diff --git a/lambda/bracery-store.js b/lambda/bracery-store.js
index 8cc4481..db564dc 100644
--- a/lambda/bracery-store.js
+++ b/lambda/bracery-store.js
@@ -21,8 +21,12 @@ exports.handler = async (event, context, callback) => {
const body = util.getBody (event);
const revision = event.httpMethod === 'GET' && event.queryStringParameters && event.queryStringParameters.rev;
- // Set up some returns
+ // Get session
let session = await util.getSession (event, dynamoPromise);
+ const loggedIn = session && session.loggedIn;
+ const symIsOwned = loggedIn && session.user === user;
+
+ // Set up some returns
const respond = util.respond (callback, event, session);
const corsHeader = { 'Access-Control-Allow-Origin': '*' };
@@ -30,11 +34,13 @@ exports.handler = async (event, context, callback) => {
try {
let res = await util.getBracery (name, revision, dynamoPromise);
const result = res.Items && res.Items.length && res.Items[0];
- const resultLocked = (result && result.locked && (!session || !session.loggedIn || (result.owner !== session.user)));
+ const symIsNew = !result;
+ const symIsLocked = result && result.locked;
+ const symIsHidden = result && result.hidden;
// Handle the HTTP methods
switch (event.httpMethod) {
case 'DELETE':
- if (resultLocked)
+ if (!symIsOwned)
return respond.forbidden();
if (result) {
let item = { name,
@@ -48,34 +54,34 @@ exports.handler = async (event, context, callback) => {
return respond.notFound();
break;
case 'GET':
- if (result && result.bracery) {
+ if (result && result.bracery && (symIsOwned || !symIsHidden)) {
let ret = { bracery: result.bracery };
- if (result.locked) {
+ if (symIsLocked)
ret.locked = true;
- ret.owned = (result.owner === session.user);
- }
+ if (symIsHidden)
+ ret.hidden = true;
+ if (symIsOwned)
+ ret.owned = true;
respond.ok (ret, corsHeader);
} else
respond.notFound();
break;
case 'PUT':
{
- if (resultLocked)
+ if ((symIsLocked || symIsHidden || symIsNew) && !symIsOwned)
return respond.forbidden();
let item = { name,
bracery: body.bracery,
updated: Date.now(),
revision: result.revision };
- if (session.loggedIn)
+ if (symIsOwned)
util.extend (item,
- { locked: body.locked,
- owner: session.user } );
+ { locked: !!body.locked,
+ hidden: !!body.hidden } );
let putResult = await
(result
? util.updateBracery (item, dynamoPromise)
: util.createBracery (item, dynamoPromise));
-
- await util.clearSession (session, dynamoPromise);
respond.ok ({ revision: putResult.revision }, corsHeader);
}
diff --git a/lambda/bracery-util.js b/lambda/bracery-util.js
index 2d97299..c8e03ee 100644
--- a/lambda/bracery-util.js
+++ b/lambda/bracery-util.js
@@ -113,19 +113,6 @@ async function getSession (event, dynamoPromise) {
}
}
-async function clearSession (session, dynamoPromise) {
- await dynamoPromise('updateItem')
- ({ TableName: config.sessionTableName,
- Key: { cookie: session.cookie },
- UpdateExpression: 'SET #s = :s',
- ExpressionAttributeNames: {
- '#s': 'state',
- },
- ExpressionAttributeValues: {
- ':s': 'null',
- } });
-}
-
// async https.request
async function httpsRequest (opts, formData) {
return new Promise
@@ -486,7 +473,6 @@ module.exports = {
getParams,
getName,
getBookmarkedParams,
- clearSession,
createBookmark,
httpsRequest,
respond,
diff --git a/lambda/bracery-view.js b/lambda/bracery-view.js
index 37ecafd..1386783 100644
--- a/lambda/bracery-view.js
+++ b/lambda/bracery-view.js
@@ -44,6 +44,7 @@ const templateDefVar = 'SYMBOL_DEFINITION';
const templateRevVar = 'REVISION';
const templateRefsVar = 'REFERRING_SYMBOLS';
const templateLockedVar = 'LOCKED_BY_USER';
+const templateHiddenVar = 'HIDDEN_BY_USER';
const templateInitVar = 'INIT_TEXT';
const templateVarsVar = 'INIT_VARS';
const templateRecentVar = 'RECENT_SYMBOLS';
@@ -59,24 +60,18 @@ exports.handler = async (event, context, callback) => {
// Set up some returns
let session = await util.getSession (event, dynamoPromise);
- console.log('Session:', JSON.stringify(session, null, 2));
const respond = util.respond (callback, event, session);
// Wrap all downstream calls (to dynamo etc) in try...catch
try {
// Get app state parameters
const isRedirect = event && event.queryStringParameters && event.queryStringParameters.redirect;
- const isReset = event && event.queryStringParameters && event.queryStringParameters.reset;
const revision = event.queryStringParameters && event.queryStringParameters.rev;
- const gotSessionState = session && !!session.state && !isReset && !revision;
- const parsedSessionState = gotSessionState && JSON.parse (session.state);
const isBookmark = event && event.queryStringParameters && event.queryStringParameters.id;
const appState =
(isBookmark
? await util.getBookmarkedParams (event, dynamoPromise)
- : (parsedSessionState && (isRedirect || parsedSessionState.name === util.getName(event))
- ? parsedSessionState
- : util.getParams (event)));
+ : util.getParams (event));
const { name, initText, evalText, vars, expansion } = appState;
console.log({appState});
@@ -95,9 +90,7 @@ exports.handler = async (event, context, callback) => {
tmpMap[templateUserVar] = null;
tmpMap[templateExpVar] = expansion;
tmpMap[templateExpHtmlVar] = '' + '...bracing...' + '';
- tmpMap[templateWarningVar] = (!isBookmark && !isRedirect && parsedSessionState && (evalText || initText || expansion)
- ? ('Loaded from auto-save (clear auto-save)')
- : '');
+ tmpMap[templateWarningVar] = '';
const populateExpansionTemplates = (expansion) => {
if (expansion) {
@@ -136,8 +129,10 @@ exports.handler = async (event, context, callback) => {
const result = res.Items && res.Items.length && res.Items[0];
if (result) {
tmpMap[templateRevVar] = result.revision;
- if (result.locked && result.owner === session.user)
+ if (result.locked)
tmpMap[templateLockedVar] = ' checked';
+ if (result.hidden)
+ tmpMap[templateHiddenVar] = ' checked';
}
if (!result || (typeof(evalText) === 'string' && !revision))
return expansion;
@@ -186,12 +181,6 @@ exports.handler = async (event, context, callback) => {
}))
: Promise.resolve());
- // Reset the session, if requested
- let resetPromise =
- (isReset
- ? util.clearSession (session, dynamoPromise)
- : Promise.resolve());
-
// Read the template HTML file
const templateHtmlBuf = await util.promisify (fs.readFile) (config.templateHtmlFilename, config.stringEncoding);
@@ -199,7 +188,6 @@ exports.handler = async (event, context, callback) => {
await newsPromise;
await symbolPromise;
await botPromise;
- await resetPromise;
// Do the %VAR%->val template substitutions
if (session && session.loggedIn && session.username)