Merge pull request #1608 from SynBioHub/preventCircColl

Prevent circular collections
SynBioHub · Jan 29, 2025 · 544350e · 544350e
2 parents 76fd7db + 46c6df6
commit 544350e
Showing 1 changed file with 21 additions and 1 deletion.
diff --git a/lib/views/addToCollection.js b/lib/views/addToCollection.js
@@ -3,6 +3,7 @@ const pug = require('pug')
 const config = require('../config')
 const sparql = require('../sparql/sparql')
 const getOwnedBy = require('../query/ownedBy')
+const getUrisFromReq = require('../getUrisFromReq')
 
 module.exports = function (req, res) {
   req.setTimeout(0) // no timeout
@@ -18,11 +19,16 @@ module.exports = function (req, res) {
       }
     }
 
+    const { uri } = getUrisFromReq(req, res)
+
     return sparql.queryJson(collectionQuery, req.user.graphUri).then((collections) => {
-      collections.map((result) => {
+      collections = collections.filter((result) => {
+        return result.subject !== uri
+      }).map((result) => {
         result.uri = result.subject
         result.name = result.name ? result.name : result.uri.toString()
         delete result.subject
+        return result
       })
       collections.sort(sortByNames)
 
@@ -64,6 +70,20 @@ module.exports = function (req, res) {
       memberUri = memberUri.replace('/user/', config.get('databasePrefix') + 'user/')
     }
 
+    if (memberUri === uri) {
+      if (!req.accepts('text/html')) {
+        return res.status(400).type('text/plain').send('Cannot make a collection a member of itself')
+      } else {
+        const locals = {
+          config: config.get(),
+          section: 'errors',
+          user: req.user,
+          errors: [ 'Cannot make a collection a member of itself' ]
+        }
+        return res.status(400).send(pug.renderFile('templates/views/errors/errors.jade', locals))
+      }
+    }
+
     var templateParams = {
       uri: uri,
       memberUri: memberUri