routes/api/tree.js

"use strict";

const express = require('express');
const router = express.Router();
const sql = require('../../services/sql');
const options = require('../../services/options');
const utils = require('../../services/utils');
const auth = require('../../services/auth');
const log = require('../../services/log');
const protected_session = require('../../services/protected_session');
const data_encryption = require('../../services/data_encryption');
const notes = require('../../services/notes');

router.get('/', auth.checkApiAuth, async (req, res, next) => {
    const notes = await sql.getResults("select "
        + "notes_tree.*, "
        + "notes.note_title, "
        + "notes.is_protected "
        + "from notes_tree "
        + "join notes on notes.note_id = notes_tree.note_id "
        + "where notes.is_deleted = 0 and notes_tree.is_deleted = 0 "
        + "order by note_pid, note_pos");

    const dataKey = protected_session.getDataKey(req);

    for (const note of notes) {
        if (note.is_protected) {
            note.note_title = data_encryption.decryptString(dataKey, data_encryption.noteTitleIv(note.note_id), note.note_title);
        }
    }

    res.send({
        notes: notes,
        start_note_tree_id: await options.getOption('start_note_tree_id'),
        tree_load_time: utils.nowTimestamp()
    });
});

router.put('/:noteId/protectSubTree/:isProtected', auth.checkApiAuth, async (req, res, next) => {
    const noteId = req.params.noteId;
    const isProtected = !!parseInt(req.params.isProtected);
    const dataKey = protected_session.getDataKey(req);

    await sql.doInTransaction(async () => {
        await notes.protectNoteRecursively(noteId, dataKey, isProtected);
    });

    res.send({});
});

module.exports = router;
use strict in all JS files 2017-10-21 21:10:33 -04:00			`"use strict";`

backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`const express = require('express');`
			`const router = express.Router();`
reorganization of source code 2017-10-15 19:47:05 -04:00			`const sql = require('../../services/sql');`
sync of options 2017-11-02 20:48:02 -04:00			`const options = require('../../services/options');`
reorganization of source code 2017-10-15 19:47:05 -04:00			`const utils = require('../../services/utils');`
			`const auth = require('../../services/auth');`
sync fixes 2017-11-05 20:37:25 -05:00			`const log = require('../../services/log');`
server side encryption WIP 2017-11-10 22:55:19 -05:00			`const protected_session = require('../../services/protected_session');`
			`const data_encryption = require('../../services/data_encryption');`
protect/unprotect subtree 2017-11-15 00:04:26 -05:00			`const notes = require('../../services/notes');`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
node authentication 2017-10-15 16:32:49 -04:00			`router.get('/', auth.checkApiAuth, async (req, res, next) => {`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`const notes = await sql.getResults("select "`
			`+ "notes_tree.*, "`
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`+ "notes.note_title, "`
			`+ "notes.is_protected "`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`+ "from notes_tree "`
			`+ "join notes on notes.note_id = notes_tree.note_id "`
notes_tree is now soft deleted as well 2017-10-24 22:58:59 -04:00			`+ "where notes.is_deleted = 0 and notes_tree.is_deleted = 0 "`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`+ "order by note_pid, note_pos");`

server side encryption WIP 2017-11-10 22:55:19 -05:00			`const dataKey = protected_session.getDataKey(req);`

backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`for (const note of notes) {`
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`if (note.is_protected) {`
cleaned up "CBC" from methods since we don't have CTR 2017-11-18 12:53:17 -05:00			`note.note_title = data_encryption.decryptString(dataKey, data_encryption.noteTitleIv(note.note_id), note.note_title);`
server side encryption WIP 2017-11-10 22:55:19 -05:00			`}`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`}`

			`res.send({`
notes_tree now has note_tree_id so we stricly distinguish between working on notes or note trees 2017-11-18 17:05:50 -05:00			`notes: notes,`
			`start_note_tree_id: await options.getOption('start_note_tree_id'),`
sync fixes 2017-11-05 20:37:25 -05:00			`tree_load_time: utils.nowTimestamp()`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`});`
			`});`

protect/unprotect subtree 2017-11-15 00:04:26 -05:00			`router.put('/:noteId/protectSubTree/:isProtected', auth.checkApiAuth, async (req, res, next) => {`
			`const noteId = req.params.noteId;`
			`const isProtected = !!parseInt(req.params.isProtected);`
			`const dataKey = protected_session.getDataKey(req);`

			`await sql.doInTransaction(async () => {`
			`await notes.protectNoteRecursively(noteId, dataKey, isProtected);`
			`});`

			`res.send({});`
			`});`

backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`module.exports = router;`