diff options
Diffstat (limited to 'bucky/app/api.js')
| -rw-r--r-- | bucky/app/api.js | 258 |
1 files changed, 258 insertions, 0 deletions
diff --git a/bucky/app/api.js b/bucky/app/api.js new file mode 100644 index 0000000..5635ce9 --- /dev/null +++ b/bucky/app/api.js @@ -0,0 +1,258 @@ +var multer = require('multer')() +var auth = require('../util/auth') +var middleware = require('../util/middleware') +var util = require('../util/util') + +var db = require('../db') +var bucky = require('./bucky') +var search = require('../search/middleware') +var fortune = require('../db/fortune') + +module.exports = { route } + +function route (app){ + /* users */ + + app.get("/api/user/:username", + middleware.ensureAuthenticated, + bucky.ensureUser, + bucky.sanitizeUser, + function(req, res) { + res.json(res.user) + }) + app.post("/api/user/:username", + middleware.ensureAuthenticated, + bucky.ensureUser, + bucky.checkUserPrivacy, + multer.single("avatar"), + bucky.updateProfile, + auth.changePassword, + bucky.uploadAvatar, + bucky.saveUser, + function(req, res){ + res.json(util.sanitizeUser(res.user)) + }) + app.put("/api/checkUsernames", + middleware.ensureAuthenticated, + bucky.checkUsernames, + function(req, res){ + res.send({ usernames: res.usernames }) + }) + + + /* threads */ + + app.get("/api/index", + bucky.ensureLastlog, + middleware.ensureAuthenticated, + bucky.ensureLatestThreads, + bucky.filterPrivateThreads, + bucky.ensureCommentCountsForThreads, + bucky.ensureFileCountsForThreads, + bucky.ensureKeywordsForThreads, + bucky.ensureHootbox, + bucky.bumpLastSeen, + function(req, res){ + res.json({ + threads: res.threads, + hootbox: res.hootbox, + lastlog: res.lastlog, + }) + }) + app.get("/api/keyword/:keyword", + bucky.ensureLastlog, + middleware.ensureAuthenticated, + bucky.ensureThreadsForKeyword, + bucky.filterPrivateThreads, + bucky.ensureCommentCountsForThreads, + bucky.ensureFileCountsForThreads, + bucky.ensureKeywordsForThreads, + bucky.ensureHootbox, + function(req, res){ + res.json({ + keyword: res.keyword, + threads: res.threads, + hootbox: res.hootbox, + lastlog: res.lastlog, + }) + }) + app.get("/api/thread/:id", + middleware.ensureAuthenticated, + bucky.ensureThread, + bucky.checkThreadPrivacy, + bucky.bumpViewCount, + bucky.ensureKeywordForThread, + bucky.ensureCommentsForThread, + bucky.ensureFilesForThread, + // bucky.ensureThreadUsers, + bucky.prepareThread, + bucky.bumpLastSeen, + function(req, res){ + res.json({ + thread: res.thread, + comments: res.comments, + files: res.files, + keyword: res.keyword, + }) + }) + app.post("/api/thread", + middleware.ensureAuthenticated, + multer.array("files"), + bucky.verifyFilesOrComment, + bucky.createThread, + bucky.createOptionalFiles, + bucky.createOptionalComment, + function(req, res){ + res.json(res.thread) + }) + app.put("/api/thread/:id", + middleware.ensureAuthenticated, + bucky.ensureThread, + bucky.checkThreadPrivacy, + bucky.updateThreadSettings, + function(req, res){ + res.json({ status: 'ok' }) + }) + app.delete("/api/thread/:id", + middleware.ensureAuthenticated, + bucky.ensureThread, + bucky.checkThreadPrivacy, + bucky.ensureCommentsForThread, + bucky.ensureFilesForThread, + bucky.destroyThread, + function(req, res){ + res.sendStatus(200) + }) + + /* comments */ + + app.post("/api/thread/:id/comment", + middleware.ensureAuthenticated, + bucky.ensureThread, + // ensure thread privacy + multer.array("files"), + bucky.verifyFilesOrComment, + bucky.createOptionalFiles, + bucky.createOptionalComment, + bucky.bumpThreadRevisions, + function(req, res){ + res.json({ + comment: res.comment + }) + }) + app.get("/api/comment/:id", + middleware.ensureAuthenticated, + bucky.ensureComment, + function(req, res){ + res.json({ comment: res.comment }) + }) + // edit a comment + app.put("/api/comment/:id", + middleware.ensureAuthenticated, + bucky.ensureComment, + bucky.checkCommentPrivacy, + bucky.ensureCommentThread, + bucky.updateComment, + bucky.bumpThreadRevisions, + function(req, res){ + res.json({ comment: res.comment }) + }) + // delete a comment + app.delete("/api/comment/:id", + middleware.ensureAuthenticated, + bucky.ensureComment, + bucky.checkCommentPrivacy, + bucky.destroyComment, + function(req, res){ + res.sendStatus(200) + }) + + /* search */ + + app.get("/api/search", + middleware.ensureAuthenticated, + search.search, + search.getThreads, + search.getComments, + search.getFiles, + search.logQuery, + search.success + ) + + /* keywords */ + + app.get("/api/keywords", + middleware.ensureAuthenticated, + bucky.ensureKeywords, + function(req, res){ + res.json({ + keywords: res.keywords, + }) + }) + app.get("/api/keywords/statistics", + middleware.ensureAuthenticated, + bucky.ensureKeywords, + bucky.ensureThreadGroups, + function(req, res){ + res.json({ + keywords: res.keywords, + threadGroups: res.threadGroups, + }) + }) + app.get("/api/keyword/:keyword", + middleware.ensureAuthenticated, + bucky.ensureKeyword, + bucky.ensureThreadsForKeyword, + bucky.filterPrivateThreads, + bucky.ensureCommentCountsForThreads, + bucky.ensureFileCountsForThreads, + bucky.ensureKeywordsForThreads, + function(req, res){ + res.json({ + keyword: res.keyword, + threads: res.threads, + }) + }) + + + /* mail */ + + app.get("/api/mailbox/:box", + middleware.ensureAuthenticated, + bucky.ensureMailboxes, + bucky.ensureMailboxCounts, + bucky.ensureMessages, + function(req, res){ + res.json({ + user: { id: req.user.get("id"), username: req.user.get("username") }, + messages: res.messages, + boxes: res.boxes, + }) + }) + app.get("/api/message/:id", + middleware.ensureAuthenticated, + bucky.ensureMessage, + bucky.markMessageUnread, + function(req, res){ + res.json({ + message: res.message, + }) + }) + app.post("/api/mail/send", + middleware.ensureAuthenticated, + bucky.ensureRecipient, + bucky.sendMessage, + bucky.deleteDraft, + function(req, res){ + res.json({ status: "ok" }) + }) + app.delete("/api/message/:id", + middleware.ensureAuthenticated, + bucky.ensureMessage, + bucky.destroyMessage, + function(req, res){ + res.json({ status: "ok" }) + }) + + auth.route(app) +} |