Files
Verso/services/web/app/src/Features/Editor/EditorRouter.js
T
Alf Eaton a079aa1fae Merge pull request #7251 from overleaf/jpa-convert-doc-to-file-script
[web] convert convert-to-file endpoint into a script

GitOrigin-RevId: 5babebae5df8510b83f09ec4a2bb4064cca5ec75
2022-04-05 12:17:00 +00:00

74 lines
2.5 KiB
JavaScript

const EditorHttpController = require('./EditorHttpController')
const AuthenticationController = require('../Authentication/AuthenticationController')
const AuthorizationMiddleware = require('../Authorization/AuthorizationMiddleware')
const RateLimiterMiddleware = require('../Security/RateLimiterMiddleware')
module.exports = {
apply(webRouter, privateApiRouter) {
webRouter.post(
'/project/:Project_id/doc',
AuthorizationMiddleware.ensureUserCanWriteProjectContent,
RateLimiterMiddleware.rateLimit({
endpointName: 'add-doc-to-project',
params: ['Project_id'],
maxRequests: 30,
timeInterval: 60,
}),
EditorHttpController.addDoc
)
webRouter.post(
'/project/:Project_id/folder',
AuthorizationMiddleware.ensureUserCanWriteProjectContent,
RateLimiterMiddleware.rateLimit({
endpointName: 'add-folder-to-project',
params: ['Project_id'],
maxRequests: 60,
timeInterval: 60,
}),
EditorHttpController.addFolder
)
webRouter.post(
'/project/:Project_id/:entity_type/:entity_id/rename',
AuthorizationMiddleware.ensureUserCanWriteProjectContent,
EditorHttpController.renameEntity
)
webRouter.post(
'/project/:Project_id/:entity_type/:entity_id/move',
AuthorizationMiddleware.ensureUserCanWriteProjectContent,
EditorHttpController.moveEntity
)
webRouter.delete(
'/project/:Project_id/file/:entity_id',
AuthorizationMiddleware.ensureUserCanWriteProjectContent,
EditorHttpController.deleteFile
)
webRouter.delete(
'/project/:Project_id/doc/:entity_id',
AuthorizationMiddleware.ensureUserCanWriteProjectContent,
EditorHttpController.deleteDoc
)
webRouter.delete(
'/project/:Project_id/folder/:entity_id',
AuthorizationMiddleware.ensureUserCanWriteProjectContent,
EditorHttpController.deleteFolder
)
// Called by the real-time API to load up the current project state.
// This is a post request because it's more than just a getting of data. We take actions
// whenever a user joins a project, like updating the deleted status.
privateApiRouter.post(
'/project/:Project_id/join',
AuthenticationController.requirePrivateApiAuth(),
RateLimiterMiddleware.rateLimit({
endpointName: 'join-project',
params: ['Project_id'],
maxRequests: 45,
timeInterval: 60,
}),
EditorHttpController.joinProject
)
},
}