Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
const express = require('express');
const debug = require('ghost-ignition').debug('app');
const hbs = require('express-hbs');
const multer = require('multer');
const server = require('ghost-ignition').server;
const errors = require('ghost-ignition').errors;
const gscan = require('../lib');
const fs = require('fs-extra');
const logRequest = require('./middlewares/log-request');
const uploadValidation = require('./middlewares/upload-validation');
const ghostVer = require('./ghost-version');
const pkgJson = require('../package.json');
const ghostVersions = require('../lib/utils').versions;
const upload = multer({dest: __dirname + '/uploads/'});
const app = express();
const scanHbs = hbs.create();
// Configure express
app.set('x-powered-by', false);
app.set('query parser', false);
app.engine('hbs', scanHbs.express4({
var _ = require('lodash'),
util = require('util'),
errors = require('ghost-ignition').errors;
function GhostError(options) {
options = options || {};
this.value = options.value;
errors.IgnitionError.call(this, options);
}
// jscs:disable
var ghostErrors = {
DataExportError: function DataExportError(options) {
GhostError.call(this, _.merge({
statusCode: 500,
errorType: 'DataExportError'
}, options));
},
// NOTE: this middleware was extracted from Ghost core validation for theme uploads
// might be useful to unify this logic in the future if it's extracted to separate module
const path = require('path');
const errors = require('ghost-ignition').errors;
const checkFileExists = function checkFileExists(fileData) {
return !!(fileData.mimetype && fileData.path);
};
const checkFileIsValid = function checkFileIsValid(fileData, types, extensions) {
const type = fileData.mimetype;
if (types.includes(type) && extensions.includes(fileData.ext)) {
return true;
}
return false;
};
module.exports = function uploadValidation(req, res, next) {
const concat = require('concat-stream');
const Cookies = require('cookies');
const jwt = require('jsonwebtoken');
const ignition = require('ghost-ignition');
const {
UnauthorizedError,
BadRequestError
} = ignition.errors;
const EMPTY = {};
const SIX_MONTHS_MS = 1000 * 60 * 60 * 24 * 184;
const withCookies = (fn, cookieConfig) => (req, res) => {
return new Promise((resolve) => {
const cookies = new Cookies(req, res, cookieConfig);
resolve(fn(req, res, {cookies}));
});
};
const withBodyAndCookies = (fn, cookieConfig) => (req, res) => {
return new Promise((resolve, reject) => {
const cookies = new Cookies(req, res, cookieConfig);
req.on('error', reject);
req.pipe(concat(function (buff) {
const errors = require('ghost-ignition').errors,
util = require('util');
function BookshelfRelationsError(options) {
options = options || {};
options.errorType = 'BookshelfRelationsError';
options.level = 'critical';
errors.IgnitionError.call(this, options);
}
util.inherits(BookshelfRelationsError, errors.IgnitionError);
module.exports = errors;
module.exports.BookshelfRelationsError = BookshelfRelationsError;
const merge = require('lodash/merge'),
each = require('lodash/each'),
util = require('util'),
errors = require('ghost-ignition').errors;
function GhostError(options) {
options = options || {};
this.value = options.value;
errors.IgnitionError.call(this, options);
}
const ghostErrors = {
DataExportError: function DataExportError(options) {
GhostError.call(this, merge({
statusCode: 500,
errorType: 'DataExportError'
}, options));
},
DataImportError: function DataImportError(options) {