pad.libre-service.eu-etherpad/src/node/padaccess.js

var ERR = require("async-stacktrace");
var securityManager = require('./db/SecurityManager');

//checks for padAccess
module.exports = function (req, res, callback) {

  // FIXME: Why is this ever undefined??
  if (req.cookies === undefined) req.cookies = {};

  securityManager.checkAccess(req.params.pad, req.cookies.sessionid, req.cookies.token, req.cookies.password, function(err, accessObj) {
    if(ERR(err, callback)) return;

    //there is access, continue
    if(accessObj.accessStatus == "grant") {
      callback();
    //no access
    } else {
      res.send(403, "403 - Can't touch this");
    }
  });
}
Moved padreadonly 2012-02-25 00:15:57 +01:00			`var ERR = require("async-stacktrace");`
			`var securityManager = require('./db/SecurityManager');`

			`//checks for padAccess`
			`module.exports = function (req, res, callback) {`

			`// FIXME: Why is this ever undefined??`
			`if (req.cookies === undefined) req.cookies = {};`

			`securityManager.checkAccess(req.params.pad, req.cookies.sessionid, req.cookies.token, req.cookies.password, function(err, accessObj) {`
			`if(ERR(err, callback)) return;`

			`//there is access, continue`
			`if(accessObj.accessStatus == "grant") {`
			`callback();`
			`//no access`
			`} else {`
Fix res.send (migrate to express v3) 2012-09-22 13:51:39 +02:00			`res.send(403, "403 - Can't touch this");`
Moved padreadonly 2012-02-25 00:15:57 +01:00			`}`
			`});`
			`}`