Readlebee/server/routes/shelf.js

320 lines
9.0 KiB
JavaScript

const fs = require('fs');
const path = require('path');
const ShelfController = require('../controllers/shelf');
async function routes(fastify, options) {
fastify.get('/api/shelf/test', async (request, reply) => {
return false;
});
fastify.get('/api/shelf/getAll', async (request, reply) => {
if (!request.isLoggedInUser) {
return reply.code(400).send({
error: true,
message: 'api.not_logged_in',
});
}
const shelfController = new ShelfController(fastify.models);
const shelves = await request.user.getShelves({
attributes: ['id', 'name', 'isDeletable', 'permissionLevel', 'updatedAt'],
});
return shelves.map(shelf => {
shelf.updatedAt = shelfController.getLastUpdatedTimestamp(shelf);
return shelf;
});
});
fastify.get('/api/shelf/get/:shelfId/:domain', async (request, reply) => {
if (typeof request.params.shelfId === 'undefined') {
return reply.code(400).send({
error: true,
message: 'api.shelf.get.missing_id',
});
}
if (isNaN(parseInt(request.params.shelfId))) {
return reply.code(400).send({
error: true,
message: 'api.shelf.get.invalid_id',
});
}
if (request.params.domain.trim() !== '') {
return ShelfController.CheckExternalDomainForShelf(request.params.domain.trim(), request.params.shelfId);
}
const shelfController = new ShelfController(fastify.models);
const shelf = await shelfController.getShelfById(request.params.shelfId);
if (typeof shelf.error !== 'undefined') {
shelf.message = 'api.shelf.get.nonexistent_shelf';
return reply.code(400).send(shelf);
}
const userCanViewShelf = await shelfController.userCanViewShelf(request.user, shelf);
console.log('can view?', userCanViewShelf);
if (userCanViewShelf !== true) {
return reply.code(400).send({
error: true,
message: 'api.shelf.get.access_denied', // Should potentially be nonexistent shelf message instead?
});
}
const shelfData = await shelfController.scrubShelfData(shelf, request.user);
return reply.send(shelfData);
});
fastify.post('/api/shelf/create', async (request, reply) => {
if (!request.isLoggedInUser) {
return reply.code(400).send({
error: true,
message: 'api.not_logged_in',
});
}
request.body.shelfName = request.body.shelfName.trim();
const userShelves = await request.user.getShelves({
attributes: ['name'],
});
const shelfNameIsValid = ShelfController.newShelfNameIsValid(
request.body.shelfName,
userShelves.map(shelf => shelf.name)
);
if (shelfNameIsValid !== true) {
return reply.code(400).send(shelfNameIsValid);
}
const shelfController = new ShelfController(fastify.models);
const newShelf = shelfController.createShelf(request.user, request.body.shelfName);
if (typeof newShelf.error !== 'undefined' && newShelf.error !== false) {
newShelf.message = 'api.shelf.create.fail';
return reply.code(400).send(newShelf);
}
return reply.send({
error: false,
message: 'api.shelf.create.success',
});
});
fastify.post('/api/shelf/rename', async (request, reply) => {
if (!request.isLoggedInUser) {
return reply.code(401).send({
error: true,
message: 'api.not_logged_in',
});
}
if (typeof request.body.shelfId === 'undefined') {
return reply.code(400).send({
error: true,
message: 'api.shelf.rename.missing_id',
});
}
if (typeof request.body.shelfName === 'undefined') {
return reply.code(400).send({
error: true,
message: 'api.shelf.rename.missing_name',
});
}
request.body.shelfName = request.body.shelfName.trim();
const userShelves = await request.user.getShelves({
attributes: ['name'],
});
const shelfNameIsValid = ShelfController.newShelfNameIsValid(
request.body.shelfName,
userShelves.map(shelf => shelf.name)
);
if (shelfNameIsValid !== true) {
return reply.code(400).send(shelfNameIsValid);
}
const shelf = await fastify.models.Shelf.findByPk(request.body.shelfId);
if (!ShelfController.userOwnsShelf(request.user, shelf)) {
return reply.code(403).send({
error: true,
message: 'api.shelf.not_owner',
});
}
if (!ShelfController.shelfCanBeModified(shelf)) {
return reply.code(403).send({
error: true,
message: 'api.shelf.not_editable',
});
}
const shelfController = new ShelfController(fastify.models);
const newShelf = shelfController.renameShelf(request.user, shelf, request.body.shelfName);
if (typeof newShelf.error !== 'undefined' && newShelf.error !== false) {
newShelf.message = 'api.shelf.rename.fail';
return reply.code(400).send(newShelf);
}
return reply.send({
error: false,
message: 'api.shelf.rename.success',
});
});
fastify.post('/api/shelf/addItem', async (request, reply) => {
if (!request.isLoggedInUser) {
return reply.code(401).send({
error: true,
message: 'api.not_logged_in',
});
}
if (typeof request.body.shelfId === 'undefined') {
return reply.code(400).send({
error: true,
message: 'api.shelf.addItem.missing_id',
});
}
if (typeof request.body.bookId === 'undefined') {
return reply.code(400).send({
error: true,
message: 'api.shelf.addItem.missing_id',
});
}
const shelf = (await request.user.getShelves({
where: { id: request.body.shelfId },
include: [ fastify.models.ShelfItem ],
limit: 1,
}))[0];
if (!ShelfController.userOwnsShelf(request.user, shelf)) {
return reply.code(403).send({
error: true,
message: 'api.shelf.not_owner',
});
}
const shelfController = new ShelfController(fastify.models, request.language);
const shelfItem = await shelfController.addShelfItem(shelf, request.body.bookId, request.body.source);
if (typeof shelfItem.error !== 'undefined') {
return reply.code(400).send({
error: shelfItem.error,
message: 'api.shelf.addItem.could_not_add',
});
}
return reply.send({
error: false,
message: 'api.shelf.addItem.success',
});
});
fastify.post('/api/shelf/moveItem', async (request, reply) => {
if (!request.isLoggedInUser) {
return reply.code(401).send({
error: true,
message: 'api.not_logged_in',
});
}
if (typeof request.body.itemId === 'undefined') {
return reply.code(400).send({
error: true,
message: 'api.shelf.moveItem.missing_item_id',
});
}
if (typeof request.body.shelfId === 'undefined') {
return reply.code(400).send({
error: true,
message: 'api.shelf.moveItem.missing_shelf_id',
});
}
const shelfItem = await fastify.models.ShelfItem.findByPk(request.body.itemId, {
include: [ fastify.models.Shelf ],
});
const toShelf = await request.user.getShelf({
where: { id: request.body.shelfId },
include: [ fastify.models.ShelfItem ],
});
if (!ShelfController.userOwnsShelf(request.user, shelfItem.Shelf)
|| !ShelfController.userOwnsShelf(request.user, toShelf)) {
return reply.code(403).send({
error: true,
message: 'api.shelf.not_owner',
});
}
const shelfController = new ShelfController(fastify.models, request.language);
const moveSuccess = await shelfController.moveShelfItem(shelfItem, toShelf);
if (typeof moveSuccess.error !== 'undefined') {
return reply.code(400).send({
error: moveSuccess.error,
message: 'api.shelf.moveItem.could_not_move',
});
}
return reply.send({
error: false,
message: 'api.shelf.moveItem.success',
});
});
fastify.post('/api/shelf/deleteItem', async (request, reply) => {
if (!request.isLoggedInUser) {
return reply.code(401).send({
error: true,
message: 'api.not_logged_in',
});
}
if (typeof request.body.itemId === 'undefined') {
return reply.code(400).send({
error: true,
message: 'api.shelf.deleteItem.missing_item_id',
});
}
const shelfItem = await fastify.models.ShelfItem.findByPk(request.body.itemId, {
include: [ fastify.models.Shelf ],
});
if (!ShelfController.userOwnsShelf(request.user, shelfItem.Shelf)) {
return reply.code(403).send({
error: true,
message: 'api.shelf.not_owner',
});
}
const shelfController = new ShelfController(fastify.models, request.language);
const deleteSuccess = await shelfController.deleteShelfItem(shelfItem);
if (typeof deleteSuccess.error !== 'undefined') {
return reply.code(400).send({
error: deleteSuccess.error,
message: 'api.shelf.deleteItem.could_not_delete',
});
}
return reply.send({
error: false,
message: 'api.shelf.deleteItem.success',
});
});
}
module.exports = routes;