From 645dfb276c4e797747bdedcf92ceee9318211f50 Mon Sep 17 00:00:00 2001
From: Andrew DeVries <adevries@digitalexample.com>
Date: Wed, 17 Apr 2024 22:09:03 -0400
Subject: [PATCH] moved dfsdetect to protected urls

---
 server.js                     | 35 ++++++++++++-----------
 uispToolsApiHandler.js        | 10 ++++++-
 uispToolsApiRequestHandler.js | 53 +++++++++++++++++++++++++++++++----
 3 files changed, 75 insertions(+), 23 deletions(-)

diff --git a/server.js b/server.js
index 3afa1c5..4d4cda5 100644
--- a/server.js
+++ b/server.js
@@ -53,6 +53,7 @@ var defaultConfig = {
     "logDirectory": "logs",
     "adminRoute": "/admin",
     "logLevel": "info",
+    "redirectClientsToCRMOnLogin": true,
     "useHttp": true,
     "useHttps": false,
     "httpport": 49080,
@@ -446,7 +447,7 @@ var handlePluginPublicFileRequest = function (req, res) {
 
 
 
-var handlePublicFileRequest = function (req, res) {
+var handlePublicFileRequest = function (req, res, next) {
     var filePath = req.path;
 
     if (filePath === "/" && urlPrefix !== "") {
@@ -462,7 +463,7 @@ var handlePublicFileRequest = function (req, res) {
 
     if(filePath.endsWith("scriptsettings.json")){
         let scriptSettings = {
-            urlPrefix: urlPrefix,
+            urlPrefix: urlPrefix
         }
         res.json(scriptSettings);
         return;
@@ -516,15 +517,14 @@ var handlePublicFileRequest = function (req, res) {
 
         let fileExt = path.extname(filePath);
         if( filePath.includes("/api/") == false && (fileExt === "" || fileExt === ".htm" || fileExt === ".html")){
-            if(commonData.menutItemsRefreshed === undefined || moment().diff(commonData.menutItemsRefreshed, 'minutes') > 5){
-                uispToolsApiHandler.getMenuItems({})
-            }else{
-                
-            }
+            
             filePath = "/index.htm";
             res.sendFile(filePath, { root: path.join(__dirname, 'public') });
         }else{
-            res.sendStatus(404);
+            if (uispToolsApiRequestHandler.checkForRedirect(req, res) == false){
+                res.sendStatus(404);
+            }
+            
         }
     }
     
@@ -532,7 +532,7 @@ var handlePublicFileRequest = function (req, res) {
 
  
 
-uispToolsApiRequestHandler.bindRoutes(routes);
+uispToolsApiRequestHandler.bindRoutes({"express": app});
 
 
 
@@ -608,13 +608,7 @@ routes.get('/' + urlPrefix + 'plugins/*', function (req, res) {
     handlePluginPublicFileRequest(req, res);
 });
 
-routes.get('/*', function (req, res) {
-    handlePublicFileRequest(req, res);
-});
 
-routes.get('/' + urlPrefix + '*', function (req, res) {
-    handlePublicFileRequest(req, res);
-});
 
 
 app.use('/', pluginRoutes);
@@ -624,8 +618,17 @@ app.use('/', pluginRoutes);
 app.use('/', routes);
 
 
+routes.get('/*', function (req, res, next) {
+    
+    handlePublicFileRequest(req, res,next);
+    
+});
 
-
+if(urlPrefix !== ""){
+    routes.get('/' + urlPrefix + '*', function (req, res) {
+        handlePublicFileRequest(req, res);
+    });
+}
 
 
 var io = null;
diff --git a/uispToolsApiHandler.js b/uispToolsApiHandler.js
index 4d949e7..2815e45 100644
--- a/uispToolsApiHandler.js
+++ b/uispToolsApiHandler.js
@@ -500,7 +500,15 @@ var UispToolsApiHandler = function (options) {
                 projections : { linkText: 1, linkUrl: 1, linkTarget: 1, pageContentGuid: 1, roleId: 1, contentType: 1, parentPageContentGuid: 1} ,               
                 sort: [['displayOrder', 1 ]['parentPageContentGuid', 1 ]]
             };
-
+            if(options.find){
+                fetchOptions.find = options.find;
+            }
+            if(options.projections){
+                fetchOptions.projections = options.projections;
+            }
+            if(options.sort){
+                fetchOptions.sort = options.sort;
+            }
             if(options.menuGuid){
                 fetchOptions.find.menuGuid = options.menuGuid;
             }
diff --git a/uispToolsApiRequestHandler.js b/uispToolsApiRequestHandler.js
index b9aba11..838a03c 100644
--- a/uispToolsApiRequestHandler.js
+++ b/uispToolsApiRequestHandler.js
@@ -2,7 +2,7 @@
 const appName = "uispToolsApiRequestHandler";
 const extend = require('extend');
 const Defer = require('node-promise').defer;
-
+const express = require('express');
 
 var moment = require('moment');
 
@@ -16,7 +16,8 @@ var UispToolsApiRequestHandler = function (options) {
         logUtilHelper:null,
         uispToolsApiHandler: null,
         urlPrefix: "",
-        allowDirectUispQuerys: false
+        allowDirectUispQuerys: false,
+        routes: null
     };
     
     self.options = extend({}, defaultOptions, options);
@@ -50,9 +51,12 @@ var UispToolsApiRequestHandler = function (options) {
 
     
 
-    var BindRoutes = function (routes) {
+    var BindRoutes = function (options) {
         
         try {
+            self.options.app = options.express
+            self.options.routes = express.Router();
+            let routes = self.options.routes;
             
             routes.get('/' + self.options.urlPrefix + 'api/PageContent/MenuItems', getMenuItems);
             routes.get('/' + self.options.urlPrefix + 'api/PageContent/PageContentGuid/:guid', getPageByPageContentGuid);
@@ -90,13 +94,49 @@ var UispToolsApiRequestHandler = function (options) {
                 routes.delete('/' + self.options.urlPrefix + 'api/crm/*', getCRMData);
                 routes.delete('/' + self.options.urlPrefix + 'api/nms/*', getNMSData);
             }
+            self.options.app.use('/', routes);
+            
         } catch (ex) {
            debug("error", ex.msg, ex.stack);
         }
         
     }
 
-    
+    var checkForRedirect = function (req, res, next) {
+        try {
+            let fetchOptions = {
+                find: { deleted: false, contentType: { $eq: "redirect" }, linkUrl: req.path},
+                projections : { linkUrl: 1, contentType: 1, content: 1},               
+                sort: [['displayOrder', 1 ]['parentPageContentGuid', 1 ]]
+            }
+            self.options.uispToolsApiHandler.getMenuItems(fetchOptions).then(
+                function (menuItems) {                    
+                        for (let i = 0; i < menuItems.length; i++) {
+                            var menuItem = menuItems[i];
+                            res.redirect(menuItem.content);
+                            return true;                                
+                        }
+                        if(next !== undefined || next !== null){
+                            next();
+                        }
+                        return false;
+                },
+                function (error) {
+                    debug("error", "BindRoutes getMenuItems", error);
+                    if(next !== undefined || next !== null){
+                        next();
+                    }
+                    return false;
+                }
+            );
+        } catch (ex) {
+            debug("error", "checkForRedirect", { "msg": ex.message, "stack": ex.stack });
+            if(next !== undefined || next !== null){
+                next();
+            }
+            return false;
+        }
+    }
 
     var getAnonymousClientSideSettings = function(req, res, next){
         try {
@@ -617,8 +657,8 @@ var getMenuItems = function (req, res, next) {
     try {
         let options = {}
         self.options.uispToolsApiHandler.getMenuItems(options).then(
-            function (docs) {
-                res.json(docs);
+            function (menuItems) {
+                res.json(menuItems);
             },
             function(err){
                 handleHttpRequestError(req, res, err);
@@ -674,6 +714,7 @@ var getMenuItems = function (req, res, next) {
     self.checkSuperAdminApiAccess = checkSuperAdminApiAccess;
     self.nmsApiQuery = nmsApiQuery;
     self.crmApiQuery = crmApiQuery;
+    self.checkForRedirect = checkForRedirect;
 
 };
 module.exports = UispToolsApiRequestHandler;
\ No newline at end of file