routes/api/notes.js

"use strict";

const express = require('express');
const router = express.Router();
const auth = require('../../services/auth');
const sql = require('../../services/sql');
const utils = require('../../services/utils');
const notes = require('../../services/notes');
const protected_session = require('../../services/protected_session');
const data_encryption = require('../../services/data_encryption');
const RequestContext = require('../../services/request_context');

router.get('/:noteId', auth.checkApiAuth, async (req, res, next) => {
    const noteId = req.params.noteId;

    const detail = await sql.getSingleResult("SELECT * FROM notes WHERE note_id = ?", [noteId]);

    if (detail.is_protected) {
        const dataKey = protected_session.getDataKey(req);

        detail.note_title = data_encryption.decryptString(dataKey, data_encryption.noteTitleIv(detail.note_id), detail.note_title);
        detail.note_text = data_encryption.decryptString(dataKey, data_encryption.noteTextIv(detail.note_id), detail.note_text);
    }

    res.send({
        detail: detail,
        images: await sql.getResults("SELECT * FROM images WHERE note_id = ? order by note_offset", [detail.note_id]),
        loadTime: utils.nowTimestamp()
    });
});

router.post('/:parentNoteTreeId/children', async (req, res, next) => {
    const parentNoteTreeId = req.params.parentNoteTreeId;
    const browserId = utils.browserId(req);
    const note = req.body;

    const { noteId, noteTreeId } = await notes.createNewNote(parentNoteTreeId, note, browserId);

    res.send({
        'note_id': noteId,
        'note_tree_id': noteTreeId
    });
});

router.put('/:noteId', async (req, res, next) => {
    const note = req.body;
    const noteId = req.params.noteId;
    const reqCtx = new RequestContext(req);

    await notes.updateNote(noteId, note, reqCtx);

    res.send({});
});

router.delete('/:noteTreeId', async (req, res, next) => {
    const browserId = utils.browserId(req);

    await sql.doInTransaction(async () => {
        await notes.deleteNote(req.params.noteTreeId, browserId);
    });

    res.send({});
});

router.get('/', async (req, res, next) => {
    const search = '%' + req.query.search + '%';

    const result = await sql.getResults("SELECT note_id FROM notes WHERE note_title liKE ? OR note_text LIKE ?", [search, search]);

    const noteIdList = [];

    for (const res of result) {
        noteIdList.push(res.note_id);
    }

    res.send(noteIdList);
});

module.exports = router;
use strict in all JS files 2017-10-21 21:10:33 -04:00			`"use strict";`

backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`const express = require('express');`
			`const router = express.Router();`
more granular detection of changes which forces less disruptive realoding. Refactoring of audit functions 2017-11-05 10:41:54 -05:00			`const auth = require('../../services/auth');`
reorganization of source code 2017-10-15 19:47:05 -04:00			`const sql = require('../../services/sql');`
			`const utils = require('../../services/utils');`
more granular detection of changes which forces less disruptive realoding. Refactoring of audit functions 2017-11-05 10:41:54 -05:00			`const notes = require('../../services/notes');`
server side encryption WIP 2017-11-12 21:40:26 -05:00			`const protected_session = require('../../services/protected_session');`
			`const data_encryption = require('../../services/data_encryption');`
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`const RequestContext = require('../../services/request_context');`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
node authentication 2017-10-15 16:32:49 -04:00			`router.get('/:noteId', auth.checkApiAuth, async (req, res, next) => {`
protect/unprotect subtree 2017-11-15 00:04:26 -05:00			`const noteId = req.params.noteId;`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
unified SQL syntax to uppercase 2017-11-20 23:51:28 -05:00			`const detail = await sql.getSingleResult("SELECT * FROM notes WHERE note_id = ?", [noteId]);`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`if (detail.is_protected) {`
server side encryption WIP 2017-11-12 21:40:26 -05:00			`const dataKey = protected_session.getDataKey(req);`

notes_tree now has note_tree_id so we stricly distinguish between working on notes or note trees 2017-11-18 17:05:50 -05:00			`detail.note_title = data_encryption.decryptString(dataKey, data_encryption.noteTitleIv(detail.note_id), detail.note_title);`
			`detail.note_text = data_encryption.decryptString(dataKey, data_encryption.noteTextIv(detail.note_id), detail.note_text);`
server side encryption WIP 2017-11-12 21:40:26 -05:00			`}`

backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`res.send({`
fixed unloading the encrypted page after encryption timeout by simply reloading the app completely plus some unrelated refactorings 2017-11-04 21:02:56 -04:00			`detail: detail,`
unified SQL syntax to uppercase 2017-11-20 23:51:28 -05:00			`images: await sql.getResults("SELECT * FROM images WHERE note_id = ? order by note_offset", [detail.note_id]),`
fixed unloading the encrypted page after encryption timeout by simply reloading the app completely plus some unrelated refactorings 2017-11-04 21:02:56 -04:00			`loadTime: utils.nowTimestamp()`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`});`
			`});`

notes_tree now has note_tree_id so we stricly distinguish between working on notes or note trees 2017-11-18 17:05:50 -05:00			`router.post('/:parentNoteTreeId/children', async (req, res, next) => {`
			`const parentNoteTreeId = req.params.parentNoteTreeId;`
more granular detection of changes which forces less disruptive realoding. Refactoring of audit functions 2017-11-05 10:41:54 -05:00			`const browserId = utils.browserId(req);`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`const note = req.body;`

notes_tree now has note_tree_id so we stricly distinguish between working on notes or note trees 2017-11-18 17:05:50 -05:00			`const { noteId, noteTreeId } = await notes.createNewNote(parentNoteTreeId, note, browserId);`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
more granular detection of changes which forces less disruptive realoding. Refactoring of audit functions 2017-11-05 10:41:54 -05:00			`res.send({`
notes_tree now has note_tree_id so we stricly distinguish between working on notes or note trees 2017-11-18 17:05:50 -05:00			`'note_id': noteId,`
			`'note_tree_id': noteTreeId`
better transaction handling with rollback on exception 2017-10-29 18:50:28 -04:00			`});`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`});`

more granular detection of changes which forces less disruptive realoding. Refactoring of audit functions 2017-11-05 10:41:54 -05:00			`router.put('/:noteId', async (req, res, next) => {`
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`const note = req.body;`
protect/unprotect subtree 2017-11-15 00:04:26 -05:00			`const noteId = req.params.noteId;`
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`const reqCtx = new RequestContext(req);`
more granular detection of changes which forces less disruptive realoding. Refactoring of audit functions 2017-11-05 10:41:54 -05:00
server side WIP - saving encrypted note now works, changing terminology of "encrypted note" to "protected note" 2017-11-14 21:54:12 -05:00			`await notes.updateNote(noteId, note, reqCtx);`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
			`res.send({});`
			`});`

fix deleting notes 2017-11-19 23:12:39 -05:00			`router.delete('/:noteTreeId', async (req, res, next) => {`
more granular detection of changes which forces less disruptive realoding. Refactoring of audit functions 2017-11-05 10:41:54 -05:00			`const browserId = utils.browserId(req);`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
better transaction handling with rollback on exception 2017-10-29 18:50:28 -04:00			`await sql.doInTransaction(async () => {`
fix deleting notes 2017-11-19 23:12:39 -05:00			`await notes.deleteNote(req.params.noteTreeId, browserId);`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`});`

more granular detection of changes which forces less disruptive realoding. Refactoring of audit functions 2017-11-05 10:41:54 -05:00			`res.send({});`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`});`

			`router.get('/', async (req, res, next) => {`
			`const search = '%' + req.query.search + '%';`

unified SQL syntax to uppercase 2017-11-20 23:51:28 -05:00			`const result = await sql.getResults("SELECT note_id FROM notes WHERE note_title liKE ? OR note_text LIKE ?", [search, search]);`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00
			`const noteIdList = [];`

			`for (const res of result) {`
added sourceId to sync, fixes to sync etc. 2017-10-31 00:15:49 -04:00			`noteIdList.push(res.note_id);`
backend ported to node.js (work in progress) 2017-10-14 23:31:44 -04:00			`}`

			`res.send(noteIdList);`
			`});`

			`module.exports = router;`