From 506a381eca5e2bdc31d3529ecd3f1f7797551406 Mon Sep 17 00:00:00 2001
From: Wu Cheng-Han <jacky_cute0808@hotmail.com>
Date: Tue, 14 Mar 2017 18:04:23 +0800
Subject: [PATCH] Add config option for gitlab api scope and auto adapt gitlab
 snippet feature on it

---
 README.md                      | 1 +
 app.js                         | 6 ++++--
 app.json                       | 4 ++++
 config.json.example            | 3 ++-
 lib/auth.js                    | 1 +
 lib/config.js                  | 5 +++--
 public/views/hackmd/header.ejs | 8 ++++----
 7 files changed, 19 insertions(+), 9 deletions(-)

diff --git a/README.md b/README.md
index 77aff69..a93c573 100644
--- a/README.md
+++ b/README.md
@@ -128,6 +128,7 @@ Environment variables (will overwrite other server configs)
 | HMD_TWITTER_CONSUMERSECRET | no example | Twitter API consumer secret |
 | HMD_GITHUB_CLIENTID | no example | GitHub API client id |
 | HMD_GITHUB_CLIENTSECRET | no example | GitHub API client secret |
+| HMD_GITLAB_SCOPE | `read_user` or `api` | GitLab API requested scope (default is `api`) (gitlab snippet import/export need `api` scope) |
 | HMD_GITLAB_BASEURL | no example | GitLab authentication endpoint, set to use other endpoint than GitLab.com (optional) |
 | HMD_GITLAB_CLIENTID | no example | GitLab API client id |
 | HMD_GITLAB_CLIENTSECRET | no example | GitLab API client secret |
diff --git a/app.js b/app.js
index c68652b..722f0ea 100644
--- a/app.js
+++ b/app.js
@@ -335,8 +335,10 @@ if (config.github) {
           successReturnToOrRedirect: config.serverurl + '/',
           failureRedirect: config.serverurl + '/'
         }))
-  // github callback actions
-  app.get('/auth/github/callback/:noteId/:action', response.githubActions)
+  if (!config.gitlab.scope || config.gitlab.scope === 'api') {
+    // gitlab callback actions
+    app.get('/auth/gitlab/callback/:noteId/:action', response.gitlabActions)
+  }
 }
 // gitlab auth
 if (config.gitlab) {
diff --git a/app.json b/app.json
index 6025bba..d1ec71f 100644
--- a/app.json
+++ b/app.json
@@ -89,6 +89,10 @@
             "description": "GitLab API client secret",
             "required": false
         },
+        "HMD_GITLAB_SCOPE": {
+            "description": "GitLab API client scope (optional)",
+            "required": false
+        },
         "HMD_DROPBOX_CLIENTID": {
             "description": "Dropbox API client id",
             "required": false
diff --git a/config.json.example b/config.json.example
index 9ee00c0..87c04ed 100644
--- a/config.json.example
+++ b/config.json.example
@@ -36,7 +36,8 @@
         "gitlab": {
             "baseURL": "change this",
             "clientID": "change this",
-            "clientSecret": "change this"
+            "clientSecret": "change this",
+            "scope": "use 'read_user' scope for auth user only or remove this property if you need gitlab snippet import/export support (will result to be default scope 'api')"
         },
         "dropbox": {
             "clientID": "change this",
diff --git a/lib/auth.js b/lib/auth.js
index dd6a54e..3e129b9 100644
--- a/lib/auth.js
+++ b/lib/auth.js
@@ -91,6 +91,7 @@ function registerAuthMethod () {
       baseURL: config.gitlab.baseURL,
       clientID: config.gitlab.clientID,
       clientSecret: config.gitlab.clientSecret,
+      scope: config.gitlab.scope,
       callbackURL: config.serverurl + '/auth/gitlab/callback'
     }, callback))
   }
diff --git a/lib/config.js b/lib/config.js
index 2ecb478..674dd11 100644
--- a/lib/config.js
+++ b/lib/config.js
@@ -102,8 +102,9 @@ var github = ((process.env.HMD_GITHUB_CLIENTID && process.env.HMD_GITHUB_CLIENTS
 var gitlab = ((process.env.HMD_GITLAB_CLIENTID && process.env.HMD_GITLAB_CLIENTSECRET) || (fs.existsSync('/run/secrets/gitlab_clientID') && fs.existsSync('/run/secrets/gitlab_clientSecret'))) ? {
   baseURL: process.env.HMD_GITLAB_BASEURL,
   clientID: handleDockerSecret('gitlab_clientID') || process.env.HMD_GITLAB_CLIENTID,
-  clientSecret: handleDockerSecret('gitlab_clientSecret') || process.env.HMD_GITLAB_CLIENTSECRET
-} : config.gitlab || false
+  clientSecret: handleDockerSecret('gitlab_clientSecret') || process.env.HMD_GITLAB_CLIENTSECRET,
+  scope: process.env.HMD_GITLAB_SCOPE
+} : (config.gitlab && config.gitlab.clientID && config.gitlab.clientSecret && config.gitlab) || false
 var dropbox = ((process.env.HMD_DROPBOX_CLIENTID && process.env.HMD_DROPBOX_CLIENTSECRET) || (fs.existsSync('/run/secrets/dropbox_clientID') && fs.existsSync('/run/secrets/dropbox_clientSecret'))) ? {
   clientID: handleDockerSecret('dropbox_clientID') || process.env.HMD_DROPBOX_CLIENTID,
   clientSecret: handleDockerSecret('dropbox_clientSecret') || process.env.HMD_DROPBOX_CLIENTSECRET
diff --git a/public/views/hackmd/header.ejs b/public/views/hackmd/header.ejs
index bb4e317..24282b0 100644
--- a/public/views/hackmd/header.ejs
+++ b/public/views/hackmd/header.ejs
@@ -42,7 +42,7 @@
                 <li role="presentation"><a role="menuitem" class="ui-save-gist" tabindex="-1" href="#" target="_blank"><i class="fa fa-github fa-fw"></i> Gist</a>
                 </li>
                 <% } %>
-                <% if(typeof gitlab !== 'undefined' && gitlab) { %>
+                <% if(typeof gitlab !== 'undefined' && gitlab && (!gitlab.scope || gitlab.scope === 'api')) { %>
                 <li role="presentation"><a role="menuitem" class="ui-save-snippet" href="#"><i class="fa fa-gitlab fa-fw"></i> Snippet</a>
                 </li>
                 <% } %>
@@ -54,7 +54,7 @@
                 </li>
                 <li role="presentation"><a role="menuitem" class="ui-import-gist" href="#" data-toggle="modal" data-target="#gistImportModal"><i class="fa fa-github fa-fw"></i> Gist</a>
                 </li>
-                <% if(typeof gitlab !== 'undefined' && gitlab) { %>
+                <% if(typeof gitlab !== 'undefined' && gitlab && (!gitlab.scope || gitlab.scope === 'api')) { %>
                 <li role="presentation"><a role="menuitem" class="ui-import-snippet" href="#"><i class="fa fa-gitlab fa-fw"></i> Snippet</a>
                 </li>
                 <% } %>
@@ -139,7 +139,7 @@
                     <li role="presentation"><a role="menuitem" class="ui-save-gist" tabindex="-1" href="#" target="_blank"><i class="fa fa-github fa-fw"></i> Gist</a>
                     </li>
                     <% } %>
-                    <% if(typeof gitlab !== 'undefined' && gitlab) { %>
+                    <% if(typeof gitlab !== 'undefined' && gitlab && (!gitlab.scope || gitlab.scope === 'api')) { %>
                     <li role="presentation"><a role="menuitem" class="ui-save-snippet" href="#"><i class="fa fa-gitlab fa-fw"></i> Snippet</a>
                     </li>
                     <% } %>
@@ -151,7 +151,7 @@
                     </li>
                     <li role="presentation"><a role="menuitem" class="ui-import-gist" href="#" data-toggle="modal" data-target="#gistImportModal"><i class="fa fa-github fa-fw"></i> Gist</a>
                     </li>
-                    <% if(typeof gitlab !== 'undefined' && gitlab) { %>
+                    <% if(typeof gitlab !== 'undefined' && gitlab && (!gitlab.scope || gitlab.scope === 'api')) { %>
                     <li role="presentation"><a role="menuitem" class="ui-import-snippet" href="#"><i class="fa fa-gitlab fa-fw"></i> Snippet</a>
                     </li>
                     <% } %>