mirror of
https://github.com/sudoxnym/habitica.git
synced 2026-04-14 19:56:23 +00:00
Remove inbox from more routes (#10303)
* remove inbox from some auth routes * remove inbox from quests routes * remove inbox from groups routes
This commit is contained in:
Matteo Pagliazzi
GitHub
parent
ca73b9af41
commit
d34ec62901
3 changed files with 75 additions and 25 deletions
|
|
@ -388,7 +388,9 @@ api.loginSocial = {
|
|||
*/
|
||||
api.pusherAuth = {
|
||||
method: 'POST',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
url: '/user/auth/pusher',
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
|
|
@ -456,7 +458,9 @@ api.pusherAuth = {
|
|||
**/
|
||||
api.updateUsername = {
|
||||
method: 'PUT',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
url: '/user/auth/update-username',
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
|
|
@ -510,7 +514,9 @@ api.updateUsername = {
|
|||
**/
|
||||
api.updatePassword = {
|
||||
method: 'PUT',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
url: '/user/auth/update-password',
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
|
|
@ -620,7 +626,9 @@ api.resetPassword = {
|
|||
*/
|
||||
api.updateEmail = {
|
||||
method: 'PUT',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
url: '/user/auth/update-email',
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
|
|
@ -707,7 +715,9 @@ api.resetPasswordSetNewOne = {
|
|||
api.deleteSocial = {
|
||||
method: 'DELETE',
|
||||
url: '/user/auth/social/:network',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
let network = req.params.network;
|
||||
|
|
|
|||
|
|
@ -109,7 +109,9 @@ let api = {};
|
|||
api.createGroup = {
|
||||
method: 'POST',
|
||||
url: '/groups',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
let group = new Group(Group.sanitize(req.body));
|
||||
|
|
@ -180,7 +182,9 @@ api.createGroup = {
|
|||
api.createGroupPlan = {
|
||||
method: 'POST',
|
||||
url: '/groups/create-plan',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
let group = new Group(Group.sanitize(req.body.groupToCreate));
|
||||
|
|
@ -289,7 +293,9 @@ api.createGroupPlan = {
|
|||
api.getGroups = {
|
||||
method: 'GET',
|
||||
url: '/groups',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
|
||||
|
|
@ -377,7 +383,9 @@ api.getGroups = {
|
|||
api.getGroup = {
|
||||
method: 'GET',
|
||||
url: '/groups/:groupId',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
|
||||
|
|
@ -435,7 +443,9 @@ api.getGroup = {
|
|||
api.updateGroup = {
|
||||
method: 'PUT',
|
||||
url: '/groups/:groupId',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
|
||||
|
|
@ -498,7 +508,9 @@ api.updateGroup = {
|
|||
api.joinGroup = {
|
||||
method: 'POST',
|
||||
url: '/groups/:groupId/join',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
let inviter;
|
||||
|
|
@ -669,7 +681,9 @@ api.joinGroup = {
|
|||
api.rejectGroupInvite = {
|
||||
method: 'POST',
|
||||
url: '/groups/:groupId/reject-invite',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
|
||||
|
|
@ -744,7 +758,9 @@ function _removeMessagesFromMember (member, groupId) {
|
|||
api.leaveGroup = {
|
||||
method: 'POST',
|
||||
url: '/groups/:groupId/leave',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
req.checkParams('groupId', res.t('groupIdRequired')).notEmpty();
|
||||
|
|
@ -831,7 +847,9 @@ function _sendMessageToRemoved (group, removedUser, message, isInGroup) {
|
|||
api.removeGroupMember = {
|
||||
method: 'POST',
|
||||
url: '/groups/:groupId/removeMember/:memberId',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
|
||||
|
|
@ -1149,7 +1167,9 @@ async function _inviteByEmail (invite, group, inviter, req, res) {
|
|||
api.inviteToGroup = {
|
||||
method: 'POST',
|
||||
url: '/groups/:groupId/invite',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
|
||||
|
|
@ -1212,7 +1232,9 @@ api.inviteToGroup = {
|
|||
api.addGroupManager = {
|
||||
method: 'POST',
|
||||
url: '/groups/:groupId/add-manager',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
let managerId = req.body.managerId;
|
||||
|
|
@ -1261,7 +1283,9 @@ api.addGroupManager = {
|
|||
api.removeGroupManager = {
|
||||
method: 'POST',
|
||||
url: '/groups/:groupId/remove-manager',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
let managerId = req.body.managerId;
|
||||
|
|
@ -1314,7 +1338,9 @@ api.removeGroupManager = {
|
|||
api.getGroupPlans = {
|
||||
method: 'GET',
|
||||
url: '/group-plans',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
|
||||
|
|
|
|||
|
|
@ -54,7 +54,9 @@ let api = {};
|
|||
api.inviteToQuest = {
|
||||
method: 'POST',
|
||||
url: '/groups/:groupId/quests/invite/:questKey',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
let questKey = req.params.questKey;
|
||||
|
|
@ -168,7 +170,9 @@ api.inviteToQuest = {
|
|||
api.acceptQuest = {
|
||||
method: 'POST',
|
||||
url: '/groups/:groupId/quests/accept',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
|
||||
|
|
@ -227,7 +231,9 @@ api.acceptQuest = {
|
|||
api.rejectQuest = {
|
||||
method: 'POST',
|
||||
url: '/groups/:groupId/quests/reject',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
|
||||
|
|
@ -290,7 +296,9 @@ api.rejectQuest = {
|
|||
api.forceStart = {
|
||||
method: 'POST',
|
||||
url: '/groups/:groupId/quests/force-start',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
|
||||
|
|
@ -348,7 +356,9 @@ api.forceStart = {
|
|||
api.cancelQuest = {
|
||||
method: 'POST',
|
||||
url: '/groups/:groupId/quests/cancel',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
// Cancel a quest BEFORE it has begun (i.e., in the invitation stage)
|
||||
// Quest scroll has not yet left quest owner's inventory so no need to return it.
|
||||
|
|
@ -402,7 +412,9 @@ api.cancelQuest = {
|
|||
api.abortQuest = {
|
||||
method: 'POST',
|
||||
url: '/groups/:groupId/quests/abort',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
// Abort a quest AFTER it has begun (see questCancel for BEFORE)
|
||||
let user = res.locals.user;
|
||||
|
|
@ -462,7 +474,9 @@ api.abortQuest = {
|
|||
api.leaveQuest = {
|
||||
method: 'POST',
|
||||
url: '/groups/:groupId/quests/leave',
|
||||
middlewares: [authWithHeaders()],
|
||||
middlewares: [authWithHeaders({
|
||||
userFieldsToExclude: ['inbox'],
|
||||
})],
|
||||
async handler (req, res) {
|
||||
let user = res.locals.user;
|
||||
let groupId = req.params.groupId;
|
||||
|
|
|
|||
Loading…
Reference in a new issue