-
Notifications
You must be signed in to change notification settings - Fork 2
/
prototypeController.js
106 lines (87 loc) · 2.92 KB
/
prototypeController.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
// Desc: Controller for prototypes
// Usage: const prototypesRouter = require('./controllers/prototypeController')
const router = require('express').Router()
const Prototype = require('../models/prototype')
const { userExtractor } = require('../utils/middleware')
// get all prototypes
router.get('/', async (request, response) => {
// populate the user field with the username and name of the user?
const prototypes = await Prototype.find({}).populate('user', {
// username: 1,
// name: 1,
})
response.json(prototypes)
})
// get a single prototype
router.get('/:id', async (request, response) => {
const prototype = await Prototype.findById(request.params.id).populate(
'user',
{
// username: 1,
// name: 1,
}
)
if (prototype) {
response.json(prototype)
} else {
response.status(404).end()
}
})
// post a new prototype to the database and add it to the user's list of prototypes
// Only logged in users can post prototypes
router.post('/', userExtractor, async (request, response) => {
// Option more secure way to get the title (or other field) from the request body
// const { title } = request.body
// const prototype = new Prototype({
// title,
// // Add new fields to be updated here
// })
// Generalize the above code to handle all fields in the request body
const prototype = new Prototype(request.body)
const user = request.user
// only logged in users can post prototypes
if (!user) {
return response.status(401).json({ error: 'operation not permitted' })
}
// add the prototype to the user's list of prototypes
prototype.user = user._id
const createdPrototype = await prototype.save()
user.prototypes = user.prototypes.concat(createdPrototype._id)
await user.save()
response.status(201).json(createdPrototype)
})
router.put('/:id', async (request, response) => {
const body = request.body
const prototype = await Prototype.findById(request.params.id)
if (prototype) {
for (const key in body) {
prototype[key] = body[key]
}
const updatedPrototype = await Prototype.findByIdAndUpdate(
request.params.id,
prototype,
{
new: true,
}
)
response.status(200).json(updatedPrototype)
}
})
// delete a prototype
router.delete('/:id', userExtractor, async (request, response) => {
const prototype = await Prototype.findById(request.params.id)
const user = request.user
// only the user who created the prototype can delete it
if (!user || prototype.user.toString() !== user.id.toString()) {
return response.status(401).json({ error: 'operation not permitted' })
}
// remove the prototype from the user's list of prototypes
user.prototypes = user.prototypes.filter(
(b) => b.toString() !== prototype.id.toString()
)
await user.save()
// await prototype.remove()
await Prototype.findByIdAndRemove(request.params.id)
response.status(204).end()
})
module.exports = router