From 76a10d6cf910d6a97cd2f519c87ec4c4e7f3dcfe Mon Sep 17 00:00:00 2001 From: Matteo Pagliazzi Date: Mon, 16 Apr 2018 18:43:09 +0200 Subject: [PATCH] start removing inbox from some routes (#10259) --- website/server/controllers/api-v3/hall.js | 8 +++++-- .../controllers/api-v3/notifications.js | 16 +++++++++---- .../controllers/api-v3/pushNotifications.js | 8 +++++-- website/server/controllers/api-v3/shops.js | 24 ++++++++++++++----- website/server/controllers/api-v3/tags.js | 24 ++++++++++++++----- website/server/controllers/api-v3/webhook.js | 12 +++++++--- 6 files changed, 69 insertions(+), 23 deletions(-) diff --git a/website/server/controllers/api-v3/hall.js b/website/server/controllers/api-v3/hall.js index 5d836407b3..f713ac8568 100644 --- a/website/server/controllers/api-v3/hall.js +++ b/website/server/controllers/api-v3/hall.js @@ -60,7 +60,9 @@ let api = {}; api.getPatrons = { method: 'GET', url: '/hall/patrons', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { req.checkQuery('page', res.t('pageMustBeNumber')).optional().isNumeric(); @@ -120,7 +122,9 @@ api.getPatrons = { api.getHeroes = { method: 'GET', url: '/hall/heroes', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let heroes = await User .find({ diff --git a/website/server/controllers/api-v3/notifications.js b/website/server/controllers/api-v3/notifications.js index 114017c2d8..48fc61f304 100644 --- a/website/server/controllers/api-v3/notifications.js +++ b/website/server/controllers/api-v3/notifications.js @@ -23,7 +23,9 @@ let api = {}; api.readNotification = { method: 'POST', url: '/notifications/:notificationId/read', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; @@ -65,7 +67,9 @@ api.readNotification = { api.readNotifications = { method: 'POST', url: '/notifications/read', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; @@ -113,7 +117,9 @@ api.readNotifications = { api.seeNotification = { method: 'POST', url: '/notifications/:notificationId/see', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; @@ -162,7 +168,9 @@ api.seeNotification = { api.seeNotifications = { method: 'POST', url: '/notifications/see', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; diff --git a/website/server/controllers/api-v3/pushNotifications.js b/website/server/controllers/api-v3/pushNotifications.js index 05aec2c82b..4d37c4dede 100644 --- a/website/server/controllers/api-v3/pushNotifications.js +++ b/website/server/controllers/api-v3/pushNotifications.js @@ -21,7 +21,9 @@ let api = {}; api.addPushDevice = { method: 'POST', url: '/user/push-devices', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; @@ -64,7 +66,9 @@ api.addPushDevice = { api.removePushDevice = { method: 'DELETE', url: '/user/push-devices/:regId', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; diff --git a/website/server/controllers/api-v3/shops.js b/website/server/controllers/api-v3/shops.js index 32c46bcd9d..11c0c8fac0 100644 --- a/website/server/controllers/api-v3/shops.js +++ b/website/server/controllers/api-v3/shops.js @@ -15,7 +15,9 @@ let api = {}; api.getMarketItems = { method: 'GET', url: '/shops/market', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; @@ -36,7 +38,9 @@ api.getMarketItems = { api.getMarketGear = { method: 'GET', url: '/shops/market-gear', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; @@ -60,7 +64,9 @@ api.getMarketGear = { api.getQuestShopItems = { method: 'GET', url: '/shops/quests', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; @@ -82,7 +88,9 @@ api.getQuestShopItems = { api.getTimeTravelerShopItems = { method: 'GET', url: '/shops/time-travelers', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; @@ -104,7 +112,9 @@ api.getTimeTravelerShopItems = { api.getSeasonalShopItems = { method: 'GET', url: '/shops/seasonal', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; @@ -126,7 +136,9 @@ api.getSeasonalShopItems = { api.getBackgroundShopItems = { method: 'GET', url: '/shops/backgrounds', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; diff --git a/website/server/controllers/api-v3/tags.js b/website/server/controllers/api-v3/tags.js index 9b8ea2a596..520db3edbf 100644 --- a/website/server/controllers/api-v3/tags.js +++ b/website/server/controllers/api-v3/tags.js @@ -38,7 +38,9 @@ let api = {}; api.createTag = { method: 'POST', url: '/tags', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; @@ -64,7 +66,9 @@ api.createTag = { api.getTags = { method: 'GET', url: '/tags', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; res.respond(200, user.tags); @@ -89,7 +93,9 @@ api.getTags = { api.getTag = { method: 'GET', url: '/tags/:tagId', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; @@ -126,7 +132,9 @@ api.getTag = { api.updateTag = { method: 'PUT', url: '/tags/:tagId', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; @@ -168,7 +176,9 @@ api.updateTag = { api.reorderTags = { method: 'POST', url: '/reorder-tags', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; @@ -207,7 +217,9 @@ api.reorderTags = { api.deleteTag = { method: 'DELETE', url: '/tags/:tagId', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], async handler (req, res) { let user = res.locals.user; diff --git a/website/server/controllers/api-v3/webhook.js b/website/server/controllers/api-v3/webhook.js index 1edcddd13d..30455adfb7 100644 --- a/website/server/controllers/api-v3/webhook.js +++ b/website/server/controllers/api-v3/webhook.js @@ -73,7 +73,9 @@ let api = {}; */ api.addWebhook = { method: 'POST', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], url: '/user/webhook', async handler (req, res) { let user = res.locals.user; @@ -133,7 +135,9 @@ api.addWebhook = { */ api.updateWebhook = { method: 'PUT', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], url: '/user/webhook/:id', async handler (req, res) { let user = res.locals.user; @@ -184,7 +188,9 @@ api.updateWebhook = { */ api.deleteWebhook = { method: 'DELETE', - middlewares: [authWithHeaders()], + middlewares: [authWithHeaders({ + userFieldsToExclude: ['inbox'], + })], url: '/user/webhook/:id', async handler (req, res) { let user = res.locals.user;