From 3d45c9610fce33a99d1b95aaa56eadf0bffd76b5 Mon Sep 17 00:00:00 2001 From: Johannes Zellner Date: Mon, 12 Jun 2017 09:30:03 +0200 Subject: Reenable the export feature Fixes #1055 --- client/components/boards/boardHeader.js | 22 ++++++++--------- models/export.js | 44 ++++++++++++++++----------------- 2 files changed, 33 insertions(+), 33 deletions(-) diff --git a/client/components/boards/boardHeader.js b/client/components/boards/boardHeader.js index 10d9925a..ac5f9c33 100644 --- a/client/components/boards/boardHeader.js +++ b/client/components/boards/boardHeader.js @@ -15,17 +15,17 @@ Template.boardMenuPopup.events({ }), }); -// Template.boardMenuPopup.helpers({ -// exportUrl() { -// const boardId = Session.get('currentBoard'); -// const loginToken = Accounts._storedLoginToken(); -// return FlowRouter.url(`api/boards/${boardId}?authToken=${loginToken}`); -// }, -// exportFilename() { -// const boardId = Session.get('currentBoard'); -// return `wekan-export-board-${boardId}.json`; -// }, -// }); +Template.boardMenuPopup.helpers({ + exportUrl() { + const boardId = Session.get('currentBoard'); + const loginToken = Accounts._storedLoginToken(); + return FlowRouter.url(`api/boards/${boardId}/export?authToken=${loginToken}`); + }, + exportFilename() { + const boardId = Session.get('currentBoard'); + return `wekan-export-board-${boardId}.json`; + }, +}); Template.boardChangeTitlePopup.events({ submit(evt, tpl) { diff --git a/models/export.js b/models/export.js index 7a363dd3..7b22f45d 100644 --- a/models/export.js +++ b/models/export.js @@ -9,33 +9,33 @@ if (Meteor.isServer) { /* * This route is used to export the board FROM THE APPLICATION. * If user is already logged-in, pass loginToken as param "authToken": - * '/api/boards/:boardId?authToken=:token' + * '/api/boards/:boardId/export?authToken=:token' * * See https://blog.kayla.com.au/server-side-route-authentication-in-meteor/ * for detailed explanations */ - // JsonRoutes.add('get', '/api/boards/:boardId', function (req, res) { - // const boardId = req.params.boardId; - // let user = null; - // // todo XXX for real API, first look for token in Authentication: header - // // then fallback to parameter - // const loginToken = req.query.authToken; - // if (loginToken) { - // const hashToken = Accounts._hashLoginToken(loginToken); - // user = Meteor.users.findOne({ - // 'services.resume.loginTokens.hashedToken': hashToken, - // }); - // } + JsonRoutes.add('get', '/api/boards/:boardId/export', function (req, res) { + const boardId = req.params.boardId; + let user = null; + // todo XXX for real API, first look for token in Authentication: header + // then fallback to parameter + const loginToken = req.query.authToken; + if (loginToken) { + const hashToken = Accounts._hashLoginToken(loginToken); + user = Meteor.users.findOne({ + 'services.resume.loginTokens.hashedToken': hashToken, + }); + } - // const exporter = new Exporter(boardId); - // if(exporter.canExport(user)) { - // JsonRoutes.sendResult(res, 200, exporter.build()); - // } else { - // // we could send an explicit error message, but on the other hand the only - // // way to get there is by hacking the UI so let's keep it raw. - // JsonRoutes.sendResult(res, 403); - // } - // }); + const exporter = new Exporter(boardId); + if(exporter.canExport(user)) { + JsonRoutes.sendResult(res, { code: 200, data: exporter.build() }); + } else { + // we could send an explicit error message, but on the other hand the only + // way to get there is by hacking the UI so let's keep it raw. + JsonRoutes.sendResult(res, 403); + } + }); } class Exporter { -- cgit v1.2.3-1-g7c22