1 |
|
2 |
|
3 |
|
4 |
|
5 | var fixIfBehindProxy = require('../lib/utilities').fixIfBehindProxy;
|
6 | var debug = require('debug')('antisocial-friends');
|
7 | var VError = require('verror').VError;
|
8 | var WError = require('verror').WError;
|
9 | var async = require('async');
|
10 | var request = require('request');
|
11 | var _ = require('lodash');
|
12 |
|
13 | module.exports = function mountFriendUpdate(antisocialApp) {
|
14 |
|
15 | var router = antisocialApp.router;
|
16 | var config = antisocialApp.config;
|
17 | var db = antisocialApp.db;
|
18 | var authUserMiddleware = antisocialApp.authUserMiddleware;
|
19 |
|
20 | var updateRegex = /^\/([a-zA-Z0-9\-.]+)\/friend-update$/;
|
21 |
|
22 | debug('mounting GET /username/friend-update', updateRegex);
|
23 |
|
24 | router.post(updateRegex, authUserMiddleware, function handleFriendUpdate(req, res) {
|
25 | var matches = req.path.match(updateRegex);
|
26 | var username = matches[1];
|
27 |
|
28 | var endpoint = req.body.endpoint;
|
29 |
|
30 | if (!endpoint) {
|
31 | debug('endpoint not supplied');
|
32 | return res.status(400).send('endpoint not supplied');
|
33 | }
|
34 |
|
35 | if (!endpoint.match(/(^|\s)((https?:\/\/)?[\w-]+(\.[\w-]+)+\.?(:\d+)?(\/\S*)?)/gi)) {
|
36 | debug('endpoint not a valid url');
|
37 | return res.status(400).send('endpoint not a valid url');
|
38 | }
|
39 |
|
40 |
|
41 | var currentUser = req.antisocialUser;
|
42 | if (!currentUser) {
|
43 | debug('not logged in');
|
44 | return res.sendStatus(401);
|
45 | }
|
46 |
|
47 |
|
48 | if (currentUser.username !== username) {
|
49 | debug('username mismatch');
|
50 | return res.status(400).send('username mismatch');
|
51 | }
|
52 |
|
53 | var newStatus = req.body.status;
|
54 | var newAudiences = req.body.audiences;
|
55 |
|
56 | async.waterfall([
|
57 | function findFriend(cb) {
|
58 | debug('/friend-update findFriend');
|
59 | db.getInstances('friends', [{
|
60 | 'property': 'userId',
|
61 | 'value': currentUser.id
|
62 | }, {
|
63 | 'property': 'remoteEndPoint',
|
64 | 'value': req.body.endpoint
|
65 | }], function (err, friendInstances) {
|
66 | if (err) {
|
67 | return cb(new VError(err, 'error reading friends'));
|
68 | }
|
69 |
|
70 | if (friendInstances.length !== 1) {
|
71 | return cb(new VError(err, 'friend request not found'));
|
72 | }
|
73 |
|
74 | cb(null, friendInstances[0]);
|
75 | });
|
76 | },
|
77 | function callWebHook(friend, cb) {
|
78 | debug('/friend-update callWebhook');
|
79 |
|
80 | var payload = {
|
81 | 'accessToken': friend.remoteAccessToken,
|
82 | 'action': 'friend-update'
|
83 | };
|
84 |
|
85 | if (newStatus === 'delete' || newStatus === 'block') {
|
86 | payload.action = 'friend-delete';
|
87 | }
|
88 |
|
89 | var options = {
|
90 | 'url': fixIfBehindProxy(friend.remoteEndPoint + '/friend-webhook'),
|
91 | 'form': payload,
|
92 | 'json': true
|
93 | };
|
94 |
|
95 | request.post(options, function (err, response, body) {
|
96 | if (err) {
|
97 | return cb(new VError(err, '/friend-update callWebhook failed'));
|
98 | }
|
99 | if (response.statusCode !== 200) {
|
100 | return cb(new VError('/friend-update callWebhook http error ' + response.statusCode));
|
101 | }
|
102 | if (_.get(body, 'status') !== 'ok') {
|
103 | return cb(new VError('/friend-update callWebhook unexpected result %j' + body));
|
104 | }
|
105 |
|
106 | cb(null, friend);
|
107 | });
|
108 | },
|
109 | function createBlock(friend, cb) {
|
110 | if (newStatus !== 'block') {
|
111 | return async.setImmediate(function () {
|
112 | cb(null, friend);
|
113 | });
|
114 | }
|
115 |
|
116 |
|
117 | db.newInstance('blocks', {
|
118 | 'remoteEndPoint': friend.remoteEndPoint,
|
119 | 'userId': currentUser.id
|
120 | }, function (err, block) {
|
121 | cb(null, friend);
|
122 | });
|
123 | },
|
124 | function updateFriend(friend, cb) {
|
125 |
|
126 | if (newStatus === 'delete' || newStatus === 'block') {
|
127 |
|
128 | antisocialApp.emit('friend-deleted', {
|
129 | 'info': {
|
130 | 'friend': JSON.parse(JSON.stringify(friend)),
|
131 | 'user': currentUser
|
132 | }
|
133 | });
|
134 |
|
135 | db.deleteInstance('friends', friend.id, function (err, friend) {
|
136 | if (err) {
|
137 | var e = new VError(err, '/friend-update updateFriend error');
|
138 | return cb(e);
|
139 | }
|
140 |
|
141 | cb(null);
|
142 | });
|
143 | }
|
144 | else {
|
145 | friend.audiences.push('friends');
|
146 |
|
147 | var update = {
|
148 | 'audiences': newAudiences
|
149 | };
|
150 |
|
151 | db.updateInstance('friends', friend.id, update, function (err, friend) {
|
152 | if (err) {
|
153 | var e = new VError(err, '/friend-update updateFriend error');
|
154 | return cb(e);
|
155 | }
|
156 |
|
157 | antisocialApp.emit('friend-updated', {
|
158 | 'info': {
|
159 | 'friend': friend,
|
160 | 'user': currentUser
|
161 | }
|
162 | });
|
163 |
|
164 | cb(null);
|
165 | });
|
166 | }
|
167 | }
|
168 | ], function (err) {
|
169 | if (err) {
|
170 | var e = new WError(err, '/friend-update failed');
|
171 | return res.send({
|
172 | 'status': 'error',
|
173 | 'reason': e.message,
|
174 | 'details': e.cause().message
|
175 | });
|
176 | }
|
177 |
|
178 | res.send({
|
179 | 'status': 'ok'
|
180 | });
|
181 | });
|
182 |
|
183 | });
|
184 | };
|