Merge branch 'master' into fixAttachSource

Author: zane-perry

lib/actions/updateCollectionIcon.js

@@ -2,6 +2,7 @@
 const fs = require('fs')
 const config = require('../config')
 const extend = require('xtend')
+const path = require('path')
 
 const getOwnedBy = require('../query/ownedBy')
 
@@ -13,41 +14,52 @@ const mkdirp = require('mkdirp')
 
 module.exports = function (req, res) {
   const { graphUri, uri, url } = getUrisFromReq(req, res)
-  return getOwnedBy(uri, graphUri).then((ownedBy) => {
-    if (ownedBy.indexOf(config.get('databasePrefix') + 'user/' + req.user.username) === -1) {
-      if (!req.accepts('text/html')) {
-        res.status(403).type('text/plain').send('Not authorized to update this collection icon')
-      } else {
-        const locals = {
-          config: config.get(),
-          section: 'errors',
-          user: req.user,
-          errors: [ 'Not authorized to update this collection icon' ]
+  if (req.method === 'GET') {
+    const collectionIcons = config.get('collectionIcons')
+    const iconFile = collectionIcons[uri]
+    if (iconFile) {
+      const dir = path.resolve(__dirname, '../../public')
+      res.sendFile(iconFile, { root: dir })
+    } else {
+      res.status(403).type('text/plain').send('No icon for this collection')
+    }
+  } else {
+    return getOwnedBy(uri, graphUri).then((ownedBy) => {
+      if (ownedBy.indexOf(config.get('databasePrefix') + 'user/' + req.user.username) === -1) {
+        if (!req.accepts('text/html')) {
+          res.status(403).type('text/plain').send('Not authorized to update this collection icon')
+        } else {
+          const locals = {
+            config: config.get(),
+            section: 'errors',
+            user: req.user,
+            errors: [ 'Not authorized to update this collection icon' ]
+          }
+          res.status(403).send(pug.renderFile('templates/views/errors/errors.jade', locals))
         }
-        res.status(403).send(pug.renderFile('templates/views/errors/errors.jade', locals))
       }
-    }
 
-    if (req.file) {
-      var iconFile = req.file
+      if (req.file) {
+        var iconFile = req.file
 
-      var collectionIcons = config.get('collectionIcons')
-      const iconFilename = 'public/icons/' + iconFile.originalname
+        var collectionIcons = config.get('collectionIcons')
+        const iconFilename = 'public/icons/' + iconFile.originalname
 
-      mkdirp('public/icons').then(() => {
-        fs.writeFileSync(iconFilename, iconFile.buffer)
-      })
+        mkdirp('public/icons').then(() => {
+          fs.writeFileSync(iconFilename, iconFile.buffer)
+        })
 
-      collectionIcons = extend(collectionIcons, {
-        [uri]: '/icons/' + iconFile.originalname
-      })
+        collectionIcons = extend(collectionIcons, {
+          [uri]: '/icons/' + iconFile.originalname
+        })
 
-      config.set('collectionIcons', collectionIcons)
-    }
-    if (!req.accepts('text/html')) {
-      res.status(200).type('text/plain').send('Success')
-    } else {
-      res.redirect(url)
-    }
-  })
+        config.set('collectionIcons', collectionIcons)
+      }
+      if (!req.accepts('text/html')) {
+        res.status(200).type('text/plain').send('Success')
+      } else {
+        res.redirect(url)
+      }
+    })
+  }
 }

lib/app.js

@@ -327,12 +327,9 @@ function App () {
   app.post('/sparql', requirePublicLogin, bodyParser.urlencoded({ extended: true }), sparql)
 
   // Manage Submissions Endpoints
-  app.post(
-    '/public/:collectionId/:displayId/:version/icon',
-    requireUser,
-    uploadToMemory.single('collectionIcon'),
-    actions.updateCollectionIcon
-  )
+  app.get('/public/:collectionId/:displayId/:version/icon', actions.updateCollectionIcon)
+  app.post('/public/:collectionId/:displayId/:version/icon', requireUser, uploadToMemory.single('collectionIcon'),
+    actions.updateCollectionIcon)
 
   app.get('/public/:collectionId/:displayId/:version/removeCollection', requireAdmin, actions.removeCollection)
   app.get('/public/:collectionId/:displayId/:version/remove', requireAdmin, actions.remove)