start removing inbox from some routes (#10259)

2025-12-17 06:37:23 +01:00 · 2018-04-16 18:43:09 +02:00
parent a1c9ebd661
commit 76a10d6cf9
6 changed files with 69 additions and 23 deletions
--- a/website/server/controllers/api-v3/hall.js
+++ b/website/server/controllers/api-v3/hall.js
@@ -60,7 +60,9 @@ let api = {};
 api.getPatrons = {
  method: 'GET',
  url: '/hall/patrons',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    req.checkQuery('page', res.t('pageMustBeNumber')).optional().isNumeric();

@@ -120,7 +122,9 @@ api.getPatrons = {
 api.getHeroes = {
  method: 'GET',
  url: '/hall/heroes',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let heroes = await User
      .find({
--- a/website/server/controllers/api-v3/notifications.js
+++ b/website/server/controllers/api-v3/notifications.js
@@ -23,7 +23,9 @@ let api = {};
 api.readNotification = {
  method: 'POST',
  url: '/notifications/:notificationId/read',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

@@ -65,7 +67,9 @@ api.readNotification = {
 api.readNotifications = {
  method: 'POST',
  url: '/notifications/read',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

@@ -113,7 +117,9 @@ api.readNotifications = {
 api.seeNotification = {
  method: 'POST',
  url: '/notifications/:notificationId/see',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

@@ -162,7 +168,9 @@ api.seeNotification = {
 api.seeNotifications = {
  method: 'POST',
  url: '/notifications/see',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

--- a/website/server/controllers/api-v3/pushNotifications.js
+++ b/website/server/controllers/api-v3/pushNotifications.js
@@ -21,7 +21,9 @@ let api = {};
 api.addPushDevice = {
  method: 'POST',
  url: '/user/push-devices',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

@@ -64,7 +66,9 @@ api.addPushDevice = {
 api.removePushDevice = {
  method: 'DELETE',
  url: '/user/push-devices/:regId',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

--- a/website/server/controllers/api-v3/shops.js
+++ b/website/server/controllers/api-v3/shops.js
@@ -15,7 +15,9 @@ let api = {};
 api.getMarketItems = {
  method: 'GET',
  url: '/shops/market',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

@@ -36,7 +38,9 @@ api.getMarketItems = {
 api.getMarketGear = {
  method: 'GET',
  url: '/shops/market-gear',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

@@ -60,7 +64,9 @@ api.getMarketGear = {
 api.getQuestShopItems = {
  method: 'GET',
  url: '/shops/quests',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

@@ -82,7 +88,9 @@ api.getQuestShopItems = {
 api.getTimeTravelerShopItems = {
  method: 'GET',
  url: '/shops/time-travelers',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

@@ -104,7 +112,9 @@ api.getTimeTravelerShopItems = {
 api.getSeasonalShopItems = {
  method: 'GET',
  url: '/shops/seasonal',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

@@ -126,7 +136,9 @@ api.getSeasonalShopItems = {
 api.getBackgroundShopItems = {
  method: 'GET',
  url: '/shops/backgrounds',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

--- a/website/server/controllers/api-v3/tags.js
+++ b/website/server/controllers/api-v3/tags.js
@@ -38,7 +38,9 @@ let api = {};
 api.createTag = {
  method: 'POST',
  url: '/tags',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

@@ -64,7 +66,9 @@ api.createTag = {
 api.getTags = {
  method: 'GET',
  url: '/tags',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;
    res.respond(200, user.tags);
@@ -89,7 +93,9 @@ api.getTags = {
 api.getTag = {
  method: 'GET',
  url: '/tags/:tagId',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

@@ -126,7 +132,9 @@ api.getTag = {
 api.updateTag = {
  method: 'PUT',
  url: '/tags/:tagId',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

@@ -168,7 +176,9 @@ api.updateTag = {
 api.reorderTags = {
  method: 'POST',
  url: '/reorder-tags',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

@@ -207,7 +217,9 @@ api.reorderTags = {
 api.deleteTag = {
  method: 'DELETE',
  url: '/tags/:tagId',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  async handler (req, res) {
    let user = res.locals.user;

--- a/website/server/controllers/api-v3/webhook.js
+++ b/website/server/controllers/api-v3/webhook.js
@@ -73,7 +73,9 @@ let api = {};
 */
 api.addWebhook = {
  method: 'POST',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  url: '/user/webhook',
  async handler (req, res) {
    let user = res.locals.user;
@@ -133,7 +135,9 @@ api.addWebhook = {
 */
 api.updateWebhook = {
  method: 'PUT',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  url: '/user/webhook/:id',
  async handler (req, res) {
    let user = res.locals.user;
@@ -184,7 +188,9 @@ api.updateWebhook = {
 */
 api.deleteWebhook = {
  method: 'DELETE',
-  middlewares: [authWithHeaders()],
+  middlewares: [authWithHeaders({
+    userFieldsToExclude: ['inbox'],
+  })],
  url: '/user/webhook/:id',
  async handler (req, res) {
    let user = res.locals.user;