ether · yanntrividic · Apr 15, 2024 · Apr 15, 2024 · Jul 4, 2024 · Copilot
diff --git a/exportMarkdown.js b/exportMarkdown.js
@@ -2,6 +2,7 @@
 
 const Changeset = require('ep_etherpad-lite/static/js/Changeset');
 const padManager = require('ep_etherpad-lite/node/db/PadManager');
+const readOnlyManager = require('ep_etherpad-lite/node/db/ReadOnlyManager');
 
 const getMarkdownFromAtext = (pad, atext) => {
   const apool = pad.apool();
@@ -311,12 +312,23 @@ const _analyzeLine = (text, aline, apool) => {
 };
 
 const getPadMarkdown = async (pad, revNum) => {
-  const atext = revNum == null ? pad.atext : await pad.getInternalRevisionAText(revNum);
+  const atext = revNum == null|undefined ? pad.atext : await pad.getInternalRevisionAText(revNum);
-  const atext = revNum == null|undefined ? pad.atext : await pad.getInternalRevisionAText(revNum);
+  const atext = revNum == null ? pad.atext : await pad.getInternalRevisionAText(revNum);
-  const atext = revNum == null|undefined ? pad.atext : await pad.getInternalRevisionAText(revNum);
+  const atext = revNum == null ? pad.atext : await pad.getInternalRevisionAText(revNum);
   return getMarkdownFromAtext(pad, atext);
 };
 
+const getPadIdIfReadOnly = async (padId) => {
+  if(padId.startsWith("r.")) {
+    return await readOnlyManager.getPadId(padId);
+  } else {
+    return padId
+  }
+}
-  if(padId.startsWith("r.")) {
-    return await readOnlyManager.getPadId(padId);
-  } else {
-    return padId
-  }
-}
+  if (padId.startsWith('r.')) {
+    return await readOnlyManager.getPadId(padId);
+  } else {
+    return padId;
+  }
+};
-  if(padId.startsWith("r.")) {
-    return await readOnlyManager.getPadId(padId);
-  } else {
-    return padId
-  }
-}
+  if (padId.startsWith('r.')) {
+    return await readOnlyManager.getPadId(padId);
+  } else {
+    return padId;
+  }
+};
+
 exports.getPadMarkdownDocument =
-    async (padId, revNum) => await getPadMarkdown(await padManager.getPad(padId), revNum);
+    async (padId, revNum) => {
+      padId = await getPadIdIfReadOnly(padId);
+      return await getPadMarkdown(await padManager.getPad(padId), revNum);
+    }
 
 // copied from ACE
 const _REGEX_WORDCHAR = new RegExp([

diff --git a/express.js b/express.js
@@ -1,12 +1,27 @@
 'use strict';
 
 const exportMarkdown = require('./exportMarkdown');
+const settings = require('ep_etherpad-lite/node/utils/Settings');
+const rateLimit = require('express-rate-limit');
 
 exports.expressCreateServer = (hookName, {app}) => {
+  const limiter = rateLimit({
+    ...settings.importExportRateLimiting,
+    handler: (request) => {
+      if (request.rateLimit.current === request.rateLimit.limit + 1) {
+        // when the rate limiter triggers, write a warning in the logs
+        console.warn('Import/Export rate limiter triggered on ' +
+            `"${request.originalUrl}" for IP address ${request.ip}`);
+      }
-    handler: (request) => {
-      if (request.rateLimit.current === request.rateLimit.limit + 1) {
-        // when the rate limiter triggers, write a warning in the logs
-        console.warn('Import/Export rate limiter triggered on ' +
-            `"${request.originalUrl}" for IP address ${request.ip}`);
-      }
+    handler: (request, response, next, options) => {
+      if (request.rateLimit.current === request.rateLimit.limit + 1) {
+        // when the rate limiter triggers, write a warning in the logs
+        console.warn('Import/Export rate limiter triggered on ' +
+            `"${request.originalUrl}" for IP address ${request.ip}`);
+      }
+      options.handler(request, response, next, options);
-    handler: (request) => {
-      if (request.rateLimit.current === request.rateLimit.limit + 1) {
-        // when the rate limiter triggers, write a warning in the logs
-        console.warn('Import/Export rate limiter triggered on ' +
-            `"${request.originalUrl}" for IP address ${request.ip}`);
-      }
+    handler: (request, response, next, options) => {
+      if (request.rateLimit.current === request.rateLimit.limit + 1) {
+        // when the rate limiter triggers, write a warning in the logs
+        console.warn('Import/Export rate limiter triggered on ' +
+            `"${request.originalUrl}" for IP address ${request.ip}`);
+      }
+      options.handler(request, response, next, options);
+    },
+  });
+
+  app.use('/p/:padId/:revNum?/export/markdown', limiter);
   app.get('/p/:padId/:revNum?/export/markdown', (req, res, next) => {
     (async () => {
       const {padId, revNum} = req.params;
       res.attachment(`${padId}.md`);
+      res.header('Access-Control-Allow-Origin', '*');
-  
-  app.use('/p/:padId/:revNum?/export/markdown', limiter);
-  app.get('/p/:padId/:revNum?/export/markdown', (req, res, next) => {
-    (async () => {
-      const {padId, revNum} = req.params;
-      res.attachment(`${padId}.md`);
-      res.header('Access-Control-Allow-Origin', '*');
+
+  app.use('/p/:padId/:revNum?/export/markdown', (req, res, next) => {
+    res.header('Access-Control-Allow-Origin', '*');
+    next();
+  }, limiter);
+  app.get('/p/:padId/:revNum?/export/markdown', (req, res, next) => {
+    (async () => {
+      const {padId, revNum} = req.params;
+      res.attachment(`${padId}.md`);
-  
-  app.use('/p/:padId/:revNum?/export/markdown', limiter);
-  app.get('/p/:padId/:revNum?/export/markdown', (req, res, next) => {
-    (async () => {
-      const {padId, revNum} = req.params;
-      res.attachment(`${padId}.md`);
-      res.header('Access-Control-Allow-Origin', '*');
+
+  app.use('/p/:padId/:revNum?/export/markdown', (req, res, next) => {
+    res.header('Access-Control-Allow-Origin', '*');
+    next();
+  }, limiter);
+  app.get('/p/:padId/:revNum?/export/markdown', (req, res, next) => {
+    (async () => {
+      const {padId, revNum} = req.params;
+      res.attachment(`${padId}.md`);
       res.contentType('plain/text');
       res.send(await exportMarkdown.getPadMarkdownDocument(padId, revNum));
     })().catch((err) => next(err || new Error(err)));

diff --git a/package.json b/package.json
@@ -12,6 +12,7 @@
     "url": "https://github.com/ether/ep_markdown.git"
   },
   "dependencies": {
+    "express-rate-limit": "^7.2.0",
     "showdown": "*"
   },
   "contributors": [],