|
|
@@ -1,5 +1,4 @@
|
|
|
import { SCOPE } from '@growi/core/dist/interfaces';
|
|
|
-import csrf from 'csurf';
|
|
|
import express from 'express';
|
|
|
|
|
|
import { middlewareFactory as rateLimiterFactory } from '~/features/rate-limiter';
|
|
|
@@ -26,8 +25,6 @@ import * as userActivation from './user-activation';
|
|
|
const multer = require('multer');
|
|
|
const autoReap = require('multer-autoreap');
|
|
|
|
|
|
-const csrfProtection = csrf({ cookie: false });
|
|
|
-
|
|
|
autoReap.options.reapOnError = true; // continue reaping the file even if an error occurs
|
|
|
|
|
|
/** @param {import('~/server/crowi').default} crowi Crowi instance */
|
|
|
@@ -105,12 +102,12 @@ module.exports = function(crowi, app) {
|
|
|
app.post('/_api/login/testLdap' , accessTokenParser([SCOPE.WRITE.USER_SETTINGS.EXTERNAL_ACCOUNT]), loginRequiredStrictly , loginFormValidator.loginRules() , loginFormValidator.loginValidation , loginPassport.testLdapCredentials);
|
|
|
|
|
|
// importer management for admin
|
|
|
- app.post('/_api/admin/settings/importerEsa' , accessTokenParser([SCOPE.WRITE.ADMIN.IMPORT_DATA]), loginRequiredStrictly , adminRequired , csrfProtection, addActivity, admin.importer.api.validators.importer.esa(),admin.api.importerSettingEsa);
|
|
|
- app.post('/_api/admin/settings/importerQiita' , accessTokenParser([SCOPE.WRITE.ADMIN.IMPORT_DATA]), loginRequiredStrictly , adminRequired , csrfProtection, addActivity, admin.importer.api.validators.importer.qiita(), admin.api.importerSettingQiita);
|
|
|
- app.post('/_api/admin/import/esa' , accessTokenParser([SCOPE.WRITE.ADMIN.IMPORT_DATA]), loginRequiredStrictly , adminRequired , csrfProtection, addActivity, admin.api.importDataFromEsa);
|
|
|
- app.post('/_api/admin/import/testEsaAPI' , accessTokenParser([SCOPE.WRITE.ADMIN.IMPORT_DATA]), loginRequiredStrictly , adminRequired , csrfProtection, addActivity, admin.api.testEsaAPI);
|
|
|
- app.post('/_api/admin/import/qiita' , accessTokenParser([SCOPE.WRITE.ADMIN.IMPORT_DATA]), loginRequiredStrictly , adminRequired , csrfProtection, addActivity, admin.api.importDataFromQiita);
|
|
|
- app.post('/_api/admin/import/testQiitaAPI' , accessTokenParser([SCOPE.WRITE.ADMIN.IMPORT_DATA]), loginRequiredStrictly , adminRequired , csrfProtection, addActivity, admin.api.testQiitaAPI);
|
|
|
+ app.post('/_api/admin/settings/importerEsa' , accessTokenParser([SCOPE.WRITE.ADMIN.IMPORT_DATA]), loginRequiredStrictly , adminRequired , addActivity, admin.importer.api.validators.importer.esa(),admin.api.importerSettingEsa);
|
|
|
+ app.post('/_api/admin/settings/importerQiita' , accessTokenParser([SCOPE.WRITE.ADMIN.IMPORT_DATA]), loginRequiredStrictly , adminRequired , addActivity, admin.importer.api.validators.importer.qiita(), admin.api.importerSettingQiita);
|
|
|
+ app.post('/_api/admin/import/esa' , accessTokenParser([SCOPE.WRITE.ADMIN.IMPORT_DATA]), loginRequiredStrictly , adminRequired , addActivity, admin.api.importDataFromEsa);
|
|
|
+ app.post('/_api/admin/import/testEsaAPI' , accessTokenParser([SCOPE.WRITE.ADMIN.IMPORT_DATA]), loginRequiredStrictly , adminRequired , addActivity, admin.api.testEsaAPI);
|
|
|
+ app.post('/_api/admin/import/qiita' , accessTokenParser([SCOPE.WRITE.ADMIN.IMPORT_DATA]), loginRequiredStrictly , adminRequired , addActivity, admin.api.importDataFromQiita);
|
|
|
+ app.post('/_api/admin/import/testQiitaAPI' , accessTokenParser([SCOPE.WRITE.ADMIN.IMPORT_DATA]), loginRequiredStrictly , adminRequired , addActivity, admin.api.testQiitaAPI);
|
|
|
|
|
|
// brand logo
|
|
|
app.use('/attachment', attachment.getBrandLogoRouterFactory(crowi));
|
Yuki Takei