsx index 7b7fd1b2e..80f08fcf8 100644 --- a/client/admin/brewUtils/brewLookup/brewLookup.jsx +++ b/client/admin/brewUtils/brewLookup/brewLookup.jsx @@ -44,13 +44,13 @@ const BrewLookup = createClass({ }); }, - cleanScript(){ + async cleanScript(){ if(!this.state.foundBrew?.shareId) return; - request.put(`/admin/clean/script/${this.state.foundBrew.shareId}`) - .then((res)=>this.setState({ foundBrew: res.body })) - .catch((err)=>this.setState({ error: err })) - .finally(()=>this.setState({ scriptCount: 0 })); + await request.put(`/admin/clean/script/${this.state.foundBrew.shareId}`) + .catch((err)=>{ this.setState({ error: err }); return; }); + + this.lookup(); }, renderFoundBrew(){ From 2e9c7b1d9b7a212337330f66e9fada792d4c1f86 Mon Sep 17 00:00:00 2001 From: Trevor Buckner Date: Tue, 12 Nov 2024 00:20:37 -0500 Subject: [PATCH 25/28] Shorten label --- client/admin/brewUtils/brewLookup/brewLookup.jsx | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/client/admin/brewUtils/brewLookup/brewLookup.jsx b/client/admin/brewUtils/brewLookup/brewLookup.jsx index 80f08fcf8..e5b585ced 100644 --- a/client/admin/brewUtils/brewLookup/brewLookup.jsx +++ b/client/admin/brewUtils/brewLookup/brewLookup.jsx @@ -78,7 +78,7 @@ const BrewLookup = createClass({
Num of Views
{brew.views}
-
Number of SCRIPT tags detected
+
SCRIPT tags detected
{this.state.scriptCount}
{this.state.scriptCount > 0 && From 0d2dfe66bcc85e9b1a9ad3e9e0537248da49fef3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Nov 2024 05:36:16 +0000 Subject: [PATCH 26/28] Bump mongoose from 8.7.3 to 8.8.1 Bumps [mongoose](https://github.com/Automattic/mongoose) from 8.7.3 to 8.8.1. - [Release notes](https://github.com/Automattic/mongoose/releases) - [Changelog](https://github.com/Automattic/mongoose/blob/master/CHANGELOG.md) - [Commits](https://github.com/Automattic/mongoose/compare/8.7.3...8.8.1) --- updated-dependencies: - dependency-name: mongoose dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package-lock.json | 22 +++++++++++----------- package.json | 2 +- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/package-lock.json b/package-lock.json index bc3530f17..1d1d86534 100644 --- a/package-lock.json +++ b/package-lock.json @@ -39,7 +39,7 @@ "marked-smartypants-lite": "^1.0.2", "markedLegacy": "npm:marked@^0.3.19", "moment": "^2.30.1", - "mongoose": "^8.7.3", + "mongoose": "^8.8.1", "nanoid": "3.3.4", "nconf": "^0.12.1", "react": "^18.3.1", @@ -4327,9 +4327,9 @@ } }, "node_modules/bson": { - "version": "6.8.0", - "resolved": "https://registry.npmjs.org/bson/-/bson-6.8.0.tgz", - "integrity": "sha512-iOJg8pr7wq2tg/zSlCCHMi3hMm5JTOxLTagf3zxhcenHsFp+c6uOs6K7W5UE7A4QIJGtqh/ZovFNMP4mOPJynQ==", + "version": "6.9.0", + "resolved": "https://registry.npmjs.org/bson/-/bson-6.9.0.tgz", + "integrity": "sha512-X9hJeyeM0//Fus+0pc5dSUMhhrrmWwQUtdavaQeF3Ta6m69matZkGWV/MrBcnwUeLC8W9kwwc2hfkZgUuCX3Ig==", "engines": { "node": ">=16.20.1" } @@ -10865,13 +10865,13 @@ } }, "node_modules/mongoose": { - "version": "8.7.3", - "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-8.7.3.tgz", - "integrity": "sha512-Xl6+dzU5ZpEcDoJ8/AyrIdAwTY099QwpolvV73PIytpK13XqwllLq/9XeVzzLEQgmyvwBVGVgjmMrKbuezxrIA==", + "version": "8.8.1", + "resolved": "https://registry.npmjs.org/mongoose/-/mongoose-8.8.1.tgz", + "integrity": "sha512-l7DgeY1szT98+EKU8GYnga5WnyatAu+kOQ2VlVX1Mxif6A0Umt0YkSiksCiyGxzx8SPhGe9a53ND1GD4yVDrPA==", "dependencies": { "bson": "^6.7.0", "kareem": "2.6.3", - "mongodb": "6.9.0", + "mongodb": "~6.10.0", "mpath": "0.9.0", "mquery": "5.0.0", "ms": "2.1.3", @@ -10943,9 +10943,9 @@ } }, "node_modules/mongoose/node_modules/mongodb": { - "version": "6.9.0", - "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-6.9.0.tgz", - "integrity": "sha512-UMopBVx1LmEUbW/QE0Hw18u583PEDVQmUmVzzBRH0o/xtE9DBRA5ZYLOjpLIa03i8FXjzvQECJcqoMvCXftTUA==", + "version": "6.10.0", + "resolved": "https://registry.npmjs.org/mongodb/-/mongodb-6.10.0.tgz", + "integrity": "sha512-gP9vduuYWb9ZkDM546M+MP2qKVk5ZG2wPF63OvSRuUbqCR+11ZCAE1mOfllhlAG0wcoJY5yDL/rV3OmYEwXIzg==", "dependencies": { "@mongodb-js/saslprep": "^1.1.5", "bson": "^6.7.0", diff --git a/package.json b/package.json index f31fed0f5..529745eef 100644 --- a/package.json +++ b/package.json @@ -116,7 +116,7 @@ "marked-smartypants-lite": "^1.0.2", "markedLegacy": "npm:marked@^0.3.19", "moment": "^2.30.1", - "mongoose": "^8.7.3", + "mongoose": "^8.8.1", "nanoid": "3.3.4", "nconf": "^0.12.1", "react": "^18.3.1", From b22f3d041c403e13823f6dc2111619ecd00a93f4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Nov 2024 18:15:31 +0000 Subject: [PATCH 27/28] Bump express-static-gzip from 2.1.8 to 2.2.0 Bumps [express-static-gzip](https://github.com/tkoenig89/express-static-gzip) from 2.1.8 to 2.2.0. - [Release notes](https://github.com/tkoenig89/express-static-gzip/releases) - [Commits](https://github.com/tkoenig89/express-static-gzip/compare/v2.1.8...v2.2.0) --- updated-dependencies: - dependency-name: express-static-gzip dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- package-lock.json | 9 +++++---- package.json | 2 +- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index 1d1d86534..897967a5f 100644 --- a/package-lock.json +++ b/package-lock.json @@ -25,7 +25,7 @@ "expr-eval": "^2.0.2", "express": "^4.21.1", "express-async-handler": "^1.2.0", - "express-static-gzip": "2.1.8", + "express-static-gzip": "2.2.0", "fs-extra": "11.2.0", "idb-keyval": "^6.2.1", "js-yaml": "^4.1.0", @@ -6290,10 +6290,11 @@ "license": "MIT" }, "node_modules/express-static-gzip": { - "version": "2.1.8", - "resolved": "https://registry.npmjs.org/express-static-gzip/-/express-static-gzip-2.1.8.tgz", - "integrity": "sha512-g8tiJuI9Y9Ffy59ehVXvqb0hhP83JwZiLxzanobPaMbkB5qBWA8nuVgd+rcd5qzH3GkgogTALlc0BaADYwnMbQ==", + "version": "2.2.0", + "resolved": "https://registry.npmjs.org/express-static-gzip/-/express-static-gzip-2.2.0.tgz", + "integrity": "sha512-4ZQ0pHX0CAauxmzry2/8XFLM6aZA4NBvg9QezSlsEO1zLnl7vMFa48/WIcjzdfOiEUS4S1npPPKP2NHHYAp6qg==", "dependencies": { + "parseurl": "^1.3.3", "serve-static": "^1.16.2" } }, diff --git a/package.json b/package.json index 529745eef..ab4ceffba 100644 --- a/package.json +++ b/package.json @@ -102,7 +102,7 @@ "expr-eval": "^2.0.2", "express": "^4.21.1", "express-async-handler": "^1.2.0", - "express-static-gzip": "2.1.8", + "express-static-gzip": "2.2.0", "fs-extra": "11.2.0", "idb-keyval": "^6.2.1", "js-yaml": "^4.1.0", From f749706cb3661021cacb3bbc471ae1c878cb5171 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Nov 2024 18:15:37 +0000 Subject: [PATCH 28/28] Bump marked-emoji from 1.4.2 to 1.4.3 Bumps [marked-emoji](https://github.com/UziTech/marked-emoji) from 1.4.2 to 1.4.3. - [Release notes](https://github.com/UziTech/marked-emoji/releases) - [Changelog](https://github.com/UziTech/marked-emoji/blob/main/release.config.cjs) - [Commits](https://github.com/UziTech/marked-emoji/compare/v1.4.2...v1.4.3) --- updated-dependencies: - dependency-name: marked-emoji dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package-lock.json | 10 +++++----- package.json | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/package-lock.json b/package-lock.json index 1d1d86534..8b94d5cbd 100644 --- a/package-lock.json +++ b/package-lock.json @@ -33,7 +33,7 @@ "less": "^3.13.1", "lodash": "^4.17.21", "marked": "11.2.0", - "marked-emoji": "^1.4.2", + "marked-emoji": "^1.4.3", "marked-extended-tables": "^1.0.10", "marked-gfm-heading-id": "^3.2.0", "marked-smartypants-lite": "^1.0.2", @@ -10487,11 +10487,11 @@ } }, "node_modules/marked-emoji": { - "version": "1.4.2", - "resolved": "https://registry.npmjs.org/marked-emoji/-/marked-emoji-1.4.2.tgz", - "integrity": "sha512-2sP+bp2z76dwbILzQ7ijy2PyjjAJR3iAZCzaNGThD2UijFUBeidkn6MoCdX/j47tPIcWt9nwnjqRQPd01ZrfdA==", + "version": "1.4.3", + "resolved": "https://registry.npmjs.org/marked-emoji/-/marked-emoji-1.4.3.tgz", + "integrity": "sha512-HDZx1VOmzu7XT2QNKWfrHGbNRMTWKj9XD78yrcH1madD30HpGLMODPOmKr/e7CA7NKKXkpXXNdndQn++ysXmHg==", "peerDependencies": { - "marked": ">=4 <15" + "marked": ">=4 <16" } }, "node_modules/marked-extended-tables": { diff --git a/package.json b/package.json index 529745eef..473d1398d 100644 --- a/package.json +++ b/package.json @@ -110,7 +110,7 @@ "less": "^3.13.1", "lodash": "^4.17.21", "marked": "11.2.0", - "marked-emoji": "^1.4.2", + "marked-emoji": "^1.4.3", "marked-extended-tables": "^1.0.10", "marked-gfm-heading-id": "^3.2.0", "marked-smartypants-lite": "^1.0.2",