CalvinBackup/notesnook-sync-server_customPrivateV1
1
0
Fork 0
mirror of https://github.com/streetwriters/notesnook-sync-server.git synced 2026-02-12 11:12:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

monograph: remove links, embeds & images for non-pro users

Browse Source
This commit is contained in:
Abdullah Atta
2025-09-15 09:19:16 +05:00
parent b469da70e8
commit 0f43b3ee66
3 changed files with 30 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
Notesnook.API/Authorization/ProUserRequirement.cs
View File

@@ -35,11 +35,17 @@ namespace Notesnook.API.Authorization
["/s3"] = "upload attachments",
["/s3/multipart"] = "upload attachments",
};
private readonly string[] allowedClaims = ["trial", "premium", "premium_canceled"];
private static readonly string[] proClaims = ["premium", "premium_canceled"];
private static readonly string[] trialClaims = ["trial"];
public static bool IsUserPro(ClaimsPrincipal user)
=> user.Claims.Any((c) => c.Type == "notesnook:status" && proClaims.Contains(c.Value));
public static bool IsUserTrialing(ClaimsPrincipal user)
=> user.Claims.Any((c) => c.Type == "notesnook:status" && trialClaims.Contains(c.Value));
protected override Task HandleRequirementAsync(AuthorizationHandlerContext context, ProUserRequirement requirement)
{
PathString path = context.Resource is DefaultHttpContext httpContext ? httpContext.Request.Path : null;
var isProOrTrial = context.User.Claims.Any((c) => c.Type == "notesnook:status" && allowedClaims.Contains(c.Value));
var isProOrTrial = IsUserPro(context.User) || IsUserTrialing(context.User);
if (isProOrTrial) context.Succeed(requirement);
else
{

23
Notesnook.API/Controllers/MonographsController.cs
View File

@@ -23,10 +23,13 @@ using System.Linq;
using System.Security.Claims;
using System.Text.Json;
using System.Threading.Tasks;
using AngleSharp;
using AngleSharp.Dom;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using MongoDB.Bson;
using MongoDB.Driver;
using Notesnook.API.Authorization;
using Notesnook.API.Models;
using Notesnook.API.Services;
using Streetwriters.Common;
@@ -110,7 +113,7 @@ namespace Notesnook.API.Controllers
}
if (monograph.EncryptedContent == null)
monograph.CompressedContent = monograph.Content.CompressBrotli();
monograph.CompressedContent = (await CleanupContentAsync(monograph.Content)).CompressBrotli();
monograph.UserId = userId;
monograph.DatePublished = DateTimeOffset.UtcNow.ToUnixTimeMilliseconds();
@@ -161,7 +164,7 @@ namespace Notesnook.API.Controllers
return base.BadRequest("Monograph is too big. Max allowed size is 15mb.");
if (monograph.EncryptedContent == null)
monograph.CompressedContent = monograph.Content.CompressBrotli();
monograph.CompressedContent = (await CleanupContentAsync(monograph.Content)).CompressBrotli();
else
monograph.Content = null;
@@ -321,5 +324,21 @@ namespace Notesnook.API.Controllers
}
});
}
private async Task<string> CleanupContentAsync(string content)
{
if (!Constants.IS_SELF_HOSTED && !ProUserRequirement.IsUserPro(User))
{
var config = Configuration.Default.WithDefaultLoader();
var context = BrowsingContext.New(config);
var document = await context.OpenAsync(r => r.Content(content));
foreach (var element in document.QuerySelectorAll("a,iframe,img,object,svg,button,link"))
{
element.Remove();
}
return document.ToHtml();
}
return content;
}
}
}

1
Notesnook.API/Notesnook.API.csproj
View File

@@ -6,6 +6,7 @@
</PropertyGroup>
<ItemGroup>
<PackageReference Include="AngleSharp" Version="1.3.0" />
<PackageReference Include="AWSSDK.Core" Version="3.7.304.31" />
<PackageReference Include="DotNetEnv" Version="2.3.0" />
<PackageReference Include="IdentityModel.AspNetCore.OAuth2Introspection" Version="6.2.0" />