1 | module.exports = profileRoutes
|
2 | module.exports.attributes = {
|
3 | name: 'account-routes-profile'
|
4 | }
|
5 |
|
6 | var Boom = require('boom')
|
7 |
|
8 | var errors = require('./utils/errors')
|
9 | var joiFailAction = require('./utils/joi-fail-action')
|
10 | var serialiseProfile = require('./utils/serialise-profile')
|
11 | var toSessionId = require('./utils/request-to-session-id')
|
12 | var validations = require('./utils/validations')
|
13 |
|
14 | function profileRoutes (server, options, next) {
|
15 | var serialise = serialiseProfile.bind(null, {
|
16 | baseUrl: server.info.uri
|
17 | })
|
18 | var admins = options.admins
|
19 | var sessions = server.plugins.account.api.sessions
|
20 | var accounts = server.plugins.account.api.accounts
|
21 |
|
22 | var getProfileRoute = {
|
23 | method: 'GET',
|
24 | path: '/session/account/profile',
|
25 | config: {
|
26 | auth: false,
|
27 | validate: {
|
28 | headers: validations.sessionIdHeader,
|
29 | query: validations.profileQuery,
|
30 | failAction: joiFailAction
|
31 | }
|
32 | },
|
33 | handler: function (request, reply) {
|
34 | var sessionId = toSessionId(request)
|
35 |
|
36 |
|
37 | admins.validateSession(sessionId)
|
38 |
|
39 | .then(
|
40 |
|
41 | function (doc) {
|
42 | throw errors.NO_PROFILE_ACCOUNT
|
43 | },
|
44 |
|
45 |
|
46 | function (error) {
|
47 | if (error.status === 404) {
|
48 | return sessions.find(sessionId, {
|
49 | include: 'account.profile'
|
50 | })
|
51 | .catch(function (error) {
|
52 | if (error.status === 404) {
|
53 | throw errors.INVALID_SESSION
|
54 | }
|
55 | })
|
56 | }
|
57 |
|
58 | throw error
|
59 | })
|
60 |
|
61 | .then(function (session) {
|
62 | return session.account
|
63 | })
|
64 |
|
65 | .then(serialise)
|
66 |
|
67 | .then(reply)
|
68 |
|
69 | .catch(function (error) {
|
70 | error = errors.parse(error)
|
71 | reply(Boom.create(error.status, error.message))
|
72 | })
|
73 | }
|
74 | }
|
75 |
|
76 | var patchProfileRoute = {
|
77 | method: 'PATCH',
|
78 | path: '/session/account/profile',
|
79 | config: {
|
80 | auth: false,
|
81 | validate: {
|
82 | headers: validations.sessionIdHeader,
|
83 | payload: validations.profilePayload,
|
84 | query: validations.profileQuery,
|
85 | failAction: joiFailAction
|
86 | }
|
87 | },
|
88 | handler: function (request, reply) {
|
89 | var sessionId = toSessionId(request)
|
90 | var givenProfile = request.payload.data.attributes
|
91 | var id = request.payload.data.id
|
92 |
|
93 |
|
94 | admins.validateSession(sessionId)
|
95 |
|
96 | .then(
|
97 |
|
98 | function (doc) {
|
99 | throw errors.NO_PROFILE_ACCOUNT
|
100 | },
|
101 |
|
102 |
|
103 | function (error) {
|
104 | if (error.status === 404) {
|
105 | return sessions.find(sessionId, {
|
106 | include: 'account.profile'
|
107 | })
|
108 | .catch(function (error) {
|
109 | if (error.status === 404) {
|
110 | throw errors.INVALID_SESSION
|
111 | }
|
112 | })
|
113 | }
|
114 |
|
115 | throw error
|
116 | })
|
117 |
|
118 | .then(function (session) {
|
119 | if (session.account.id + '-profile' !== id) {
|
120 | throw errors.accountIdConflict(session.account.id + '-profile')
|
121 | }
|
122 | return accounts.update({username: session.account.username}, {
|
123 | profile: givenProfile
|
124 | }, {include: 'profile'})
|
125 | })
|
126 |
|
127 | .then(function (json) {
|
128 | reply().code(204)
|
129 | })
|
130 |
|
131 | .catch(function (error) {
|
132 | error = errors.parse(error)
|
133 | reply(Boom.create(error.status, error.message))
|
134 | })
|
135 | }
|
136 | }
|
137 |
|
138 | server.route([
|
139 | getProfileRoute,
|
140 | patchProfileRoute
|
141 | ])
|
142 |
|
143 | next()
|
144 | }
|