garrettmills/devbug
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

finish snippets

Browse Source
This commit is contained in:
Garrett Mills
2019-07-24 12:05:27 -05:00
parent 5bff5407a5
commit c00a05262d
10 changed files with 196 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
app/controllers/api/v1.controller.js
View File

@@ -6,6 +6,20 @@
const Out = _flitter.model('v1:Out')
const Project = _flitter.model('v1:Project')
const Invite = _flitter.model('v1:Invite')
const Snippet = _flitter.model('v1:Snippet')
const share_api = {
project: Project,
snippet: Snippet,
}
const share_views = {
project: async function(item){
return '/dash/v1/project/view/'+item.id
},
snippet: async function(item){
const project = await Project.findById(item.project_id);
return '/dash/v1/project/snippet/'+project.id+'/view/'+item.uuid
},
}
class v1 {
/*
@@ -74,8 +88,9 @@ class v1 {
if ( invite.used ) _flitter.error(res, 401, {reason: 'This invitation link has been used or has expired.'})
const project = await Project.findById(invite.project_id)
if ( !project ) _flitter.error(res, 404, {reason: 'This project no longer exists.'})
const share_model = share_api[invite.api_type];
const project = await share_model.findById(invite.project_id)
if ( !project ) _flitter.error(res, 404, {reason: 'This '+invite.api_type+' no longer exists.'})
const user = await _flitter.model('User').findOne({uuid: invite.by_user_id})
if ( !user ) _flitter.error(res, 500, {reason: 'This user no longer exists. Sorry.'})
@@ -89,8 +104,9 @@ class v1 {
if ( invite.used ) _flitter.error(res, 401, {reason: 'This invitation link has been used or has expired.'})
const project = await Project.findById(invite.project_id)
if ( !project ) _flitter.error(res, 404, {reason: 'This project no longer exists.'})
const share_model = share_api[invite.api_type];
const project = await share_model.findById(invite.project_id)
if ( !project ) _flitter.error(res, 404, {reason: 'This '+invite.api_type+' no longer exists.'})
const user = await _flitter.model('User').findOne({uuid: invite.by_user_id})
if ( !user ) _flitter.error(res, 500, {reason: 'This user no longer exists. Sorry.'})
@@ -103,7 +119,7 @@ class v1 {
}
invite.used = true
await invite.save()
return res.redirect('/dash/v1')
return res.redirect(await share_views[invite.api_type](project))
}
else {
req.session.invite = true

126
app/controllers/dash/v1.controller.js
View File

@@ -11,6 +11,15 @@ const share_api = {
project: Project,
snippet: Snippet,
}
const share_views = {
project: async function(item){
return '/dash/v1/project/view/'+item.id
},
snippet: async function(item){
const project = await Project.findById(item.project_id);
return '/dash/v1/project/snippet/'+project.id+'/view/'+item.uuid
},
}
class v1 {
/*
@@ -41,13 +50,18 @@ class v1 {
edit: await Project.find(edit_find),
}
const shared_snippets = {
view: await Snippet.find(view_find),
edit: await Snippet.find(edit_find),
}
/*
* Return the main view.
* It must be passed the response.
* View parameters can be passed as an optional third
* argument to the view() method.
*/
return _flitter.view(res, 'dash_v1:main', { projects, shared_projects, user: req.session.auth.user })
return _flitter.view(res, 'dash_v1:main', { projects, shared_projects, shared_snippets, user: req.session.auth.user })
}
new_project_show(req, res, next){
@@ -61,7 +75,7 @@ class v1 {
}
// check access perms
if ( !devbug.permission.project.edit(project, req.session.auth.user) ){
if ( !await devbug.permission.project.edit(project, req.session.auth.user) ){
return _flitter.error(res, 401, {reason: 'You do not have permissions to edit this project.'})
}
@@ -79,7 +93,7 @@ class v1 {
}
// check access perms
if ( !devbug.permission.project.edit(project, req.session.auth.user) ){
if ( !await devbug.permission.project.edit(project, req.session.auth.user) ){
return _flitter.error(res, 401, {reason: 'You do not have permissions to edit this project.'})
}
@@ -117,12 +131,14 @@ class v1 {
}
const outs = await Out.find({ project_id: project.id }).sort('-created')
const snippets = await Snippet.find({project_id: project.id})
if ( !devbug.permission.project.view(project, req.session.auth.user) ){
if ( !await devbug.permission.project.view(project, req.session.auth.user) ){
return _flitter.error(res, 401, {reason: 'You do not have permission to view this project.'})
}
return _flitter.view(res, 'dash_v1:view', {user: req.session.auth.user, project, outs, show_back: true, title: 'View: '+project.name })
return _flitter.view(res, 'dash_v1:view', {user: req.session.auth.user, snippets, project, outs, show_back: true, title: 'View: '+project.name })
}
async out_view(req, res, next){
@@ -143,7 +159,7 @@ class v1 {
const project = await Project.findById(out.project_id)
if ( !project || (!devbug.permission.project.view(project, req.session.auth.user)) ){
if ( !project || (!await devbug.permission.project.view(project, req.session.auth.user)) ){
return _flitter.error(res, 401, {reason: 'You do not have permission to view this project.'})
}
@@ -154,7 +170,7 @@ class v1 {
const out = await Out.findById(req.params.id)
const project = await Project.findById(req.params.project)
if ( !project || ( !devbug.permission.project.edit(project, req.session.auth.user) ) ){
if ( !project || ( !await devbug.permission.project.edit(project, req.session.auth.user) ) ){
return _flitter.error(res, 401, {reason: 'You do not have permission to edit this project.'})
}
@@ -171,7 +187,7 @@ class v1 {
return _flitter.error(res, 404, {reason: 'Project not found with the specified ID.'})
}
if ( !devbug.permission.project.owns(project, req.session.auth.user) ){
if ( !await devbug.permission.project.owns(project, req.session.auth.user) ){
return _flitter.error(res, 401, {reason: 'You do not have permission to edit this project.'})
}
@@ -181,7 +197,7 @@ class v1 {
async project_delete_do(req, res, next){
const project = await Project.findById(req.params.id)
if ( project && ( !devbug.permission.project.owns(project, req.session.auth.user) ) ){
if ( project && ( !await devbug.permission.project.owns(project, req.session.auth.user) ) ){
return _flitter.error(res, 401, {reason: 'You do not have permission to edit this project.'})
}
@@ -209,7 +225,7 @@ class v1 {
if ( !project ) return _flitter.error(res, 404, {reason: req.params.api+' not found with the specified ID.'})
if ( !devbug.permission.project.owns(project, req.session.auth.user) ) return _flitter.error(res, 401, {reason: 'You do not have permission to edit this '+req.params.api+'.'})
if ( !await devbug.permission[req.params.api].owns(project, req.session.auth.user) ) return _flitter.error(res, 401, {reason: 'You do not have permission to edit this '+req.params.api+'.'})
// Find read-only users
const read_find = {
@@ -258,7 +274,7 @@ class v1 {
const target_user = await _flitter.model('User').findOne({uuid: req.params.user})
if ( !target_user ) return _flitter.error(res, 404, {reason: 'User not found with the specified ID.'})
if ( !devbug.permission.project.owns(project, req.session.auth.user) ) return _flitter.error(res, 401, {reason: "You do not have permission to edit this "+req.params.api+"."})
if ( !await devbug.permission[req.params.api].owns(project, req.session.auth.user) ) return _flitter.error(res, 401, {reason: "You do not have permission to edit this "+req.params.api+"."})
if ( !(project.user_id === target_user.uuid) && !(project.shared_user_ids.includes(target_user.uuid)) ){
project.shared_user_ids.push(target_user.uuid)
@@ -277,7 +293,7 @@ class v1 {
const target_user = await _flitter.model('User').findOne({uuid: req.params.user})
if ( !target_user ) return _flitter.error(res, 404, {reason: 'User not found with the specified ID.'})
if ( !devbug.permission.project.owns(project, req.session.auth.user) ) return _flitter.error(res, 401, {reason: "You do not have permission to edit this "+req.params.api+"."})
if ( !await devbug.permission[req.params.api].owns(project, req.session.auth.user) ) return _flitter.error(res, 401, {reason: "You do not have permission to edit this "+req.params.api+"."})
if ( !(project.user_id === target_user.uuid) && !(project.edit_user_ids.includes(target_user.uuid)) ){
// check if read access. If so, revoke.
@@ -301,7 +317,7 @@ class v1 {
const target_user = await _flitter.model('User').findOne({uuid: req.params.user})
if ( !target_user ) return _flitter.error(res, 404, {reason: 'User not found with the specified ID.'})
if ( !devbug.permission.project.view(project, req.session.auth.user) ) return _flitter.error(res, 401, {reason: "You do not have permission to edit this "+req.params.api+"."})
if ( !await devbug.permission[req.params.api].view(project, req.session.auth.user) ) return _flitter.error(res, 401, {reason: "You do not have permission to edit this "+req.params.api+"."})
const to_dash = project.shared_user_ids.includes(req.session.auth.uuid)
@@ -324,7 +340,7 @@ class v1 {
const target_user = await _flitter.model('User').findOne({uuid: req.params.user})
if ( !target_user ) return _flitter.error(res, 404, {reason: 'User not found with the specified ID.'})
if ( !devbug.permission.project.view(project, req.session.auth.user) ) return _flitter.error(res, 401, {reason: "You do not have permission to edit this "+req.params.api+"."})
if ( !await devbug.permission[req.params.api].view(project, req.session.auth.user) ) return _flitter.error(res, 401, {reason: "You do not have permission to edit this "+req.params.api+"."})
const to_dash = project.edit_user_ids.includes(req.session.auth.uuid)
@@ -347,7 +363,7 @@ class v1 {
const target_user = await _flitter.model('User').findOne({uuid: req.params.user})
if ( !target_user ) return _flitter.error(res, 404, {reason: 'User not found with the specified ID.'})
if ( !devbug.permission.project.owns(project, req.session.auth.user) ) return _flitter.error(res, 401, {reason: 'You do not have permission to edit this '+req.params.api+'.'})
if ( !await devbug.permission[req.params.api].owns(project, req.session.auth.user) ) return _flitter.error(res, 401, {reason: 'You do not have permission to edit this '+req.params.api+'.'})
project.user_id = target_user.uuid
project.shared_user_ids.push(req.session.auth.uuid)
@@ -366,13 +382,16 @@ class v1 {
}
async project_share_invite(req, res, next){
const project = await Project.findById(req.params.id)
if ( !project ) return _flitter.error(res, 404, {reason: 'Project not found with the specified ID.'})
const share_model = share_api[req.params.api]
if ( !share_model ) return _flitter.error(res, 400, {reason: 'Invalid Share API endpoint.'})
const project = await share_model.findById(req.params.id)
if ( !project ) return _flitter.error(res, 404, {reason: req.params.api+' not found with the specified ID.'})
if ( !devbug.permission.project.owns(project, req.session.auth.user) ) return _flitter.error(res, 401, {reason: 'You do not have permission to edit this project.'})
if ( !await devbug.permission[req.params.api].owns(project, req.session.auth.user) ) return _flitter.error(res, 401, {reason: 'You do not have permission to edit this '+req.params.api+'.'})
let share_data = {
project_id: project.id,
api_type: req.params.api,
by_user_id: req.session.auth.uuid,
created_on: Date.now()
}
@@ -380,7 +399,7 @@ class v1 {
const share = new Invite(share_data)
await share.save()
return _flitter.view(res, 'dash_v1:invite', {share, project, title: 'Generate Invite Link', show_back: true})
return _flitter.view(res, 'dash_v1:invite', {share, project, title: 'Sharing link for '+req.params.api, show_back: true})
}
async accept_invite(req, res, next){
@@ -389,8 +408,9 @@ class v1 {
const invite = await Invite.findById(req.session.invite_data.invite)
if ( !invite ) return _flitter.error(res, 404, {reason: 'This invitation is no longer valid. Sorry.'})
const project = await Project.findById(req.session.invite_data.project)
if ( !project ) return _flitter.error(res, 404, {reason: 'This project no longer exists.'})
const share_model = share_api[invite.api_type];
const project = await share_model.findById(req.session.invite_data.project)
if ( !project ) return _flitter.error(res, 404, {reason: 'This '+invite.api_type+' no longer exists.'})
const user = await _flitter.model('User').findById(req.session.invite_data.user)
if ( !user ) return _flitter.error(res, 404, {reason: 'This user no longer exists. Sorry.'})
@@ -405,7 +425,7 @@ class v1 {
req.session.invite = false
req.session.invite_data = false
return res.redirect('/dash/v1/project/view/'+project.id)
return res.redirect(await share_views[invite.api_type](project))
}
async project_snippet_new(req, res, next){
@@ -457,10 +477,66 @@ class v1 {
const snippet = await Snippet.findOne({uuid: req.params.snippet})
if ( !snippet ) return _flitter.error(res, 404, {reason: 'The specified snippet does not exist.'})
console.log('snippet mode', snippet.mode)
return _flitter.view(res, 'dash_v1:snippet', {snippet, project, user: req.session.auth.user, title: 'Snippet: '+snippet.name, show_back: true, readonly: true})
if ( !await devbug.permission.snippet.view(snippet, req.session.auth.user) ) return _flitter.error(res, 401, {reason: 'You do not have permission to view this snippet.'})
const is_owner = await devbug.permission.snippet.owns(snippet, req.session.auth.user)
return _flitter.view(res, 'dash_v1:snippet', {snippet, project, is_owner, user: req.session.auth.user, title: 'Snippet: '+snippet.name, show_back: true, readonly: true})
}
async project_snippet_delete(req, res, next){
const project = await Project.findById(req.params.id)
if ( !project ) return _flitter.error(res, 404, {reason: 'The specified project does not exist.'})
const snippet = await Snippet.findOne({uuid: req.params.snippet})
if ( !snippet ) return _flitter.error(res, 404, {reason: 'The specified snippet does not exist.'})
if ( !await devbug.permission.snippet.owns(snippet, req.session.auth.user) ) return _flitter.error(res, 401, {reason: 'You do not have permission to edit this snippet.'})
await snippet.delete()
return res.redirect('/dash/v1/project/view/'+project.id)
}
async project_snippet_edit(req, res, next){
const project = await Project.findById(req.params.id)
if ( !project ) return _flitter.error(res, 404, {reason: 'The specified project does not exist.'})
const snippet = await Snippet.findOne({uuid: req.params.snippet})
if ( !snippet ) return _flitter.error(res, 404, {reason: 'The specified snippet does not exist.'})
if ( !await devbug.permission.snippet.edit(snippet, req.session.auth.user) ) return _flitter.error(res, 401, {reason: 'You do not have permission to edit this snippet.'})
return _flitter.view(res, 'dash_v1:snippet', {project, snippet, user: req.session.auth.user, title: 'Snippet: '+snippet.name, readonly: false, show_back: true})
}
async project_snippet_edit_do(req, res, next){
const project = await Project.findById(req.params.id)
if ( !project ) return _flitter.error(res, 404, {reason: 'The specified project does not exist.'})
const snippet = await Snippet.findOne({uuid: req.params.snippet})
if ( !snippet ) return _flitter.error(res, 404, {reason: 'The specified snippet does not exist.'})
if ( !await devbug.permission.snippet.edit(snippet, req.session.auth.user) ) return _flitter.error(res, 401, {reason: 'You do not have permission to edit this snippet.'})
// check required fields: title, data, mode
let fail = false
if ( !req.body.title ) fail = 'Snippet title is required.'
else if ( !req.body.data ) fail = 'Snippet data is required.'
else if ( !req.body.mode ) fail = 'Snippet mode is required.'
if ( fail ){
return _flitter.view(res, 'dash_v1:snippet', {snippet, project, user: req.session.auth.user, title: 'Update Snippet', show_back: true, errors:[fail]})
}
snippet.name = req.body.title
snippet.data = req.body.data
snippet.mode = req.body.mode
await snippet.save()
return res.redirect('/dash/v1/project/snippet/'+project.id+'/view/'+snippet.uuid)
}
}