opt-cc/api/routes/awardings.js

"use strict";

// modules
const express = require('express');
const logger = require('debug')('cc:awardings');

// HTTP status codes by name
const codes = require('./http-codes');

const routerHandling = require('../middleware/router-handling');

const apiAuthenticationMiddleware = require('../middleware/auth-middleware');
const checkHl = require('../middleware/permission-check').checkHl;

// Mongoose Model using mongoDB
const AwardingModel = require('../models/awarding');

// result set for proposer(appUser) population
const resultSet = {
  '__v': 0,
  'updatedAt': 0,
  'timestamp': 0,
  'password': 0,
  'permission': 0,
  'secret': 0,
  'activated': 0
};

const awarding = express.Router();


// routes **********************
awarding.route('/')
  .get((req, res, next) => {
    const filter = {};
    if (req.query.userId) {
      filter.userId = req.query.userId;
    }
    if (req.query.inProgress) {
      filter.confirmed = 0;
    }
    if (req.query.simple) {
      AwardingModel.find(filter, {}, {sort: {date: 'desc'}}, (err, items) => {
        if (err) {
          err.status = codes.servererror;
          return next(err);
          // with return before (or after) the next(err) we prevent that the code continues here after next(err) has finished.
          // this saves an extra else {..}
        }
        // if the collection is empty we do not send empty arrays back.
        if (items && items.length > 0) {
          res.locals.items = items;
        }
        res.locals.processed = true;
        next();
      });
    } else {
      AwardingModel.find(filter, {}, {sort: {date: 'desc'}})
        .populate('decorationId').populate('proposer', resultSet).populate('userId').exec((err, items) => {
        if (err) {
          err.status = codes.servererror;
          return next(err);
          // with return before (or after) the next(err) we prevent that the code continues here after next(err) has finished.
          // this saves an extra else {..}
        }
        let results = [];
        if (req.query.fractFilter) {
          for (let item of items) {
            if (item.decorationId.fraction === req.query.fractFilter) {
              results.push(item)
            }
          }
          res.locals.items = results;

        } else {
          res.locals.items = items;
        }

        res.locals.processed = true;
        next();
      });
    }
  })

  .post(apiAuthenticationMiddleware, checkHl, (req, res, next) => {
    const award = new AwardingModel(req.body);
    award.confirmed = 1;
    award.proposer = req.user._id;
    // timestamp and default are set automatically by Mongoose Schema Validation
    award.save((err) => {
      if (err) {
        err.status = codes.wrongrequest;
        err.message += ' in fields: ' + Object.getOwnPropertyNames(err.errors);
        return next(err);
      }
      res.status(codes.created);
      res.locals.items = award;
      next();
    });
  })

  .all(
    routerHandling.httpMethodNotAllowed
  );

awarding.route('/:id')

  .patch(apiAuthenticationMiddleware, checkHl, (req, res, next) => {
    if (!req.body || (req.body._id && req.body._id !== req.params.id)) {
      // little bit different as in PUT. :id does not need to be in data, but if the _id and url id must match
      const err = new Error('id of PATCH resource and send JSON body are not equal ' + req.params.id + " " + req.body._id);
      err.status = codes.notfound;
      next(err);
      return; // prevent node to process this function further after next() has finished.
    }

    // optional task 3: increment version manually as we do not use .save(.)
    req.body.updatedAt = new Date();
    req.body.$inc = {__v: 1};

    // PATCH is easier with mongoose than PUT. You simply update by all data that comes from outside. no need to reset attributes that are missing.
    AwardingModel.findByIdAndUpdate(req.params.id, req.body, {new: true}, (err, item) => {
      if (err) {
        err.status = codes.wrongrequest;
      }
      else if (!item) {
        err = new Error("item not found");
        err.status = codes.notfound;
      }
      else {
        res.locals.items = item;
      }
      next(err);
    })
  })

  .delete(apiAuthenticationMiddleware, checkHl, (req, res, next) => {
    AwardingModel.findByIdAndRemove(req.params.id, (err, item) => {
      if (err) {
        err.status = codes.wrongrequest;
      }
      else if (!item) {
        err = new Error("item not found");
        err.status = codes.notfound;
      }
      // we don't set res.locals.items  and thus it will send a 204 (no content) at the end. see last handler user.use(..)
      res.locals.processed = true;
      next(err); // this works because err is in normal case undefined and that is the same as no parameter
    });
  })

  .all(
    routerHandling.httpMethodNotAllowed
  );

// this middleware function can be used, if you like or remove it
// it looks for object(s) in res.locals.items and if they exist, they are send to the client as json
awarding.use(routerHandling.emptyResponse);


module.exports = awarding;
first commit 2017-05-10 11:04:06 +02:00			`"use strict";`

			`// modules`
			`const express = require('express');`
			`const logger = require('debug')('cc:awardings');`

			`// HTTP status codes by name`
			`const codes = require('./http-codes');`

			`const routerHandling = require('../middleware/router-handling');`

add awarding request for sql 2017-06-09 18:30:35 +02:00			`const apiAuthenticationMiddleware = require('../middleware/auth-middleware');`
			`const checkHl = require('../middleware/permission-check').checkHl;`

first commit 2017-05-10 11:04:06 +02:00			`// Mongoose Model using mongoDB`
			`const AwardingModel = require('../models/awarding');`

add awarding request for sql 2017-06-09 18:30:35 +02:00			`// result set for proposer(appUser) population`
			`const resultSet = {`
			`'__v': 0,`
			`'updatedAt': 0,`
			`'timestamp': 0,`
			`'password': 0,`
			`'permission': 0,`
			`'secret': 0,`
			`'activated': 0`
			`};`

first commit 2017-05-10 11:04:06 +02:00			`const awarding = express.Router();`


			`// routes **********************`
			`awarding.route('/')`
			`.get((req, res, next) => {`
			`const filter = {};`
			`if (req.query.userId) {`
			`filter.userId = req.query.userId;`
			`}`
Add hl confirmation menus 2017-06-10 22:07:32 +02:00			`if (req.query.inProgress) {`
			`filter.confirmed = 0;`
			`}`
first commit 2017-05-10 11:04:06 +02:00			`if (req.query.simple) {`
			`AwardingModel.find(filter, {}, {sort: {date: 'desc'}}, (err, items) => {`
			`if (err) {`
			`err.status = codes.servererror;`
			`return next(err);`
			`// with return before (or after) the next(err) we prevent that the code continues here after next(err) has finished.`
			`// this saves an extra else {..}`
			`}`
			`// if the collection is empty we do not send empty arrays back.`
			`if (items && items.length > 0) {`
			`res.locals.items = items;`
			`}`
			`res.locals.processed = true;`
			`next();`
			`});`
			`} else {`
			`AwardingModel.find(filter, {}, {sort: {date: 'desc'}})`
Add hl confirmation menus 2017-06-10 22:07:32 +02:00			`.populate('decorationId').populate('proposer', resultSet).populate('userId').exec((err, items) => {`
first commit 2017-05-10 11:04:06 +02:00			`if (err) {`
			`err.status = codes.servererror;`
			`return next(err);`
			`// with return before (or after) the next(err) we prevent that the code continues here after next(err) has finished.`
			`// this saves an extra else {..}`
			`}`
Add hl confirmation menus 2017-06-10 22:07:32 +02:00			`let results = [];`
			`if (req.query.fractFilter) {`
			`for (let item of items) {`
			`if (item.decorationId.fraction === req.query.fractFilter) {`
			`results.push(item)`
			`}`
			`}`
			`res.locals.items = results;`

			`} else {`
first commit 2017-05-10 11:04:06 +02:00			`res.locals.items = items;`
			`}`
Add hl confirmation menus 2017-06-10 22:07:32 +02:00
first commit 2017-05-10 11:04:06 +02:00			`res.locals.processed = true;`
			`next();`
			`});`
			`}`
			`})`

add awarding request for sql 2017-06-09 18:30:35 +02:00			`.post(apiAuthenticationMiddleware, checkHl, (req, res, next) => {`
			`const award = new AwardingModel(req.body);`
Add hl confirmation menus 2017-06-10 22:07:32 +02:00			`award.confirmed = 1;`
add awarding request for sql 2017-06-09 18:30:35 +02:00			`award.proposer = req.user._id;`
first commit 2017-05-10 11:04:06 +02:00			`// timestamp and default are set automatically by Mongoose Schema Validation`
add awarding request for sql 2017-06-09 18:30:35 +02:00			`award.save((err) => {`
first commit 2017-05-10 11:04:06 +02:00			`if (err) {`
			`err.status = codes.wrongrequest;`
			`err.message += ' in fields: ' + Object.getOwnPropertyNames(err.errors);`
			`return next(err);`
			`}`
			`res.status(codes.created);`
add awarding request for sql 2017-06-09 18:30:35 +02:00			`res.locals.items = award;`
first commit 2017-05-10 11:04:06 +02:00			`next();`
			`});`
			`})`

			`.all(`
			`routerHandling.httpMethodNotAllowed`
			`);`

			`awarding.route('/:id')`
Add hl confirmation menus 2017-06-10 22:07:32 +02:00
			`.patch(apiAuthenticationMiddleware, checkHl, (req, res, next) => {`
			`if (!req.body \|\| (req.body._id && req.body._id !== req.params.id)) {`
			`// little bit different as in PUT. :id does not need to be in data, but if the _id and url id must match`
			`const err = new Error('id of PATCH resource and send JSON body are not equal ' + req.params.id + " " + req.body._id);`
			`err.status = codes.notfound;`
			`next(err);`
			`return; // prevent node to process this function further after next() has finished.`
			`}`

			`// optional task 3: increment version manually as we do not use .save(.)`
			`req.body.updatedAt = new Date();`
			`req.body.$inc = {__v: 1};`

			`// PATCH is easier with mongoose than PUT. You simply update by all data that comes from outside. no need to reset attributes that are missing.`
			`AwardingModel.findByIdAndUpdate(req.params.id, req.body, {new: true}, (err, item) => {`
			`if (err) {`
			`err.status = codes.wrongrequest;`
			`}`
			`else if (!item) {`
			`err = new Error("item not found");`
			`err.status = codes.notfound;`
			`}`
			`else {`
			`res.locals.items = item;`
			`}`
			`next(err);`
			`})`
			`})`

add awarding request for sql 2017-06-09 18:30:35 +02:00			`.delete(apiAuthenticationMiddleware, checkHl, (req, res, next) => {`
first commit 2017-05-10 11:04:06 +02:00			`AwardingModel.findByIdAndRemove(req.params.id, (err, item) => {`
			`if (err) {`
			`err.status = codes.wrongrequest;`
			`}`
			`else if (!item) {`
			`err = new Error("item not found");`
			`err.status = codes.notfound;`
			`}`
			`// we don't set res.locals.items and thus it will send a 204 (no content) at the end. see last handler user.use(..)`
			`res.locals.processed = true;`
			`next(err); // this works because err is in normal case undefined and that is the same as no parameter`
			`});`
			`})`

			`.all(`
			`routerHandling.httpMethodNotAllowed`
			`);`

			`// this middleware function can be used, if you like or remove it`
			`// it looks for object(s) in res.locals.items and if they exist, they are send to the client as json`
			`awarding.use(routerHandling.emptyResponse);`


			`module.exports = awarding;`