1 | module.exports = accountRoutes
|
2 | module.exports.attributes = {
|
3 | name: 'account-routes-accounts'
|
4 | }
|
5 |
|
6 | var Boom = require('boom')
|
7 |
|
8 | var errors = require('./utils/errors')
|
9 | var joiFailAction = require('./utils/joi-fail-action')
|
10 | var serialise = require('./utils/serialise-account')
|
11 | var toSessionId = require('./utils/request-to-session-id')
|
12 | var validations = require('./utils/validations')
|
13 |
|
14 | function accountRoutes (server, options, next) {
|
15 | var accounts = server.plugins.account.api.accounts
|
16 | var admins = options.admins
|
17 |
|
18 | var postAccountsRoute = {
|
19 | method: 'POST',
|
20 | path: '/accounts',
|
21 | config: {
|
22 | auth: false,
|
23 | validate: {
|
24 | headers: validations.sessionIdHeader,
|
25 | query: validations.accountQuery,
|
26 | payload: validations.accountPayload,
|
27 | failAction: joiFailAction
|
28 | }
|
29 | },
|
30 | handler: function (request, reply) {
|
31 | var username = request.payload.data.attributes.username
|
32 | var password = request.payload.data.attributes.password
|
33 | var query = request.query
|
34 |
|
35 | var sessionId = toSessionId(request)
|
36 |
|
37 |
|
38 | admins.validateSession(sessionId)
|
39 |
|
40 | .then(function (doc) {
|
41 | return accounts.add({
|
42 | username: username,
|
43 | password: password,
|
44 | include: query.include
|
45 | })
|
46 | })
|
47 |
|
48 | .then(function (account) {
|
49 | return serialise({
|
50 | baseUrl: server.info.uri,
|
51 | include: request.query.include
|
52 | }, account)
|
53 | })
|
54 |
|
55 | .then(function (json) {
|
56 | reply(json).code(201)
|
57 | })
|
58 |
|
59 | .catch(function (error) {
|
60 | if (error.status === 401) {
|
61 | error.message = 'Session invalid'
|
62 | }
|
63 | if (error.message === 'missing') {
|
64 | error = errors.INVALID_SESSION
|
65 | }
|
66 | error = errors.parse(error)
|
67 |
|
68 | reply(Boom.wrap(error, error.status, error.message))
|
69 | })
|
70 | }
|
71 | }
|
72 |
|
73 | var getAccountsRoute = {
|
74 | method: 'GET',
|
75 | path: '/accounts',
|
76 | config: {
|
77 | auth: false,
|
78 | validate: {
|
79 | headers: validations.sessionIdHeader,
|
80 | query: validations.accountQuery,
|
81 | failAction: joiFailAction
|
82 | }
|
83 | },
|
84 | handler: function (request, reply) {
|
85 | var sessionId = toSessionId(request)
|
86 |
|
87 | admins.validateSession(sessionId)
|
88 |
|
89 | .catch(function (error) {
|
90 |
|
91 | if (error.status === 404) {
|
92 | throw errors.INVALID_SESSION
|
93 | }
|
94 |
|
95 | throw error
|
96 | })
|
97 |
|
98 | .then(function () {
|
99 | return accounts.findAll({
|
100 | db: options.db,
|
101 | sessionId: sessionId,
|
102 | include: request.query.include
|
103 | })
|
104 | })
|
105 |
|
106 | .then(function (accounts) {
|
107 | return serialise({
|
108 | baseUrl: server.info.uri,
|
109 | include: request.query.include
|
110 | }, accounts)
|
111 | })
|
112 |
|
113 | .then(reply)
|
114 |
|
115 | .catch(function (error) {
|
116 | error = errors.parse(error)
|
117 | reply(Boom.create(error.status, error.message))
|
118 | })
|
119 | }
|
120 | }
|
121 |
|
122 | var getAccountRoute = {
|
123 | method: 'GET',
|
124 | path: '/accounts/{id}',
|
125 | config: {
|
126 | auth: false,
|
127 | validate: {
|
128 | headers: validations.sessionIdHeader,
|
129 | failAction: joiFailAction
|
130 | }
|
131 | },
|
132 | handler: function (request, reply) {
|
133 | var sessionId = toSessionId(request)
|
134 |
|
135 | admins.validateSession(sessionId)
|
136 |
|
137 | .catch(function (error) {
|
138 |
|
139 | if (error.status === 404) {
|
140 | throw errors.INVALID_SESSION
|
141 | }
|
142 |
|
143 | throw error
|
144 | })
|
145 |
|
146 | .then(function () {
|
147 | return accounts.find(request.params.id, {
|
148 | sessionId: sessionId,
|
149 | include: request.query.include
|
150 | })
|
151 | })
|
152 |
|
153 | .then(function (account) {
|
154 | return serialise({
|
155 | baseUrl: server.info.uri,
|
156 | include: request.query.include,
|
157 | admin: true
|
158 | }, account)
|
159 | })
|
160 |
|
161 | .then(reply)
|
162 |
|
163 | .catch(function (error) {
|
164 | reply(Boom.wrap(error, error.status))
|
165 | })
|
166 | }
|
167 | }
|
168 |
|
169 | var patchAccountRoute = {
|
170 | method: 'PATCH',
|
171 | path: '/accounts/{id}',
|
172 | config: {
|
173 | auth: false,
|
174 | validate: {
|
175 | headers: validations.sessionIdHeader,
|
176 | query: validations.accountQuery,
|
177 | payload: validations.accountPayload,
|
178 | failAction: joiFailAction
|
179 | }
|
180 | },
|
181 | handler: function (request, reply) {
|
182 | var sessionId = toSessionId(request)
|
183 | var username = request.payload.data.attributes.username
|
184 | var password = request.payload.data.attributes.password
|
185 | var profile = request.payload.data.attributes.profile
|
186 |
|
187 | return accounts.update(request.params.id, {
|
188 | username: username,
|
189 | password: password,
|
190 | profile: profile
|
191 | }, {
|
192 | sessionId: sessionId,
|
193 | include: request.query.include
|
194 | })
|
195 |
|
196 | .then(function (account) {
|
197 | return serialise({
|
198 | baseUrl: server.info.uri,
|
199 | include: request.query.include,
|
200 | admin: true
|
201 | }, account)
|
202 | },
|
203 | function (error) {
|
204 | if (error.status === 404) {
|
205 | throw errors.ACCOUNT_ID_NOT_FOUND
|
206 | }
|
207 |
|
208 | throw error
|
209 | })
|
210 |
|
211 | .then(function (json) {
|
212 | reply(json).code(201)
|
213 | })
|
214 |
|
215 | .catch(function (error) {
|
216 | error = errors.parse(error)
|
217 | reply(Boom.create(error.status, error.message))
|
218 | })
|
219 | }
|
220 | }
|
221 |
|
222 | var deleteAccountRoute = {
|
223 | method: 'DELETE',
|
224 | path: '/accounts/{id}',
|
225 | config: {
|
226 | auth: false,
|
227 | validate: {
|
228 | headers: validations.sessionIdHeader,
|
229 | failAction: joiFailAction
|
230 | }
|
231 | },
|
232 | handler: function (request, reply) {
|
233 | var sessionId = toSessionId(request)
|
234 |
|
235 | return accounts.remove(request.params.id, {
|
236 | sessionId: sessionId
|
237 | })
|
238 |
|
239 | .then(function (/* json */) {
|
240 | reply().code(204)
|
241 | })
|
242 |
|
243 | .catch(function (error) {
|
244 | error = errors.parse(error)
|
245 | reply(Boom.create(error.status, error.message))
|
246 | })
|
247 | }
|
248 | }
|
249 |
|
250 | server.route([
|
251 | postAccountsRoute,
|
252 | getAccountsRoute,
|
253 | getAccountRoute,
|
254 | patchAccountRoute,
|
255 | deleteAccountRoute
|
256 | ])
|
257 |
|
258 | next()
|
259 | }
|