Create data injection middleware and start centralizing lookups
All checks were successful
continuous-integration/drone/push Build is passing
continuous-integration/drone Build is passing

This commit is contained in:
Garrett Mills 2020-11-11 13:54:20 -06:00
parent 9df5f2d5f4
commit 42b7ccad7f
Signed by: garrettmills
GPG Key ID: D2BF5FBA8298F246
7 changed files with 250 additions and 290 deletions

View File

@ -15,16 +15,7 @@ class File extends Controller {
} }
async create_config(req, res) { async create_config(req, res) {
const PageId = req.params.PageId const { page, node } = req.form
let page = await Page.findOne({UUID: PageId})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
const NodeId = req.params.NodeId
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const group = new FileGroup({ const group = new FileGroup({
NodeId: node.UUID, NodeId: node.UUID,
@ -47,70 +38,30 @@ class File extends Controller {
} }
async get_config(req, res) { async get_config(req, res) {
const PageId = req.params.PageId const { page, node, file_group } = req.form
let page = await Page.findOne({UUID: PageId})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user)) ) return req.security.deny()
const NodeId = req.params.NodeId
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const group = await FileGroup.findOne({UUID: req.params.FilesId})
if ( !group ) return res.status(404).message('Invalid file group.').api({})
// if ( !group.accessible_by(req.user) ) return req.security.deny()
const File = this.models.get('upload::File') const File = this.models.get('upload::File')
const files = await File.find({_id: {$in: group.FileIds.map(x => ObjectId(x))}}) file_group.files = await File.find({_id: {$in: file_group.FileIds.map(x => ObjectId(x))}})
group.files = files
return res.api(group) return res.api(file_group)
} }
async save_upload(req, res) { async save_upload(req, res) {
const PageId = req.params.PageId const { page, node, file_group } = req.form
let page = await Page.findOne({UUID: PageId})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
const NodeId = req.params.NodeId
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const group = await FileGroup.findOne({UUID: req.params.FilesId})
if ( !group ) return res.status(404).message('Invalid file group.').api({})
// if ( !group.accessible_by(req.user) ) return req.security.deny()
let file_name = '' let file_name = ''
if ( req.uploads.uploaded_file ) { if ( req.uploads.uploaded_file ) {
group.FileIds.push(req.uploads.uploaded_file.id) file_group.FileIds.push(req.uploads.uploaded_file.id)
} }
await group.version_save(`Added file${file_name ? ' "'+file_name+'"' : ''}`, req.user.id) await file_group.version_save(`Added file${file_name ? ' "'+file_name+'"' : ''}`, req.user.id)
return res.redirect(req.body.redirectTo ? req.body.redirectTo : '/') return res.redirect(req.body.redirectTo ? req.body.redirectTo : '/')
} }
async download(req, res) { async download(req, res) {
const PageId = req.params.PageId const { page, node, file_group } = req.form
let page = await Page.findOne({UUID: PageId}) if ( !file_group.FileIds.includes(req.params.FileId) ) {
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user)) ) return req.security.deny()
const NodeId = req.params.NodeId
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const group = await FileGroup.findOne({UUID: req.params.FilesId})
if ( !group ) return res.status(404).message('Invalid file group.').api({})
// if ( !group.accessible_by(req.user) ) return req.security.deny()
if ( !group.FileIds.includes(req.params.FileId) ) {
return req.security.deny() return req.security.deny()
} }
@ -122,22 +73,9 @@ class File extends Controller {
} }
async delete_group(req, res) { async delete_group(req, res) {
const PageId = req.params.PageId const { page, node, file_group } = req.form
let page = await Page.findOne({UUID: PageId}) await file_group.delete()
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
const NodeId = req.params.NodeId
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const group = await FileGroup.findOne({UUID: req.params.FilesId})
if ( !group ) return res.status(404).message('Invalid file group.').api({})
// if ( !group.accessible_by(req.user) ) return req.security.deny()
await group.delete()
return res.api({}) return res.api({})
} }
} }

View File

@ -1,7 +1,5 @@
const Controller = require('libflitter/controller/Controller') const Controller = require('libflitter/controller/Controller')
const Codium = require('../../../models/api/Codium.model') const Codium = require('../../../models/api/Codium.model')
const Page = require('../../../models/api/Page.model')
const Node = require('../../../models/api/Node.model')
/* /*
* FormCode Controller * FormCode Controller
@ -11,16 +9,7 @@ const Node = require('../../../models/api/Node.model')
class FormCode extends Controller { class FormCode extends Controller {
async create_new(req, res) { async create_new(req, res) {
const PageId = req.params.PageId const { page, node } = req.form
let page = await Page.findOne({UUID: PageId})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
const NodeId = req.params.NodeId
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const code = new Codium({ const code = new Codium({
NodeId: node.UUID, NodeId: node.UUID,
@ -48,63 +37,25 @@ class FormCode extends Controller {
} }
async get_config(req, res) { async get_config(req, res) {
const PageId = req.params.PageId return res.api(req.form.codium)
let page = await Page.findOne({UUID: PageId})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user)) ) return req.security.deny()
const NodeId = req.params.NodeId
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const code = await Codium.findOne({UUID: req.params.CodiumId})
if ( !code ) return res.status(404).message('Unable to find code with that ID.').api({})
return res.api(code)
} }
async set_values(req, res) { async set_values(req, res) {
const PageId = req.params.PageId const { page, node, codium } = req.form
let page = await Page.findOne({UUID: PageId}) codium.code = req.body.code
if ( !page ) return res.status(404).message('Page not found with that ID.').api({}) codium.Language = req.body.Language
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny() codium.NodeId = node.UUID
codium.PageId = page.UUID
const NodeId = req.params.NodeId await codium.version_save(`Updated in page "${page.Name}"`, req.user.id)
return res.api(codium)
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const code = await Codium.findOne({UUID: req.params.CodiumId})
if ( !code ) return res.status(404).message('Unable to find code with that ID.').api({})
code.code = req.body.code
code.Language = req.body.Language
code.NodeId = node.UUID
code.PageId = page.UUID
await code.version_save(`Updated in page "${page.Name}"`, req.user.id)
return res.api(code)
} }
async drop_code(req, res) { async drop_code(req, res) {
const PageId = req.params.PageId const { codium } = req.form
let page = await Page.findOne({UUID: PageId}) codium.Active = false
if ( !page ) return res.status(404).message('Page not found with that ID.').api({}) await codium.version_save(`Deleted`, req.user.id)
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
const NodeId = req.params.NodeId
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const code = await Codium.findOne({UUID: req.params.CodiumId})
if ( !code ) return res.status(404).message('Unable to find code with that ID.').api({})
code.Active = false
await code.version_save(`Deleted`, req.user.id)
return res.api({}) return res.api({})
} }
} }

View File

@ -1,6 +1,4 @@
const Controller = require('libflitter/controller/Controller') const Controller = require('libflitter/controller/Controller')
const Page = require('../../../models/api/Page.model')
const Node = require('../../../models/api/Node.model')
const Database = require('../../../models/api/db/Database.model') const Database = require('../../../models/api/db/Database.model')
const ColumnDef = require('../../../models/api/db/ColumnDef.model') const ColumnDef = require('../../../models/api/db/ColumnDef.model')
const DBEntry = require('../../../models/api/db/DBEntry.model') const DBEntry = require('../../../models/api/db/DBEntry.model')
@ -13,16 +11,7 @@ const DBEntry = require('../../../models/api/db/DBEntry.model')
class FormDatabase extends Controller { class FormDatabase extends Controller {
async create_new(req, res) { async create_new(req, res) {
const PageId = req.params.PageId const { page, node } = req.form
let page = await Page.findOne({UUID: PageId})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
const NodeId = req.params.NodeId
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const db = new Database({ const db = new Database({
Name: req.body.name || req.body.Name || 'New Database', Name: req.body.name || req.body.Name || 'New Database',
@ -46,43 +35,16 @@ class FormDatabase extends Controller {
} }
async get_config(req, res) { async get_config(req, res) {
const PageId = req.params.PageId const { page, node, database } = req.form
let page = await Page.findOne({UUID: PageId}) return res.api(database)
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user)) ) return req.security.deny()
const NodeId = req.params.NodeId
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const DatabaseId = req.params.DatabaseId
const db = await Database.findOne({UUID: DatabaseId})
if ( !db ) return res.status(404).message('Database not found with that ID.').api({})
// if ( !db.accessible_by(req.user) ) return req.security.deny()
return res.api(db)
} }
async get_columns(req, res) { async get_columns(req, res) {
const PageId = req.params.PageId const { page, node, database } = req.form
let page = await Page.findOne({UUID: PageId})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user)) ) return req.security.deny()
const NodeId = req.params.NodeId
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const DatabaseId = req.params.DatabaseId
const db = await Database.findOne({UUID: DatabaseId})
if ( !db ) return res.status(404).message('Database not found with that ID.').api({})
const columns = [] const columns = []
for ( const col_id of db.ColumnIds ) { for ( const col_id of database.ColumnIds ) {
const rec = await ColumnDef.findOne({UUID: col_id}) const rec = await ColumnDef.findOne({UUID: col_id})
if ( rec ) { if ( rec ) {
rec.additionalData = rec.data() rec.additionalData = rec.data()
@ -92,7 +54,7 @@ class FormDatabase extends Controller {
// Fallback for backwards compat // Fallback for backwards compat
if ( columns.length < 1 ) { if ( columns.length < 1 ) {
return res.api((await ColumnDef.find({DatabaseId: db.UUID})).map(x => { return res.api((await ColumnDef.find({DatabaseId: database.UUID})).map(x => {
x.additionalData = x.data() x.additionalData = x.data()
return x return x
})) }))
@ -108,50 +70,22 @@ class FormDatabase extends Controller {
.api() .api()
} }
const PageId = req.params.PageId const { page, node, database } = req.form
let page = await Page.findOne({UUID: PageId}) if ( req.body.Name !== database.Name ) {
if ( !page ) return res.status(404).message('Page not found with that ID.').api({}) database.Name = req.body.Name
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny() await database.version_save(`Changed database name to "${req.body.Name}"`, req.user.id)
const NodeId = req.params.NodeId
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const DatabaseId = req.params.DatabaseId
const db = await Database.findOne({UUID: DatabaseId})
if ( !db ) return res.status(404).message('Database not found with that ID.').api({})
// if ( !db.accessible_by(req.user, 'update') ) return req.security.deny()
if ( req.body.Name !== db.Name ) {
db.Name = req.body.Name
await db.version_save(`Changed database name to "${req.body.Name}"`, req.user.id)
} else { } else {
await db.save() await database.save()
} }
return res.api(db) return res.api(database)
} }
async set_columns(req, res) { async set_columns(req, res) {
const PageId = req.params.PageId const { page, node, database } = req.form
let page = await Page.findOne({UUID: PageId}) const existing_columns = await ColumnDef.find({ DatabaseId: database.UUID })
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
const NodeId = req.params.NodeId
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const DatabaseId = req.params.DatabaseId
const db = await Database.findOne({UUID: DatabaseId})
if ( !db ) return res.status(404).message('Database not found with that ID.').api({})
// if ( !db.accessible_by(req.user, 'update') ) return req.security.deny()
const existing_columns = await ColumnDef.find({ DatabaseId: db.UUID })
const assoc_columns = [] const assoc_columns = []
existing_columns.forEach(col => assoc_columns[col.UUID] = col) existing_columns.forEach(col => assoc_columns[col.UUID] = col)
@ -160,7 +94,7 @@ class FormDatabase extends Controller {
if ( col.UUID && assoc_columns[col.UUID] ) { if ( col.UUID && assoc_columns[col.UUID] ) {
assoc_columns[col.UUID].headerName = col.headerName assoc_columns[col.UUID].headerName = col.headerName
assoc_columns[col.UUID].field = col.field assoc_columns[col.UUID].field = col.field
assoc_columns[col.UUID].DatabaseId = db.UUID assoc_columns[col.UUID].DatabaseId = database.UUID
assoc_columns[col.UUID].Type = col.Type assoc_columns[col.UUID].Type = col.Type
assoc_columns[col.UUID].additionalData = JSON.stringify(col.additionalData) assoc_columns[col.UUID].additionalData = JSON.stringify(col.additionalData)
await assoc_columns[col.UUID].version_save(`Updated in page "${page.Name}"`, req.user.id) await assoc_columns[col.UUID].version_save(`Updated in page "${page.Name}"`, req.user.id)
@ -169,7 +103,7 @@ class FormDatabase extends Controller {
const new_col = new ColumnDef({ const new_col = new ColumnDef({
headerName: col.headerName, headerName: col.headerName,
field: col.field, field: col.field,
DatabaseId: db.UUID, DatabaseId: database.UUID,
Type: col.Type, Type: col.Type,
additionalData: JSON.stringify(col.additionalData), additionalData: JSON.stringify(col.additionalData),
}) })
@ -193,62 +127,34 @@ class FormDatabase extends Controller {
} }
const new_cols = update_columns.map(x => x.UUID) const new_cols = update_columns.map(x => x.UUID)
const no_updates = (new_cols.length === db.ColumnIds.length) && (new_cols.every(val => db.ColumnIds.includes(val))); const no_updates = (new_cols.length === database.ColumnIds.length) && (new_cols.every(val => database.ColumnIds.includes(val)));
if ( !no_updates ) { if ( !no_updates ) {
db.ColumnIds = new_cols database.ColumnIds = new_cols
await db.version_save('Updated columns', req.user.id) await database.version_save('Updated columns', req.user.id)
} else { } else {
await db.save() await database.save()
} }
return res.api(update_columns) return res.api(update_columns)
} }
async get_data(req, res) { async get_data(req, res) {
const PageId = req.params.PageId const { page, node, database } = req.form
let page = await Page.findOne({UUID: PageId}) const entries = await DBEntry.find({DatabaseId: database.UUID})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user)) ) return req.security.deny()
const NodeId = req.params.NodeId
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const DatabaseId = req.params.DatabaseId
const db = await Database.findOne({UUID: DatabaseId})
if ( !db ) return res.status(404).message('Database not found with that ID.').api({})
// if ( !db.accessible_by(req.user) ) return req.security.deny()
const entries = await DBEntry.find({DatabaseId: db.UUID})
entries.forEach(entry => entry.RowData.UUID = entry.UUID) entries.forEach(entry => entry.RowData.UUID = entry.UUID)
return res.api(entries) return res.api(entries)
} }
async set_data(req, res) { async set_data(req, res) {
const PageId = req.params.PageId const { page, node, database } = req.form
let page = await Page.findOne({UUID: PageId}) await DBEntry.deleteMany({DatabaseId: database.UUID})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
const NodeId = req.params.NodeId
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const DatabaseId = req.params.DatabaseId
const db = await Database.findOne({UUID: DatabaseId})
if ( !db ) return res.status(404).message('Database not found with that ID.').api({})
// if ( !db.accessible_by(req.user) ) return req.security.deny()
await DBEntry.deleteMany({DatabaseId: db.UUID})
const new_recs = [] const new_recs = []
for ( const rec of req.body ) { for ( const rec of req.body ) {
const data = {DatabaseId: db.UUID} const data = {DatabaseId: database.UUID}
if ( rec.UUID ) data.UUID = rec.UUID if ( rec.UUID ) data.UUID = rec.UUID
delete rec.UUID delete rec.UUID
data.RowData = rec data.RowData = rec
@ -259,30 +165,16 @@ class FormDatabase extends Controller {
new_recs.push(dbe) new_recs.push(dbe)
} }
await db.version_save('Updated data', req.user.id) await database.version_save('Updated data', req.user.id)
return res.api(await this._set_indices(db, new_recs)) return res.api(await this._set_indices(database, new_recs))
} }
async drop_database(req, res) { async drop_database(req, res) {
const PageId = req.params.PageId const { page, node, database } = req.form
let page = await Page.findOne({UUID: PageId}) await DBEntry.deleteMany({DatabaseId: database.UUID})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({}) await database.version_save('Deleted', req.user.id)
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny() await database.delete()
const NodeId = req.params.NodeId
let node = await Node.findOne({UUID: NodeId})
if ( !node ) return res.status(404).message('Node not found with that ID.').api({})
const DatabaseId = req.params.DatabaseId
const db = await Database.findOne({UUID: DatabaseId})
if ( !db ) return res.status(404).message('Database not found with that ID.').api({})
// if ( !db.accessible_by(req.user) ) return req.security.deny()
await DBEntry.deleteMany({DatabaseId: db.UUID})
await db.version_save('Deleted', req.user.id)
await db.delete()
return res.api({}) return res.api({})
} }

View File

@ -0,0 +1,110 @@
const { Middleware } = require('libflitter')
class DataInjectionMiddleware extends Middleware {
static get services() {
return [...super.services, 'models']
}
// manage, update, view
async test(req, res, next, { access_level = 'view' }) {
if ( !req.user ) {
return res.status(401)
.message('Unauthenticated session.')
.api()
}
if ( !req.form ) req.form = {}
// Try to load in the page
if ( !req.params.PageId ) return next()
const Page = this.models.get('api:Page')
const page = await Page.findOne({ UUID: req.params.PageId })
if ( !page ) {
return res.status(404)
.message('Invalid page ID.')
.api()
}
// Make sure the user has access to the given page
if ( !(await page.is_accessible_by(req.user, access_level)) ) {
return res.status(401).api()
}
req.form.page = page
// Try to load in the node
if ( req.params.NodeId ) {
const Node = this.models.get('api:Node')
const node = await Node.findOne({ UUID: req.params.NodeId })
if ( !node || !page.NodeIds.includes(node.UUID) ) {
return res.status(404)
.message('Invalid node ID.')
.api()
}
req.form.node = node
}
// Try to load in the code snippets
if ( req.params.CodiumId ) {
const Codium = this.models.get('api:Codium')
const codium = await Codium.findOne({
UUID: req.params.CodiumId,
Active: true,
PageId: req.params.PageId,
...(req.form.node ? {NodeId: req.form.node.UUID} : {}),
})
if ( !codium ) {
return res.status(404)
.message('Invalid code snippet ID.')
.api()
}
req.form.codium = codium
}
// Try to load in the database
if ( req.params.DatabaseId ) {
const Database = this.models.get('api:db:Database')
const database = await Database.findOne({
UUID: req.params.DatabaseId,
Active: true,
PageId: req.params.PageId,
...(req.form.node ? {NodeId: req.form.node.UUID} : {}),
})
if ( !database ) {
return res.status(404)
.message('Invalid database ID.')
.api()
}
req.form.database = database
}
// Try to load in the file group
if ( req.params.FilesId ) {
const FileGroup = this.models.get('api:FileGroup')
const file_group = await FileGroup.findOne({
UUID: req.params.FilesId,
PageId: req.params.PageId,
...(req.form.node ? {NodeId: req.form.node.UUID} : {}),
})
if ( !file_group ) {
return res.status(404)
.message('Invalid file group ID.')
.api()
}
req.form.file_group = file_group
}
return next()
}
}
module.exports = exports = DataInjectionMiddleware

View File

@ -6,17 +6,33 @@ module.exports = exports = {
get: { get: {
// Get the code ref node config for the specified code editor // Get the code ref node config for the specified code editor
'/:PageId/:NodeId/get/:CodiumId': ['middleware::auth:ApiRoute', 'controller::api:v1:FormCode.get_config'], '/:PageId/:NodeId/get/:CodiumId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'view' }],
'controller::api:v1:FormCode.get_config',
],
}, },
post: { post: {
// Create a new code ref config // Create a new code ref config
'/:PageId/:NodeId/create': ['middleware::auth:ApiRoute', 'controller::api:v1:FormCode.create_new'], '/:PageId/:NodeId/create': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:FormCode.create_new',
],
// Set the data for the specified code ref // Set the data for the specified code ref
'/:PageId/:NodeId/set/:CodiumId': ['middleware::auth:ApiRoute', 'controller::api:v1:FormCode.set_values'], '/:PageId/:NodeId/set/:CodiumId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:FormCode.set_values',
],
// delete the specified code ref // delete the specified code ref
'/:PageId/:NodeId/delete/:CodiumId': ['middleware::auth:ApiRoute', 'controller::api:v1:FormCode.drop_code'], '/:PageId/:NodeId/delete/:CodiumId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:FormCode.drop_code',
],
}, },
} }

View File

@ -6,29 +6,61 @@ module.exports = exports = {
get: { get: {
// Get the database ref node config for the specified database // Get the database ref node config for the specified database
'/:PageId/:NodeId/get/:DatabaseId': ['middleware::auth:ApiRoute', 'controller::api:v1:FormDatabase.get_config'], '/:PageId/:NodeId/get/:DatabaseId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'view' }],
'controller::api:v1:FormDatabase.get_config',
],
// Get the column config records for the specified database // Get the column config records for the specified database
'/:PageId/:NodeId/get/:DatabaseId/columns': [ 'middleware::auth:ApiRoute', 'controller::api:v1:FormDatabase.get_columns' ], '/:PageId/:NodeId/get/:DatabaseId/columns': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'view' }],
'controller::api:v1:FormDatabase.get_columns',
],
// Get the row records for the specified database // Get the row records for the specified database
'/:PageId/:NodeId/get/:DatabaseId/data': [ 'middleware::auth:ApiRoute', 'controller::api:v1:FormDatabase.get_data' ], '/:PageId/:NodeId/get/:DatabaseId/data': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'view' }],
'controller::api:v1:FormDatabase.get_data',
],
}, },
post: { post: {
// Create a new database ref config // Create a new database ref config
'/:PageId/:NodeId/create': ['middleware::auth:ApiRoute', 'controller::api:v1:FormDatabase.create_new'], '/:PageId/:NodeId/create': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:FormDatabase.create_new',
],
// Set the column configs for a database ref // Set the column configs for a database ref
'/:PageId/:NodeId/set/:DatabaseId/columns': [ 'middleware::auth:ApiRoute', 'controller::api:v1:FormDatabase.set_columns' ], '/:PageId/:NodeId/set/:DatabaseId/columns': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:FormDatabase.set_columns',
],
// Set the database name // Set the database name
'/:PageId/:NodeId/set/:DatabaseId/Name': [ 'middleware::auth:ApiRoute', 'controller::api:v1:FormDatabase.set_name' ], '/:PageId/:NodeId/set/:DatabaseId/Name': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:FormDatabase.set_name',
],
// Delete the specified database ref // Delete the specified database ref
'/:PageId/:NodeId/drop/:DatabaseId': [ 'middleware::auth:ApiRoute', 'controller::api:v1:FormDatabase.drop_database' ], '/:PageId/:NodeId/drop/:DatabaseId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:FormDatabase.drop_database',
],
// Set the row data for the specified database ref // Set the row data for the specified database ref
'/:PageId/:NodeId/set/:DatabaseId/data': ['middleware::auth:ApiRoute', 'controller::api:v1:FormDatabase.set_data'], '/:PageId/:NodeId/set/:DatabaseId/data': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:FormDatabase.set_data',
],
}, },
} }

View File

@ -6,21 +6,42 @@ module.exports = exports = {
get: { get: {
// Get the file ref node config for the specified file ref // Get the file ref node config for the specified file ref
'/:PageId/:NodeId/get/:FilesId': ['middleware::auth:ApiRoute', 'controller::api:v1:File.get_config'], '/:PageId/:NodeId/get/:FilesId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'view' }],
'controller::api:v1:File.get_config',
],
// Download the specified file ID from the specified file ref node // Download the specified file ID from the specified file ref node
'/:PageId/:NodeId/get/:FilesId/:FileId': ['middleware::auth:ApiRoute', 'controller::api:v1:File.download'], '/:PageId/:NodeId/get/:FilesId/:FileId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'view' }],
'controller::api:v1:File.download',
],
}, },
post: { post: {
// FIXME - files, not file. Fix in front-end! // FIXME - files, not file. Fix in front-end!
// Upload the file in the 'uploaded_file' key to the specified file ref node // Upload the file in the 'uploaded_file' key to the specified file ref node
'/file/upload/:PageId/:NodeId/:FilesId': ['middleware::auth:ApiRoute', 'middleware::upload:UploadFile', 'controller::api:v1:File.save_upload'], '/file/upload/:PageId/:NodeId/:FilesId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'middleware::upload:UploadFile',
'controller::api:v1:File.save_upload',
],
// Create a new file ref node // Create a new file ref node
'/:PageId/:NodeId/create': ['middleware::auth:ApiRoute', 'controller::api:v1:File.create_config'], '/:PageId/:NodeId/create': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:File.create_config',
],
// Delete a file ref node and its files // Delete a file ref node and its files
'/:PageId/:NodeId/delete/:FilesId': ['middleware::auth:ApiRoute', 'controller::api:v1:File.delete_group'], '/:PageId/:NodeId/delete/:FilesId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:File.delete_group',
],
}, },
} }