|
|
@@ -22,7 +22,7 @@ module.exports = function(crowi, app) {
|
|
|
const MAX_PAGE_LIST = 50;
|
|
|
const actions = {};
|
|
|
|
|
|
- const { check } = require('express-validator');
|
|
|
+ const { check, param } = require('express-validator');
|
|
|
|
|
|
const api = {};
|
|
|
|
|
|
@@ -316,14 +316,33 @@ module.exports = function(crowi, app) {
|
|
|
|
|
|
// Export management
|
|
|
actions.export = {};
|
|
|
+ actions.export.api = api;
|
|
|
+
|
|
|
+ // api.validators = {};
|
|
|
+ api.validators.export = {};
|
|
|
+
|
|
|
actions.export.index = (req, res) => {
|
|
|
return res.render('admin/export');
|
|
|
};
|
|
|
|
|
|
+ api.validators.export.download = function() {
|
|
|
+ const validator = [
|
|
|
+ param('fileName').not().contains('../'),
|
|
|
+ ];
|
|
|
+ return validator;
|
|
|
+ };
|
|
|
+
|
|
|
actions.export.download = (req, res) => {
|
|
|
+ console.log(req.params);
|
|
|
// TODO: add express validator
|
|
|
const { fileName } = req.params;
|
|
|
|
|
|
+ const { validationResult } = require('express-validator');
|
|
|
+ const errors = validationResult(req);
|
|
|
+ if (!errors.isEmpty()) {
|
|
|
+ return res.status(422).json({ errors: 'Unprocessable entity' });
|
|
|
+ }
|
|
|
+
|
|
|
try {
|
|
|
const zipFile = exportService.getFile(fileName);
|
|
|
return res.download(zipFile);
|
zamis