improvements to search, fixing issue #1

public/javascripts/note_tree.js

@@ -200,7 +200,7 @@ const noteTree = (function() {
         return noteList;
     }
 
-    async function activateNode(notePath) {
+    async function expandToNote(notePath, expandOpts) {
         assertArguments(notePath);
 
         const runPath = getRunPath(notePath);
@@ -213,14 +213,22 @@ const noteTree = (function() {
             const node = getNodesByNoteId(childNoteId).find(node => node.data.parent_note_id === parentNoteId);
 
             if (childNoteId === noteId) {
-                await node.setActive();
+                return node;
             }
             else {
-                await node.setExpanded();
+                await node.setExpanded(true, expandOpts);
             }
 
             parentNoteId = childNoteId;
         }
+    }
+
+    async function activateNode(notePath) {
+        assertArguments(notePath);
+
+        const node = await expandToNote(notePath);
+
+        await node.setActive();
 
         clearSelectedNodes();
     }
@@ -841,6 +849,7 @@ const noteTree = (function() {
         setNoteTreeBackgroundBasedOnProtectedStatus,
         setProtected,
         getCurrentNode,
+        expandToNote,
         activateNode,
         getCurrentNotePath,
         getNoteTitle,

public/javascripts/search_tree.js

@@ -30,7 +30,7 @@ const searchTree = (function() {
         return treeEl.fancytree('getTree');
     }
 
-    searchInputEl.keyup(e => {
+    searchInputEl.keyup(async e => {
         const searchText = searchInputEl.val();
 
         if (e && e.which === $.ui.keyCode.ESCAPE || $.trim(searchText) === "") {
@@ -39,12 +39,14 @@ const searchTree = (function() {
         }
 
         if (e && e.which === $.ui.keyCode.ENTER) {
-            server.get('notes?search=' + searchText).then(resp => {
+            const noteIds = await server.get('notes?search=' + encodeURIComponent(searchText));
-                // Pass a string to perform case insensitive matching
+
-                getTree().filterBranches(node => {
+            for (const noteId of noteIds) {
-                    return resp.includes(node.data.note_id);
+                await noteTree.expandToNote(noteId, {noAnimation: true, noEvents: true});
-                });
+            }
-            });
+
+            // Pass a string to perform case insensitive matching
+            getTree().filterBranches(node => noteIds.includes(node.data.note_id));
         }
     }).focus();
 

routes/api/notes.js

@@ -6,6 +6,7 @@ const auth = require('../../services/auth');
 const sql = require('../../services/sql');
 const notes = require('../../services/notes');
 const log = require('../../services/log');
+const utils = require('../../services/utils');
 const protected_session = require('../../services/protected_session');
 const data_encryption = require('../../services/data_encryption');
 const tree = require('../../services/tree');
@@ -59,17 +60,13 @@ router.put('/:noteId', auth.checkApiAuth, wrap(async (req, res, next) => {
 }));
 
 router.get('/', auth.checkApiAuth, wrap(async (req, res, next) => {
-    const search = '%' + req.query.search + '%';
+    const search = '%' + utils.sanitizeSql(req.query.search) + '%';
 
-    const result = await sql.getAll("SELECT note_id FROM notes WHERE note_title LIKE ? OR note_text LIKE ?", [search, search]);
+    // searching in protected notes is pointless because of encryption
+    const noteIds = await sql.getFirstColumn(`SELECT note_id FROM notes 
+              WHERE is_deleted = 0 AND is_protected = 0 AND (note_title LIKE ? OR note_text LIKE ?)`, [search, search]);
 
-    const noteIdList = [];
+    res.send(noteIds);
-
-    for (const res of result) {
-        noteIdList.push(res.note_id);
-    }
-
-    res.send(noteIdList);
 }));
 
 router.put('/:noteId/sort', auth.checkApiAuth, wrap(async (req, res, next) => {