92 lines
3.8 KiB
Diff
92 lines
3.8 KiB
Diff
39a40
|
|
> const TrackChangesController = require('./Features/TrackChanges/TrackChangesController')
|
|
218c219,226
|
|
< webRouter.get('/login', UserPagesController.loginPage)
|
|
---
|
|
> // If no LDAP Server is in use and no local db login then we can redirect the login
|
|
> // and just use OAUTH
|
|
> if ( (typeof process.env.LDAP_SERVER === typeof undefined) && (process.env.ALLOW_EMAIL_LOGIN === 'false') && (process.env.OAUTH2_ENABLED === 'true') ) {
|
|
> webRouter.get('/login', function (req, res, next) { res.redirect('/oauth/redirect') })
|
|
> } else {
|
|
> webRouter.get('/login', UserPagesController.loginPage)
|
|
> }
|
|
>
|
|
259a268,274
|
|
> if (process.env.OAUTH2_ENABLED === 'true') {
|
|
> webRouter.get('/oauth/redirect', AuthenticationController.oauth2Redirect)
|
|
> webRouter.get('/oauth/callback', AuthenticationController.oauth2Callback)
|
|
> AuthenticationController.addEndpointToLoginWhitelist('/oauth/redirect')
|
|
> AuthenticationController.addEndpointToLoginWhitelist('/oauth/callback')
|
|
> }
|
|
>
|
|
1352a1368,1436
|
|
> )
|
|
>
|
|
> webRouter.post('/project/:project_id/track_changes',
|
|
> AuthorizationMiddleware.blockRestrictedUserFromProject,
|
|
> AuthorizationMiddleware.ensureUserCanReadProject,
|
|
> TrackChangesController.trackChanges
|
|
> )
|
|
> webRouter.post('/project/:project_id/doc/:doc_id/changes/accept',
|
|
> AuthorizationMiddleware.blockRestrictedUserFromProject,
|
|
> AuthorizationMiddleware.ensureUserCanReadProject,
|
|
> TrackChangesController.acceptChanges
|
|
> )
|
|
> webRouter.get('/project/:project_id/ranges',
|
|
> AuthorizationMiddleware.blockRestrictedUserFromProject,
|
|
> AuthorizationMiddleware.ensureUserCanReadProject,
|
|
> TrackChangesController.getAllRanges
|
|
> )
|
|
> webRouter.get('/project/:project_id/changes/users',
|
|
> AuthorizationMiddleware.blockRestrictedUserFromProject,
|
|
> AuthorizationMiddleware.ensureUserCanReadProject,
|
|
> TrackChangesController.getChangesUsers
|
|
> )
|
|
> webRouter.get(
|
|
> '/project/:project_id/threads',
|
|
> AuthorizationMiddleware.blockRestrictedUserFromProject,
|
|
> AuthorizationMiddleware.ensureUserCanReadProject,
|
|
> TrackChangesController.getThreads
|
|
> )
|
|
> webRouter.post(
|
|
> '/project/:project_id/thread/:thread_id/messages',
|
|
> AuthorizationMiddleware.blockRestrictedUserFromProject,
|
|
> AuthorizationMiddleware.ensureUserCanReadProject,
|
|
> TrackChangesController.sendComment
|
|
> )
|
|
> webRouter.post(
|
|
> '/project/:project_id/thread/:thread_id/messages/:message_id/edit',
|
|
> AuthorizationMiddleware.blockRestrictedUserFromProject,
|
|
> AuthorizationMiddleware.ensureUserCanReadProject,
|
|
> TrackChangesController.editMessage
|
|
> )
|
|
> webRouter.delete(
|
|
> '/project/:project_id/thread/:thread_id/messages/:message_id',
|
|
> AuthorizationMiddleware.blockRestrictedUserFromProject,
|
|
> AuthorizationMiddleware.ensureUserCanReadProject,
|
|
> TrackChangesController.deleteMessage
|
|
> )
|
|
> webRouter.post(
|
|
> '/project/:project_id/doc/:doc_id/thread/:thread_id/resolve',
|
|
> AuthorizationMiddleware.blockRestrictedUserFromProject,
|
|
> AuthorizationMiddleware.ensureUserCanReadProject,
|
|
> TrackChangesController.resolveThread
|
|
> )
|
|
> webRouter.post(
|
|
> '/project/:project_id/thread/:thread_id/resolve',
|
|
> AuthorizationMiddleware.blockRestrictedUserFromProject,
|
|
> AuthorizationMiddleware.ensureUserCanReadProject,
|
|
> TrackChangesController.resolveThread
|
|
> )
|
|
> webRouter.post(
|
|
> '/project/:project_id/doc/:doc_id/thread/:thread_id/reopen',
|
|
> AuthorizationMiddleware.blockRestrictedUserFromProject,
|
|
> AuthorizationMiddleware.ensureUserCanReadProject,
|
|
> TrackChangesController.reopenThread
|
|
> )
|
|
> webRouter.delete(
|
|
> '/project/:project_id/doc/:doc_id/thread/:thread_id',
|
|
> AuthorizationMiddleware.blockRestrictedUserFromProject,
|
|
> AuthorizationMiddleware.ensureUserCanReadProject,
|
|
> TrackChangesController.deleteThread
|