Commit 224cd5cd authored by katjaq's avatar katjaq
Browse files

Merge remote-tracking branch 'OpenNeuroLab/master' into CONTRIBUTINGmd

parents 5d684917 b8eee723
machine:
node:
version: 6.3.1
hosts:
localhost: 127.0.0.1
jobs:
build:
docker:
- image: circleci/node:6.10.3
- image: circleci/mongo:3.4.4
steps:
- checkout
- run: npm install
- run:
name: Instantiate github-keys.json
command: 'echo "{ \"clientID\": \"$GITHUB_CLIENT_ID\", \"clientSecret\": \"$GITHUB_CLIENT_SECRET\", \"callbackURL\": \"$GITHUB_CALLBACK_URL\"}">github-keys.json'
- run:
name: Instantiate blacklist
command: 'mv blacklist.json.example blacklist.json'
- run:
name: Instantiate whitelist
command: 'echo "{}" > whitelist.json'
- run:
name: Run server in background
command: 'npm start'
background: true
- run: sleep 5
[![CircleCI](https://circleci.com/gh/OpenNeuroLab/BrainBox/tree/master.svg?style=shield)](https://circleci.com/gh/OpenNeuroLab/BrainBox/tree/master) [![Join the chat at https://gitter.im/OpenNeuroLab/BrainBox](https://badges.gitter.im/Join%20Chat.svg)](https://gitter.im/OpenNeuroLab/BrainBox?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
# BrainBox - An application from the [Open Neuroimaging Laboratory](http://openneu.ro/)
BrainBox is a web application that lets you annotate and segment 3D brain
......
{
"1.2.3.4": true,
"2.3.4.5": true
"1.2.3.4": true,
"2.3.4.5": true
}
......@@ -11,10 +11,10 @@ router.post('/json', controller.validator_post, tokenAuthentication, controller.
router.get('/upload', uploadController.token);
router.post('/upload',
multer({dest: './tmp/'}).array('atlas'),
uploadController.validator,
uploadController.other_validations,
uploadController.upload);
multer({dest: './tmp/'}).array('atlas'),
uploadController.validator,
uploadController.other_validations,
uploadController.upload);
router.get('/reset', controller.reset);
......
......@@ -20,12 +20,12 @@ const DOMPurify = createDOMPurify(window);
const validator = function (req, res, next) {
req.checkParams('projectName', 'incorrect project name').isAlphanumeric();
// Req.checkQuery('url', 'please enter a valid URL')
// .isURL();
// Req.checkQuery('url', 'please enter a valid URL')
// .isURL();
// req.checkQuery('var', 'please enter one of the variables that are indicated')
// .optional()
// .matches("localpath|filename|source|url|dim|pixdim"); //todo: decent regexp
// req.checkQuery('var', 'please enter one of the variables that are indicated')
// .optional()
// .matches("localpath|filename|source|url|dim|pixdim"); //todo: decent regexp
const errors = req.validationErrors();
if (errors) {
res.send(errors).status(403).end();
......@@ -192,9 +192,9 @@ const isProjectObject = function (req, res, object) {
* @param {Object} res Res object from express
*/
const project = function (req, res) {
const login = (req.isAuthenticated()) ?
('<a href=\'/user/' + req.user.username + '\'>' + req.user.username + '</a> (<a href=\'/logout\'>Log Out</a>)') :
('<a href=\'/auth/github\'>Log in with GitHub</a>');
const login = (req.isAuthenticated()) ?
('<a href=\'/user/' + req.user.username + '\'>' + req.user.username + '</a> (<a href=\'/logout\'>Log Out</a>)') :
('<a href=\'/auth/github\'>Log in with GitHub</a>');
let loggedUser = 'anonymous';
if (req.isAuthenticated()) {
loggedUser = req.user.username;
......@@ -207,7 +207,7 @@ const project = function (req, res) {
req.session.returnTo = req.originalUrl;
req.db.get('project').findOne({shortname: req.params.projectName, backup: {$exists: 0}}, '-_id')
.then(json => {
.then(json => {
if (json) {
// Check that the logged user has access to view this project
if (checkAccess.toProject(json, loggedUser, 'view') === false) {
......@@ -223,7 +223,7 @@ const project = function (req, res) {
login
});
} else {
res.status(404).send('Project Not Found');
res.status(404).send('Project Not Found');
}
});
};
......@@ -245,7 +245,7 @@ const api_project = function (req, res) {
}
req.db.get('project').findOne({shortname: req.params.projectName, backup: {$exists: 0}}, '-_id')
.then(json => {
.then(json => {
if (json) {
// Check that the logged user has access to view this project
if (checkAccess.toProject(json, loggedUser, 'view') === false) {
......@@ -344,7 +344,7 @@ const settings = function (req, res) {
req.session.returnTo = req.originalUrl;
req.db.get('project').findOne({shortname: req.params.projectName, backup: {$exists: 0}}, '-_id')
.then(json => {
.then(json => {
if (json) {
// Check that the logged user has access to view this project
if (checkAccess.toProject(json, loggedUser, 'view') === false) {
......@@ -352,7 +352,7 @@ const settings = function (req, res) {
return;
}
} else {
json = {
json = {
name: '',
shortname: req.params.projectName,
url: '',
......
......@@ -4,18 +4,18 @@ const checkAccess = require('../../js/checkAccess.js');
const dataSlices = require('../../js/dataSlices.js');
const validator = function (req, res, next) {
// UserName can be an ip address (for anonymous users)
// UserName can be an ip address (for anonymous users)
/*
req.checkParams('userName', 'incorrect user name').isAlphanumeric();
var errors = req.validationErrors();
console.log(errors);
if (errors) {
res.send(errors).status(403).end();
} else {
return next();
}
*/
/*
req.checkParams('userName', 'incorrect user name').isAlphanumeric();
var errors = req.validationErrors();
console.log(errors);
if (errors) {
res.send(errors).status(403).end();
} else {
return next();
}
*/
next();
};
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment