/* * v1 Controller * ------------------------------------------------------------- * Put some description here! */ const Project = _flitter.model('v1:Project') const Out = _flitter.model('v1:Out') class v1 { /* * Serve the main page. */ async main(req, res){ const projects = await Project.find({ archived: false, user_id: req.session.auth.uuid }) let find = { shared_user_ids: { $elemMatch: { $eq: req.session.auth.uuid } } } const shared_projects = await Project.find(find) /* * Return the main view. * It must be passed the response. * View parameters can be passed as an optional third * argument to the view() method. */ return _flitter.view(res, 'dash_v1:main', { projects, shared_projects, user: req.session.auth.user }) } new_project_show(req, res, next){ return _flitter.view(res, 'dash_v1:project', { show_back: true, title: 'Create New Project' }) } async project_edit_show(req, res, next){ const project = await Project.findById(req.params.id) if ( !project ){ return _flitter.error(res, 404, {reason: 'Project not found with the specified ID.'}) } // check access perms if ( !(project.user_id === req.session.auth.uuid) ){ return _flitter.error(res, 401, {reason: 'You do not have permissions to edit this project.'}) } return _flitter.view(res, 'dash_v1:project', { show_back: true, title: 'Update Project', project_name: project.name, user: req.session.auth.user }) } async project_edit_do(req, res, next){ const project = await Project.findById(req.params.id) if ( !project ){ return _flitter.error(res, 404, {reason: 'Project not found with the specified ID.'}) } if ( !req.body || !req.body.name ){ return _flitter.view(res, 'dash_v1:project', {user: req.session.auth.user, show_back: true, title: 'Update Project', project_name: project.name, errors: ['Project name is required.']}) } // check access perms if ( !(project.user_id === req.session.auth.uuid) ){ return _flitter.error(res, 401, {reason: 'Project not found with the specified ID.'}) } project.name = req.body.name await project.save() return res.redirect('/dash/v1') } async new_project_do(req, res, next){ if ( !req.body.name ){ return _flitter.view(res, 'dash_v1:project', {user: req.session.auth.user, show_back: true, title: 'Create Project', errors: ['Project name is required.']}) } const project = new Project({ name: req.body.name, user_id: req.session.auth.uuid, data: JSON.stringify({ created: Date.now(), modified: Date.now() }), shared_user_ids: [], }) await project.save() return res.redirect('/dash/v1') } async project_view(req, res, next){ const project = await Project.findById(req.params.id) if ( !project ){ return _flitter.error(res, 404, {reason: 'Project not found with the specified ID.'}) } const outs = await Out.find({ project_id: project.id }).sort('-created') if ( !(project.user_id === req.session.auth.uuid) && !(project.shared_user_ids.includes(req.session.auth.uuid)) ){ return _flitter.error(res, 401, {reason: 'You do not have permission to view this project.'}) } return _flitter.view(res, 'dash_v1:view', {user: req.session.auth.user, project, outs, show_back: true, title: 'View: '+project.name }) } async out_view(req, res, next){ const out = await Out.findById(req.params.id) if ( !out ){ return _flitter.error(res, 404, {reason: 'Output not found with the specified ID.'}) } let pretty try { pretty = JSON.stringify(JSON.parse(out.data), null, 4) } catch (e){ return _flitter.error(res, 500, {reason: 'Unable to parse output data. Data contains invalid JSON.'}) } const project = await Project.findById(out.project_id) if ( !project || (!(project.user_id === req.session.auth.uuid) && !(project.shared_user_ids.includes(req.session.auth.uuid))) ){ return _flitter.error(res, 401, {reason: 'You do not have permission to view this project.'}) } // TODO permission access check return _flitter.view(res, 'dash_v1:out', {user: req.session.auth.user, out, prettyd:pretty, show_back: true, title: out.brief, title_small: true }); } async out_delete(req, res, next){ const out = await Out.findById(req.params.id) const project = await Project.findById(req.params.project) if ( !project || ( !(project.user_id === req.session.auth.uuid) ) ){ return _flitter.error(res, 401, {reason: 'You do not have permission to edit this project.'}) } if ( out ){ await out.delete() } return res.redirect('/dash/v1/project/view/'+req.params.project) } async project_delete_show(req, res, next){ const project = await Project.findById(req.params.id) if ( !project ){ return _flitter.error(res, 404, {reason: 'Project not found with the specified ID.'}) } if ( !(project.user_id === req.session.auth.uuid) ){ return _flitter.error(res, 401, {reason: 'You do not have permission to edit this project.'}) } return _flitter.view(res, 'dash_v1:confirm', {user: req.session.auth.user, project, show_back: true, title: 'Are you sure?', text: 'Deleting this project will remove all stored breakpoint data. This action cannot be undone.', destination: '/dash/v1/project/delete/'+req.params.id}) } async project_delete_do(req, res, next){ const project = await Project.findById(req.params.id) if ( project && ( !(project.user_id === req.session.auth.uuid) ) ){ return _flitter.error(res, 401, {reason: 'You do not have permission to edit this project.'}) } if ( project ){ const outs = await Out.find({project_id: project.id}) for ( const key in outs ){ await outs[key].delete() } await project.delete() } return res.redirect('/dash/v1') } view_code(req, res, next){ return _flitter.view(res, 'dash_v1:code', { user: req.session.auth.user, title: 'Using DevBug Inline' }) } async project_share_show(req, res, next){ const project = await Project.findById(req.params.id) if ( !project ) return _flitter.error(res, 404, {reason: 'Project not found with the specified ID.'}) if ( !(project.user_id === req.session.auth.uuid) ) return _flitter.error(res, 401, {reason: 'You do not have permission to edit this project.'}) let find = { uuid: { $nin: [] } } find.uuid.$nin.push(req.session.auth.uuid) find.uuid.$nin = find.uuid.$nin.concat(project.shared_user_ids) const to_share = await _flitter.model('User').find(find) find = { uuid: { $in: find.uuid.$nin } } const shared = await _flitter.model('User').find(find) return _flitter.view(res, 'dash_v1:share', { user: req.session.auth.user, sharing: { to_share, shared }, project, title: 'Share Project: '+project.name, show_back: true }) } async project_share_do(req, res, next){ const project = await Project.findById(req.params.id) if ( !project ) return _flitter.error(res, 404, {reason: 'Project not found with the specified ID.'}) const target_user = await _flitter.model('User').findOne({uuid: req.params.user}) if ( !target_user ) return _flitter.error(res, 404, {reason: 'User not found with the specified ID.'}) if ( !(project.user_id === req.session.auth.uuid) ) return _flitter.error(res, 401, {reason: "You do not have permission to edit this project."}) if ( !(project.user_id === target_user.uuid) && !(project.shared_user_ids.includes(target_user.uuid)) ){ project.shared_user_ids.push(target_user.uuid) await project.save() } return res.redirect('/dash/v1/project/share/'+project.id) } async project_share_revoke(req, res, next){ const project = await Project.findById(req.params.id) if ( !project ) return _flitter.error(res, 404, {reason: 'Project not found with the specified ID.'}) const target_user = await _flitter.model('User').findOne({uuid: req.params.user}) if ( !target_user ) return _flitter.error(res, 404, {reason: 'User not found with the specified ID.'}) if ( !(project.user_id === req.session.auth.uuid || project.shared_user_ids.includes(req.session.auth.uuid)) ) return _flitter.error(res, 401, {reason: "You do not have permission to edit this project."}) const to_dash = project.shared_user_ids.includes(req.session.auth.uuid) if ( !(target_user.uuid === project.user_id) && (project.shared_user_ids.includes(target_user.uuid)) ){ project.shared_user_ids.splice(project.shared_user_ids.indexOf(target_user.uuid), 1) await project.save() } if ( to_dash ) return res.redirect('/dash/v1') return res.redirect('/dash/v1/project/share/'+project.id) } async project_share_transfer(req, res, next){ const project = await Project.findById(req.params.id) if ( !project ) return _flitter.error(res, 404, {reason: 'Project not found with the specified ID.'}) const target_user = await _flitter.model('User').findOne({uuid: req.params.user}) if ( !target_user ) return _flitter.error(res, 404, {reason: 'User not found with the specified ID.'}) if ( !project.user_id === req.session.auth.uuid ) return _flitter.error(res, 401, {reason: 'You do not have permission to edit this project.'}) project.user_id = target_user.uuid project.shared_user_ids.push(req.session.auth.uuid) await project.save() return res.redirect('/dash/v1') } } module.exports = exports = v1