feat: gist & co-authors

2026-05-20 00:14:43 +02:00 · 2026-05-04 13:10:44 +02:00
parent f0f6436370
commit f0bc53f093
24 changed files with 1707 additions and 158 deletions
@@ -3,9 +3,35 @@ import AnonymousError from "../../core/AnonymousError";
 import * as db from "../database";
 import UserModel from "../../core/model/users/users.model";
 import User from "../../core/User";
+import Repository from "../../core/Repository";
 import { HTTPError } from "got";
 import { RepositoryStatus } from "../../core/types";

+export async function getGist(
+  req: express.Request,
+  res: express.Response,
+  opt?: { nocheck?: boolean }
+) {
+  try {
+    const gist = await db.getGist(req.params.gistId);
+    if (opt?.nocheck !== true) {
+      if (
+        gist.status == "expired" &&
+        gist.options.expirationMode == "redirect"
+      ) {
+        res.redirect(`https://gist.github.com/${gist.source.gistId}`);
+        return null;
+      }
+
+      await gist.check();
+    }
+    return gist;
+  } catch (error) {
+    handleError(error, res, req);
+    return null;
+  }
+}
+
 export async function getPullRequest(
  req: express.Request,
  res: express.Response,
@@ -71,6 +97,20 @@ export function isOwnerOrAdmin(authorizedUsers: string[], user: User) {
  }
 }

+export function isCoauthor(repo: Repository, user: User): boolean {
+  if (!user.username) return false;
+  return (repo.model.coauthors || []).some((c) => c.username === user.username);
+}
+
+export function isOwnerCoauthorOrAdmin(repo: Repository, user: User) {
+  if (user.isAdmin) return;
+  if (repo.owner.id === user.model.id) return;
+  if (isCoauthor(repo, user)) return;
+  throw new AnonymousError("not_authorized", {
+    httpStatus: 401,
+  });
+}
+
 // eslint-disable-next-line @typescript-eslint/no-explicit-any
 function printError(error: any, req?: express.Request) {
  if (error instanceof AnonymousError) {