пре 5 година · ac03e8d43b
--- a/src/server/routes/apiv3/attachment.js
+++ b/src/server/routes/apiv3/attachment.js
@@ -6,6 +6,7 @@ const express = require('express');
 
				 
			
 
				 const router = express.Router();
			
 
				 const { query } = require('express-validator');
			
 
				+const { serializeUserSecurely } = require('../../models/serializers/user-serializer');
			
 
				 
			
 
				 const ErrorV3 = require('../../models/vo/error-apiv3');
			
 
				 
			
@@ -69,15 +70,13 @@ module.exports = (crowi) => {
 
				         {
			
 
				           limit,
			
 
				           offset,
			
 
				-          populate: {
			
 
				-            path: 'creator',
			
 
				-            select: User.USER_PUBLIC_FIELDS,
			
 
				-          },
			
 
				+          populate: 'creator',
			
 
				         },
			
 
				       );
			
 
				+
			
 
				       paginateResult.docs.forEach((doc) => {
			
 
				         if (doc.creator != null && doc.creator instanceof User) {
			
 
				-          doc.creator = doc.creator.toObject();
			
 
				+          doc.creator = serializeUserSecurely(doc.creator);
			
 
				         }
			
 
				       });
			
 
				 
			
--- a/src/server/routes/apiv3/bookmarks.js
+++ b/src/server/routes/apiv3/bookmarks.js
@@ -213,11 +213,10 @@ module.exports = (crowi) => {
 
				         },
			
 
				       );
			
 
				 
			
 
				-      // serialize user
			
 
				-      paginationResult.docs = paginationResult.docs.map((doc) => {
			
 
				-        const serializedDoc = doc;
			
 
				-        serializedDoc.page.lastUpdateUser = serializeUserSecurely(doc.page.lastUpdateUser);
			
 
				-        return serializedDoc;
			
 
				+      paginationResult.docs.forEach((doc) => {
			
 
				+        if (doc.page.lastUpdateUser != null && doc.page.lastUpdateUser instanceof User) {
			
 
				+          doc.page.lastUpdateUser = serializeUserSecurely(doc.page.lastUpdateUser);
			
 
				+        }
			
 
				       });
			
 
				 
			
 
				       return res.apiv3({ paginationResult });
			
--- a/src/server/routes/comment.js
+++ b/src/server/routes/comment.js
@@ -133,13 +133,13 @@ module.exports = function(crowi, app) {
 
				     }
			
 
				 
			
 
				     const comments = await fetcher.populate('creator');
			
 
				-    const serializedComments = comments.map((comment) => {
			
 
				-      const serializedComment = comment;
			
 
				-      serializedComment.creator = serializeUserSecurely(comment.creator);
			
 
				-      return serializedComment;
			
 
				+    comments.forEach((comment) => {
			
 
				+      if (comment.creator != null && comment.creator instanceof User) {
			
 
				+        comment.creator = serializeUserSecurely(comment.creator);
			
 
				+      }
			
 
				     });
			
 
				 
			
 
				-    res.json(ApiResponse.success({ comments: serializedComments }));
			
 
				+    res.json(ApiResponse.success({ comments }));
			
 
				   };
			
 
				 
			
 
				   api.validators.add = function() {