Update controllers to use new user model

server/controllers/AuthorController.js

@@ -24,7 +24,7 @@ class AuthorController {
 
     // Used on author landing page to include library items and items grouped in series
     if (include.includes('items')) {
-      authorJson.libraryItems = await Database.libraryItemModel.getForAuthor(req.author, req.user)
+      authorJson.libraryItems = await Database.libraryItemModel.getForAuthor(req.author, req.userNew)
 
       if (include.includes('series')) {
         const seriesMap = {}
@@ -222,8 +222,8 @@ class AuthorController {
    * @param {import('express').Response} res
    */
   async uploadImage(req, res) {
-    if (!req.user.canUpload) {
-      Logger.warn('User attempted to upload an image without permission', req.user)
+    if (!req.userNew.canUpload) {
+      Logger.warn(`User "${req.userNew.username}" attempted to upload an image without permission`)
       return res.sendStatus(403)
     }
     if (!req.body.url) {
@@ -362,11 +362,11 @@ class AuthorController {
     const author = await Database.authorModel.getOldById(req.params.id)
     if (!author) return res.sendStatus(404)
 
-    if (req.method == 'DELETE' && !req.user.canDelete) {
-      Logger.warn(`[AuthorController] User attempted to delete without permission`, req.user)
+    if (req.method == 'DELETE' && !req.userNew.canDelete) {
+      Logger.warn(`[AuthorController] User "${req.userNew.username}" attempted to delete without permission`)
       return res.sendStatus(403)
     } else if ((req.method == 'PATCH' || req.method == 'POST') && !req.user.canUpdate) {
-      Logger.warn('[AuthorController] User attempted to update without permission', req.user)
+      Logger.warn(`[AuthorController] User "${req.userNew.username}" attempted to update without permission`)
       return res.sendStatus(403)
     }
 

server/controllers/BackupController.js

@@ -113,8 +113,8 @@ class BackupController {
   }
 
   middleware(req, res, next) {
-    if (!req.user.isAdminOrUp) {
-      Logger.error(`[BackupController] Non-admin user attempting to access backups`, req.user)
+    if (!req.userNew.isAdminOrUp) {
+      Logger.error(`[BackupController] Non-admin user "${req.userNew.username}" attempting to access backups`)
       return res.sendStatus(403)
     }
 

server/controllers/CacheController.js

@@ -1,11 +1,11 @@
 const CacheManager = require('../managers/CacheManager')
 
 class CacheController {
-  constructor() { }
+  constructor() {}
 
   // POST: api/cache/purge
   async purgeCache(req, res) {
-    if (!req.user.isAdminOrUp) {
+    if (!req.userNew.isAdminOrUp) {
       return res.sendStatus(403)
     }
     await CacheManager.purgeAll()
@@ -14,11 +14,11 @@ class CacheController {
 
   // POST: api/cache/items/purge
   async purgeItemsCache(req, res) {
-    if (!req.user.isAdminOrUp) {
+    if (!req.userNew.isAdminOrUp) {
       return res.sendStatus(403)
     }
     await CacheManager.purgeItems()
     res.sendStatus(200)
   }
 }
-module.exports = new CacheController()
+module.exports = new CacheController()

server/controllers/CollectionController.js

@@ -6,17 +6,17 @@ const Database = require('../Database')
 const Collection = require('../objects/Collection')
 
 class CollectionController {
-  constructor() { }
+  constructor() {}
 
   /**
    * POST: /api/collections
    * Create new collection
-   * @param {*} req 
-   * @param {*} res 
+   * @param {*} req
+   * @param {*} res
    */
   async create(req, res) {
     const newCollection = new Collection()
-    req.body.userId = req.user.id
+    req.body.userId = req.userNew.id
     if (!newCollection.setData(req.body)) {
       return res.status(400).send('Invalid collection data')
     }
@@ -31,7 +31,7 @@ class CollectionController {
     let order = 1
     const collectionBooksToAdd = []
     for (const libraryItemId of newCollection.books) {
-      const libraryItem = libraryItemsInCollection.find(li => li.id === libraryItemId)
+      const libraryItem = libraryItemsInCollection.find((li) => li.id === libraryItemId)
       if (libraryItem) {
         collectionBooksToAdd.push({
           collectionId: newCollection.id,
@@ -50,7 +50,7 @@ class CollectionController {
   }
 
   async findAll(req, res) {
-    const collectionsExpanded = await Database.collectionModel.getOldCollectionsJsonExpanded(req.user)
+    const collectionsExpanded = await Database.collectionModel.getOldCollectionsJsonExpanded(req.userNew)
     res.json({
       collections: collectionsExpanded
     })
@@ -59,7 +59,7 @@ class CollectionController {
   async findOne(req, res) {
     const includeEntities = (req.query.include || '').split(',')
 
-    const collectionExpanded = await req.collection.getOldJsonExpanded(req.user, includeEntities)
+    const collectionExpanded = await req.collection.getOldJsonExpanded(req.userNew, includeEntities)
     if (!collectionExpanded) {
       // This may happen if the user is restricted from all books
       return res.sendStatus(404)
@@ -71,8 +71,8 @@ class CollectionController {
   /**
    * PATCH: /api/collections/:id
    * Update collection
-   * @param {*} req 
-   * @param {*} res 
+   * @param {*} req
+   * @param {*} res
    */
   async update(req, res) {
     let wasUpdated = false
@@ -102,8 +102,8 @@ class CollectionController {
         order: [['order', 'ASC']]
       })
       collectionBooks.sort((a, b) => {
-        const aIndex = req.body.books.findIndex(lid => lid === a.book.libraryItem.id)
-        const bIndex = req.body.books.findIndex(lid => lid === b.book.libraryItem.id)
+        const aIndex = req.body.books.findIndex((lid) => lid === a.book.libraryItem.id)
+        const bIndex = req.body.books.findIndex((lid) => lid === b.book.libraryItem.id)
         return aIndex - bIndex
       })
       for (let i = 0; i < collectionBooks.length; i++) {
@@ -139,8 +139,8 @@ class CollectionController {
    * POST: /api/collections/:id/book
    * Add a single book to a collection
    * Req.body { id: <library item id> }
-   * @param {*} req 
-   * @param {*} res 
+   * @param {*} req
+   * @param {*} res
    */
   async addBook(req, res) {
     const libraryItem = await Database.libraryItemModel.getOldById(req.body.id)
@@ -153,7 +153,7 @@ class CollectionController {
 
     // Check if book is already in collection
     const collectionBooks = await req.collection.getCollectionBooks()
-    if (collectionBooks.some(cb => cb.bookId === libraryItem.media.id)) {
+    if (collectionBooks.some((cb) => cb.bookId === libraryItem.media.id)) {
       return res.status(400).send('Book already in collection')
     }
 
@@ -172,8 +172,8 @@ class CollectionController {
    * DELETE: /api/collections/:id/book/:bookId
    * Remove a single book from a collection. Re-order books
    * TODO: bookId is actually libraryItemId. Clients need updating to use bookId
-   * @param {*} req 
-   * @param {*} res 
+   * @param {*} req
+   * @param {*} res
    */
   async removeBook(req, res) {
     const libraryItem = await Database.libraryItemModel.getOldById(req.params.bookId)
@@ -187,7 +187,7 @@ class CollectionController {
     })
 
     let jsonExpanded = null
-    const collectionBookToRemove = collectionBooks.find(cb => cb.bookId === libraryItem.media.id)
+    const collectionBookToRemove = collectionBooks.find((cb) => cb.bookId === libraryItem.media.id)
     if (collectionBookToRemove) {
       // Remove collection book record
       await collectionBookToRemove.destroy()
@@ -216,12 +216,12 @@ class CollectionController {
    * POST: /api/collections/:id/batch/add
    * Add multiple books to collection
    * Req.body { books: <Array of library item ids> }
-   * @param {*} req 
-   * @param {*} res 
+   * @param {*} req
+   * @param {*} res
    */
   async addBatch(req, res) {
     // filter out invalid libraryItemIds
-    const bookIdsToAdd = (req.body.books || []).filter(b => !!b && typeof b == 'string')
+    const bookIdsToAdd = (req.body.books || []).filter((b) => !!b && typeof b == 'string')
     if (!bookIdsToAdd.length) {
       return res.status(500).send('Invalid request body')
     }
@@ -247,7 +247,7 @@ class CollectionController {
 
     // Check and set new collection books to add
     for (const libraryItem of libraryItems) {
-      if (!collectionBooks.some(cb => cb.bookId === libraryItem.media.id)) {
+      if (!collectionBooks.some((cb) => cb.bookId === libraryItem.media.id)) {
         collectionBooksToAdd.push({
           collectionId: req.collection.id,
           bookId: libraryItem.media.id,
@@ -274,12 +274,12 @@ class CollectionController {
    * POST: /api/collections/:id/batch/remove
    * Remove multiple books from collection
    * Req.body { books: <Array of library item ids> }
-   * @param {*} req 
-   * @param {*} res 
+   * @param {*} req
+   * @param {*} res
    */
   async removeBatch(req, res) {
     // filter out invalid libraryItemIds
-    const bookIdsToRemove = (req.body.books || []).filter(b => !!b && typeof b == 'string')
+    const bookIdsToRemove = (req.body.books || []).filter((b) => !!b && typeof b == 'string')
     if (!bookIdsToRemove.length) {
       return res.status(500).send('Invalid request body')
     }
@@ -305,7 +305,7 @@ class CollectionController {
     let order = 1
     let hasUpdated = false
     for (const collectionBook of collectionBooks) {
-      if (libraryItems.some(li => li.media.id === collectionBook.bookId)) {
+      if (libraryItems.some((li) => li.media.id === collectionBook.bookId)) {
         await collectionBook.destroy()
         hasUpdated = true
         continue
@@ -334,15 +334,15 @@ class CollectionController {
       req.collection = collection
     }
 
-    if (req.method == 'DELETE' && !req.user.canDelete) {
-      Logger.warn(`[CollectionController] User attempted to delete without permission`, req.user.username)
+    if (req.method == 'DELETE' && !req.userNew.canDelete) {
+      Logger.warn(`[CollectionController] User "${req.userNew.username}" attempted to delete without permission`)
       return res.sendStatus(403)
     } else if ((req.method == 'PATCH' || req.method == 'POST') && !req.user.canUpdate) {
-      Logger.warn('[CollectionController] User attempted to update without permission', req.user.username)
+      Logger.warn(`[CollectionController] User "${req.userNew.username}" attempted to update without permission`)
       return res.sendStatus(403)
     }
 
     next()
   }
 }
-module.exports = new CollectionController()
+module.exports = new CollectionController()

server/controllers/CustomMetadataProviderController.js

@@ -8,7 +8,7 @@ const { validateUrl } = require('../utils/index')
 // This is a controller for routes that don't have a home yet :(
 //
 class CustomMetadataProviderController {
-  constructor() { }
+  constructor() {}
 
   /**
    * GET: /api/custom-metadata-providers
@@ -47,7 +47,7 @@ class CustomMetadataProviderController {
       name,
       mediaType,
       url,
-      authHeaderValue: !authHeaderValue ? null : authHeaderValue,
+      authHeaderValue: !authHeaderValue ? null : authHeaderValue
     })
 
     // TODO: Necessary to emit to all clients?
@@ -60,7 +60,7 @@ class CustomMetadataProviderController {
 
   /**
    * DELETE: /api/custom-metadata-providers/:id
-   * 
+   *
    * @param {import('express').Request} req
    * @param {import('express').Response} res
    */
@@ -76,13 +76,16 @@ class CustomMetadataProviderController {
     await provider.destroy()
 
     // Libraries using this provider fallback to default provider
-    await Database.libraryModel.update({
-      provider: fallbackProvider
-    }, {
-      where: {
-        provider: slug
+    await Database.libraryModel.update(
+      {
+        provider: fallbackProvider
+      },
+      {
+        where: {
+          provider: slug
+        }
       }
-    })
+    )
 
     // TODO: Necessary to emit to all clients?
     SocketAuthority.emitter('custom_metadata_provider_removed', providerClientJson)
@@ -92,14 +95,14 @@ class CustomMetadataProviderController {
 
   /**
    * Middleware that requires admin or up
-   * 
-   * @param {import('express').Request} req 
-   * @param {import('express').Response} res 
-   * @param {import('express').NextFunction} next 
+   *
+   * @param {import('express').Request} req
+   * @param {import('express').Response} res
+   * @param {import('express').NextFunction} next
    */
   async middleware(req, res, next) {
-    if (!req.user.isAdminOrUp) {
-      Logger.warn(`[CustomMetadataProviderController] Non-admin user "${req.user.username}" attempted access route "${req.path}"`)
+    if (!req.userNew.isAdminOrUp) {
+      Logger.warn(`[CustomMetadataProviderController] Non-admin user "${req.userNew.username}" attempted access route "${req.path}"`)
       return res.sendStatus(403)
     }
 

server/controllers/EmailController.js

@@ -3,7 +3,7 @@ const SocketAuthority = require('../SocketAuthority')
 const Database = require('../Database')
 
 class EmailController {
-  constructor() { }
+  constructor() {}
 
   getSettings(req, res) {
     res.json({
@@ -54,20 +54,20 @@ class EmailController {
   /**
    * Send ebook to device
    * User must have access to device and library item
-   * 
-   * @param {import('express').Request} req 
-   * @param {import('express').Response} res 
+   *
+   * @param {import('express').Request} req
+   * @param {import('express').Response} res
    */
   async sendEBookToDevice(req, res) {
-    Logger.debug(`[EmailController] Send ebook to device requested by user "${req.user.username}" for libraryItemId=${req.body.libraryItemId}, deviceName=${req.body.deviceName}`)
+    Logger.debug(`[EmailController] Send ebook to device requested by user "${req.userNew.username}" for libraryItemId=${req.body.libraryItemId}, deviceName=${req.body.deviceName}`)
 
     const device = Database.emailSettings.getEReaderDevice(req.body.deviceName)
     if (!device) {
       return res.status(404).send('Ereader device not found')
     }
 
     // Check user has access to device
-    if (!Database.emailSettings.checkUserCanAccessDevice(device, req.user)) {
+    if (!Database.emailSettings.checkUserCanAccessDevice(device, req.userNew)) {
       return res.sendStatus(403)
     }
 
@@ -77,7 +77,7 @@ class EmailController {
     }
 
     // Check user has access to library item
-    if (!req.user.checkCanAccessLibraryItem(libraryItem)) {
+    if (!req.userNew.checkCanAccessLibraryItem(libraryItem)) {
       return res.sendStatus(403)
     }
 
@@ -90,11 +90,11 @@ class EmailController {
   }
 
   adminMiddleware(req, res, next) {
-    if (!req.user.isAdminOrUp) {
+    if (!req.userNew.isAdminOrUp) {
       return res.sendStatus(404)
     }
 
     next()
   }
 }
-module.exports = new EmailController()
+module.exports = new EmailController()