const { Controller } = require('libflitter') const Validator = require('email-validator') const path = require('path') class ProfileController extends Controller { static get services() { return [...super.services, 'models', 'utility'] } async fetch(req, res, next) { const User = this.models.get('auth:User') let user if ( req.params.user_id === 'me' ) user = req.user else { // if not me, verify that user can view profile if ( !req.user.can(`profile:view:${req.params.user_id}`) ) return res.status(401).api() user = await User.findById(req.params.user_id) } return res.api({ first_name: user.first_name, last_name: user.last_name, email: user.email, uid: user.uid, tagline: user.tagline, user_id: user.id, }) } async update(req, res, next) { const User = this.models.get('auth:User') let user if ( req.params.user_id === 'me' ) user = req.user else { // If not me, verify that user can modify profile if ( !req.user.can(`profile:update:${req.params.user_id}`) ) return res.status(401).api() user = await User.findById(req.params.user_id) } if ( !user ) return res.status(404) .message('No user found with the specified ID.') .api() // Make sure the required fields are provided const required_fields = ['first_name', 'last_name', 'email'] for ( const field of required_fields ) { if ( !req.body[field]?.trim() ) return res.status(400) .message(`Required field "${field}" is missing or invalid.`) .api() } // Validate the e-mail if ( !Validator.validate(req.body.email) ) return res.status(400) .message(`"email" field must be a valid e-mail address.`) .api() // Update the user's profile user.first_name = req.body.first_name user.last_name = req.body.last_name user.email = req.body.email user.tagline = req.body.tagline // Save the record await user.save() return res.api() } async update_photo(req, res, next) { const User = this.models.get('auth:User') let user if ( req.params.user_id === 'me' ) user = req.user else user = await User.findById(req.params.user_id) if ( !user ) return res.status(404) .message('No user found with the specified ID.') .api() if ( !req?.uploads?.photo ) return res.status(400) .message('Missing required field: file') .api() user.photo_file_id = req.uploads.photo.id await user.save() return res.api() } async get_photo(req, res, next) { const User = this.models.get('auth:User') let user if ( req.params.user_id === 'me' ) user = req.user else user = await User.findById(req.params.user_id) if ( !user ) return res.status(404) .message('No user found with the specified ID.') .api() const photo = await user.photo() if ( photo ) return photo.send(res) // The user does not have a profile. Send the default. return res.sendFile(this.utility.path('app/assets/people.png')) } } module.exports = exports = ProfileController