const fs = require('fs'); const path = require('path'); const ShelfController = require('../controllers/shelf'); async function routes(fastify, options) { fastify.get('/api/shelf/test', async (request, reply) => { return false; }); fastify.get('/api/shelf/getAll', async (request, reply) => { if (!request.isLoggedInUser) { return reply.code(400).send({ error: true, message: 'api.not_logged_in', }); } const shelfController = new ShelfController(fastify.models); const shelves = await request.user.getShelves({ attributes: ['id', 'name', 'isDeletable', 'permissionLevel', 'updatedAt'], }); return shelves.map(shelf => { shelf.updatedAt = shelfController.getLastUpdatedTimestamp(shelf); return shelf; }); }); fastify.get('/api/shelf/get/:shelfId/:domain', async (request, reply) => { if (typeof request.params.shelfId === 'undefined') { return reply.code(400).send({ error: true, message: 'api.shelf.get.missing_id', }); } if (isNaN(parseInt(request.params.shelfId))) { return reply.code(400).send({ error: true, message: 'api.shelf.get.invalid_id', }); } if (request.params.domain.trim() !== '') { return ShelfController.CheckExternalDomainForShelf(request.params.domain.trim(), request.params.shelfId); } const shelfController = new ShelfController(fastify.models); const shelf = await shelfController.getShelfById(request.params.shelfId); if (typeof shelf.error !== 'undefined') { shelf.message = 'api.shelf.get.nonexistent_shelf'; return reply.code(400).send(shelf); } const userCanViewShelf = await shelfController.userCanViewShelf(request.user, shelf); console.log('can view?', userCanViewShelf); if (userCanViewShelf !== true) { return reply.code(400).send({ error: true, message: 'api.shelf.get.access_denied', // Should potentially be nonexistent shelf message instead? }); } const shelfData = await shelfController.scrubShelfData(shelf, request.user); return reply.send(shelfData); }); fastify.post('/api/shelf/create', async (request, reply) => { if (!request.isLoggedInUser) { return reply.code(400).send({ error: true, message: 'api.not_logged_in', }); } request.body.shelfName = request.body.shelfName.trim(); const userShelves = await request.user.getShelves({ attributes: ['name'], }); const shelfNameIsValid = ShelfController.newShelfNameIsValid( request.body.shelfName, userShelves.map(shelf => shelf.name) ); if (shelfNameIsValid !== true) { return reply.code(400).send(shelfNameIsValid); } const shelfController = new ShelfController(fastify.models); const newShelf = shelfController.createShelf(request.user, request.body.shelfName); if (typeof newShelf.error !== 'undefined' && newShelf.error !== false) { newShelf.message = 'api.shelf.create.fail'; return reply.code(400).send(newShelf); } return reply.send({ error: false, message: 'api.shelf.create.success', }); }); fastify.post('/api/shelf/rename', async (request, reply) => { if (!request.isLoggedInUser) { return reply.code(401).send({ error: true, message: 'api.not_logged_in', }); } if (typeof request.body.shelfId === 'undefined') { return reply.code(400).send({ error: true, message: 'api.shelf.rename.missing_id', }); } if (typeof request.body.shelfName === 'undefined') { return reply.code(400).send({ error: true, message: 'api.shelf.rename.missing_name', }); } request.body.shelfName = request.body.shelfName.trim(); const userShelves = await request.user.getShelves({ attributes: ['name'], }); const shelfNameIsValid = ShelfController.newShelfNameIsValid( request.body.shelfName, userShelves.map(shelf => shelf.name) ); if (shelfNameIsValid !== true) { return reply.code(400).send(shelfNameIsValid); } const shelf = await fastify.models.Shelf.findByPk(request.body.shelfId); if (!ShelfController.userOwnsShelf(request.user, shelf)) { return reply.code(403).send({ error: true, message: 'api.shelf.not_owner', }); } if (!ShelfController.shelfCanBeModified(shelf)) { return reply.code(403).send({ error: true, message: 'api.shelf.not_editable', }); } const shelfController = new ShelfController(fastify.models); const newShelf = shelfController.renameShelf(request.user, shelf, request.body.shelfName); if (typeof newShelf.error !== 'undefined' && newShelf.error !== false) { newShelf.message = 'api.shelf.rename.fail'; return reply.code(400).send(newShelf); } return reply.send({ error: false, message: 'api.shelf.rename.success', }); }); fastify.post('/api/shelf/addItem', async (request, reply) => { if (!request.isLoggedInUser) { return reply.code(401).send({ error: true, message: 'api.not_logged_in', }); } if (typeof request.body.shelfId === 'undefined') { return reply.code(400).send({ error: true, message: 'api.shelf.addItem.missing_id', }); } if (typeof request.body.bookId === 'undefined') { return reply.code(400).send({ error: true, message: 'api.shelf.addItem.missing_id', }); } const shelf = (await request.user.getShelves({ where: { id: request.body.shelfId }, include: [ fastify.models.ShelfItem ], limit: 1, }))[0]; if (!ShelfController.userOwnsShelf(request.user, shelf)) { return reply.code(403).send({ error: true, message: 'api.shelf.not_owner', }); } const shelfController = new ShelfController(fastify.models, request.language); const shelfItem = await shelfController.addShelfItem(shelf, request.body.bookId, request.body.source); if (typeof shelfItem.error !== 'undefined') { return reply.code(400).send({ error: shelfItem.error, message: 'api.shelf.addItem.could_not_add', }); } return reply.send({ error: false, message: 'api.shelf.addItem.success', }); }); fastify.post('/api/shelf/moveItem', async (request, reply) => { if (!request.isLoggedInUser) { return reply.code(401).send({ error: true, message: 'api.not_logged_in', }); } if (typeof request.body.itemId === 'undefined') { return reply.code(400).send({ error: true, message: 'api.shelf.moveItem.missing_item_id', }); } if (typeof request.body.shelfId === 'undefined') { return reply.code(400).send({ error: true, message: 'api.shelf.moveItem.missing_shelf_id', }); } const shelfItem = await fastify.models.ShelfItem.findByPk(request.body.itemId, { include: [ fastify.models.Shelf ], }); const toShelf = await request.user.getShelf({ where: { id: request.body.shelfId }, include: [ fastify.models.ShelfItem ], }); if (!ShelfController.userOwnsShelf(request.user, shelfItem.Shelf) || !ShelfController.userOwnsShelf(request.user, toShelf)) { return reply.code(403).send({ error: true, message: 'api.shelf.not_owner', }); } const shelfController = new ShelfController(fastify.models, request.language); const moveSuccess = await shelfController.moveShelfItem(shelfItem, toShelf); if (typeof moveSuccess.error !== 'undefined') { return reply.code(400).send({ error: moveSuccess.error, message: 'api.shelf.moveItem.could_not_move', }); } return reply.send({ error: false, message: 'api.shelf.moveItem.success', }); }); fastify.post('/api/shelf/deleteItem', async (request, reply) => { if (!request.isLoggedInUser) { return reply.code(401).send({ error: true, message: 'api.not_logged_in', }); } if (typeof request.body.itemId === 'undefined') { return reply.code(400).send({ error: true, message: 'api.shelf.deleteItem.missing_item_id', }); } const shelfItem = await fastify.models.ShelfItem.findByPk(request.body.itemId, { include: [ fastify.models.Shelf ], }); if (!ShelfController.userOwnsShelf(request.user, shelfItem.Shelf)) { return reply.code(403).send({ error: true, message: 'api.shelf.not_owner', }); } const shelfController = new ShelfController(fastify.models, request.language); const deleteSuccess = await shelfController.deleteShelfItem(shelfItem); if (typeof deleteSuccess.error !== 'undefined') { return reply.code(400).send({ error: deleteSuccess.error, message: 'api.shelf.deleteItem.could_not_delete', }); } return reply.send({ error: false, message: 'api.shelf.deleteItem.success', }); }); } module.exports = routes;