This repository has been archived by the owner on Aug 22, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 263
/
group.js
165 lines (139 loc) · 4.04 KB
/
group.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
var _ = require('underscore');
var Group = require('../models/group.js');
var Portfolio = require('../models/portfolio.js');
var Badge = require('../models/badge.js');
var logger = require('../lib/logging').logger;
function makeBadgeObj(attr) { return new Badge(attr) }
exports.findById = function findById(req, res, next, id) {
Group.findById(id, function (err, group) {
if (err) {
logger.error("Error pulling group: " + err);
return res.send({
status: 'error',
error: 'Error pulling group'
}, 500);
}
if (!group)
return res.send({
status: 'missing',
error: 'Could not find group'
}, 404);
req.group = group;
return next();
});
};
exports.create = function (request, response) {
if (!request.user)
return response.json({error: 'no user'}, 403);
if (!request.body)
return response.json({error: 'no badge body'}, 400);
if (!request.body.badges)
return response.json({error: 'no badges'}, 400);
var user = request.user;
var body = request.body;
var badges = body.badges;
var group = new Group({
user_id: user.get('id'),
name: body.name,
badges: badges.map(makeBadgeObj)
});
group.save(function (err, group) {
if (err) {
logger.debug('there was some sort of error creating a group:');
logger.debug(err);
return response.send('there was an error', 500);
}
response.contentType('json');
response.send({id: group.get('id'), url: group.get('url')});
});
};
exports.update = function (request, response) {
if (!request.user)
return response.send({
status: 'forbidden',
error: 'user required'
}, 403);
if (!request.group)
return response.send({
status: 'missing-required',
error: 'missing group to update'
}, 404);
if (request.user.get('id') !== request.group.get('user_id'))
return response.send({
status: 'forbidden',
error: 'you cannot modify a group you do not own'
}, 403);
if (!request.body)
return response.send({
status: 'missing-required',
error: 'missing fields to update'
}, 400);
var group = request.group;
var body = request.body;
if (body.name) {
var saferName = body.name.replace('<', '<').replace('>', '>');
group.set('name', saferName);
}
if (body['public'] === true) {
group.set('public', true);
} else {
group.set('public', false);
}
if (body.badges) {
group.set('badges', body.badges.map(makeBadgeObj));
}
group.save(function (err) {
if (err) {
logger.debug('there was an error updating a group:');
logger.debug(err);
return response.send({
status: 'error',
error: 'there was an unknown error. it has been logged.'
}, 500);
}
response.contentType('json');
response.send({status: 'okay'});
});
};
exports.destroy = function (request, response) {
var user = request.user;
var group = request.group;
if (!user)
return response.send({
status: 'forbidden',
error: 'user required'
}, 403);
if (!group)
return response.send({
status: 'missing-required',
error: 'missing group to update'
}, 404);
if (group.get('user_id') !== user.get('id'))
return response.send({
status: 'forbidden',
error: 'you cannot modify a group you do not own'
}, 403);
// find any profile associated with this group and delete it
Portfolio.findOne({group_id: group.get('id')}, function (err, folio) {
if (err) {
logger.debug('error finding portfolios:');
logger.debug(err);
return response.send({
status: 'error',
error: 'there was some sort of error and it has been logged'
}, 500);
}
if (folio) folio.destroy();
group.destroy(function (err) {
if (err) {
logger.debug('error deleting group');
logger.debug(err);
return response.send({
status: 'error',
error: 'there was some sort of error and it has been logged'
}, 500);
}
response.send({status: 'okay'});
});
});
};