Noded
/
backend
3
0
Fork 0
Code Issues 19 Pull Requests Releases Wiki Activity

Finish cleaning up backend to use data injection MW
continuous-integration/drone/push Build is passing Details
continuous-integration/drone Build is passing Details

Browse Source
master
Garrett Mills 4 years ago
parent 42b7ccad7f
commit c569840618
Signed by: garrettmills
GPG Key ID: D2BF5FBA8298F246
2 changed files with 59 additions and 60 deletions
Show Stats Download Patch File Download Diff File

61
app/controllers/api/v1/Page.controller.js
Unescape View File

@ -13,13 +13,7 @@ class Page extends Controller {
}
async revert_version(req, res, next) {
const PageId = req.params.PageId
const user = req.user
let page = await PageModel.findOne({UUID: PageId})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(user)) ) return req.security.deny()
const { page } = req.form
const level = await page.access_level_for(req.user)
if ( !req.body.version_num ) {
@ -46,13 +40,7 @@ class Page extends Controller {
async get_page_versions(req, res, next) {
const User = this.models.get('auth:User')
const PageId = req.params.PageId
const user = req.user
let page = await PageModel.findOne({UUID: PageId})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(user)) ) return req.security.deny()
const { page } = req.form
const versions = page.version_archive.map(version_data => {
return {
@ -73,13 +61,9 @@ class Page extends Controller {
}
async get_page(req, res) {
const PageId = req.params.PageId
const user = req.user
let { page } = req.form
let page = await PageModel.findOne({UUID: PageId})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(user)) ) return req.security.deny()
const level = await page.access_level_for(req.user)
const version_num = req.body.version || req.query.version
@ -100,7 +84,9 @@ class Page extends Controller {
const PageId = req.params.PageId
let page;
if ( PageId ) {
if ( req.form.page ) {
page = req.form.page
} else if ( PageId ) {
page = await PageModel.findOne({UUID: PageId})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user, 'update')) ) return res.security.deny()
@ -154,14 +140,7 @@ class Page extends Controller {
}
async get_nodes(req, res) {
const PageId = req.params.PageId
let page;
if ( PageId ) {
page = await PageModel.findOne({UUID: PageId})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user)) ) return req.security.deny()
}
let { page } = req.form
const version_num = req.body.version || req.query.version
if ( version_num ) {
@ -184,11 +163,7 @@ class Page extends Controller {
}
async save_node_to_page(req, res) {
const PageId = req.params.PageId
const page = await PageModel.findOne({UUID: PageId})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user, 'update')) ) return res.security.deny()
const { page } = req.form
const nodes = await Node.find({PageId: page.UUID})
const assoc_nodes = {}
@ -232,14 +207,7 @@ class Page extends Controller {
}
async save_nodes(req, res) {
const PageId = req.params.PageId
let page;
if ( PageId ) {
page = await PageModel.findOne({UUID: PageId})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user, 'update')) ) return req.security.deny()
}
const { page } = req.form
const nodes = await Node.find({PageId: page.UUID})
const assoc_nodes = {}
@ -402,15 +370,8 @@ class Page extends Controller {
}
async delete_page(req, res) {
const PageId = req.params.PageId
let page;
if ( PageId ) {
page = await PageModel.findOne({UUID: PageId})
if ( !page ) return res.status(404).message('Page not found with that ID.').api({})
if ( !(await page.is_accessible_by(req.user, 'manage')) ) return req.security.deny()
if ( page.ParentId === '0' ) return req.security.kickout()
}
const { page } = req.form
if ( page.ParentId === '0' ) return req.security.kickout()
page.Active = false
page.DeletedAt = new Date

58
app/routing/routers/api/v1/page.routes.js
Unescape View File

@ -5,34 +5,72 @@ module.exports = exports = {
get: {
// Get the data for the specified page
'/:PageId': ['middleware::auth:ApiRoute', 'controller::api:v1:Page.get_page'],
'/:PageId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'view' }],
'controller::api:v1:Page.get_page',
],
// Get the available versions of the given page
'/:PageId/versions': ['middleware::auth:ApiRoute', 'controller::api:v1:Page.get_page_versions'],
'/:PageId/versions': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'view' }],
'controller::api:v1:Page.get_page_versions',
],
// Get the nodes present on the specified page
'/:PageId/nodes': ['middleware::auth:ApiRoute', 'controller::api:v1:Page.get_nodes'],
'/:PageId/nodes': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'view' }],
'controller::api:v1:Page.get_nodes',
],
},
post: {
// Save the data for the specified page
'/:PageId/save': ['middleware::auth:ApiRoute', 'controller::api:v1:Page.save_page'],
'/:PageId/save': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:Page.save_page',
],
// Revert the page to a previous version
'/:PageId/versions/revert': ['middleware::auth:ApiRoute', 'controller::api:v1:Page.revert_version'],
'/:PageId/versions/revert': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'manage' }],
'controller::api:v1:Page.revert_version',
],
// Save the node data for the specified page
'/:PageId/nodes/save': ['middleware::auth:ApiRoute', 'controller::api:v1:Page.save_nodes'],
'/:PageId/nodes/save': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:Page.save_nodes',
],
'/:PageId/nodes/save_one': ['middleware::auth:ApiRoute', 'controller::api:v1:Page.save_node_to_page'],
'/:PageId/nodes/save_one': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'update' }],
'controller::api:v1:Page.save_node_to_page',
],
// Create a new page in the personal root
'/create': ['middleware::auth:ApiRoute', 'controller::api:v1:Page.create_top_level'],
'/create': [
'middleware::auth:ApiRoute',
'controller::api:v1:Page.create_top_level',
],
// Create a new page as a child of the specified page
'/create-child': ['middleware::auth:ApiRoute', 'controller::api:v1:Page.create_child'],
'/create-child': [
'middleware::auth:ApiRoute',
'controller::api:v1:Page.create_child',
],
// Delete the specified page
'/delete/:PageId': ['middleware::auth:ApiRoute', 'controller::api:v1:Page.delete_page'],
'/delete/:PageId': [
'middleware::auth:ApiRoute',
['middleware::api:DataInjection', { access_level: 'manage' }],
'controller::api:v1:Page.delete_page',
],
},
}

Write Preview
Loading…
Cancel
Save