summaryrefslogtreecommitdiff
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/index.js11
-rw-r--r--server/lib/api.js324
-rw-r--r--server/lib/api/docs.js65
-rw-r--r--server/lib/api/index.js10
-rw-r--r--server/lib/api/layouts.js107
-rw-r--r--server/lib/api/profile.js60
-rw-r--r--server/lib/api/projects.js106
-rw-r--r--server/lib/middleware.js11
8 files changed, 357 insertions, 337 deletions
diff --git a/server/index.js b/server/index.js
index b2fb568..005b0cd 100644
--- a/server/index.js
+++ b/server/index.js
@@ -105,8 +105,8 @@ site.route = function () {
app.post('/api/docs/edit', middleware.ensureAuthenticated, middleware.ensureIsStaff, api.docs.update)
app.delete('/api/docs/destroy', middleware.ensureAuthenticated, middleware.ensureIsStaff, api.docs.destroy)
- app.get('/layout', middleware.ensureAuthenticated, views.modal)
- app.get('/layout/:name', middleware.ensureAuthenticated, views.builder)
+ app.get('/layout', middleware.ensureAuthenticated, middleware.ensureIsStaff, views.modal)
+ app.get('/layout/:name', middleware.ensureAuthenticated, middleware.ensureIsStaff, views.builder)
app.get('/project', middleware.ensureAuthenticated, views.modal)
app.get('/project/new', middleware.ensureAuthenticated, views.modal)
@@ -115,16 +115,15 @@ site.route = function () {
app.get('/api/layouts', middleware.ensureAuthenticated, api.layouts.index)
app.get('/api/layouts/:slug', middleware.ensureAuthenticated, api.layouts.show)
- app.post('/api/layouts/new', middleware.ensureAuthenticated, api.layouts.create)
- app.post('/api/layouts/edit', middleware.ensureAuthenticated, api.layouts.update)
- app.delete('/api/layouts/destroy', middleware.ensureAuthenticated, api.layouts.destroy)
+ app.post('/api/layouts/new', middleware.ensureAuthenticated, middleware.ensureIsStaff, api.layouts.create)
+ app.post('/api/layouts/edit', middleware.ensureAuthenticated, middleware.ensureIsStaff, api.layouts.update)
+ app.delete('/api/layouts/destroy', middleware.ensureAuthenticated, middleware.ensureIsStaff, api.layouts.destroy)
app.get('/api/projects', middleware.ensureAuthenticated, api.projects.index)
app.get('/api/projects/:slug', middleware.ensureAuthenticated, api.projects.show)
app.post('/api/projects/new', middleware.ensureAuthenticated, api.projects.create)
app.post('/api/projects/edit', middleware.ensureAuthenticated, api.projects.update)
app.delete('/api/projects/destroy', middleware.ensureAuthenticated, api.projects.destroy)
-
}
diff --git a/server/lib/api.js b/server/lib/api.js
deleted file mode 100644
index f840a66..0000000
--- a/server/lib/api.js
+++ /dev/null
@@ -1,324 +0,0 @@
-/* jshint node: true */
-
-var passport = require('passport'),
- Entities = require('html-entities').XmlEntities,
- entities = new Entities(),
- crypto = require('crypto'),
- _ = require('lodash'),
- util = require('./util'),
- upload = require('./upload'),
- config = require('../../config.json'),
- User = require('./schemas/User'),
- Documentation = require('./schemas/Documentation'),
- Layout = require('./schemas/Layout'),
- Project = require('./schemas/Project');
-
-var api = {
-
- profile: {
- show: function(req, res){
- User.findOne({ _id: req.user._id }, function(err, user){
- res.json(err || user)
- })
- },
-
- update: function(req, res){
- var data = util.cleanQuery(req.body)
- if (data.new_password && data.new_password.length) {
- if (! data.old_password || ! req.user.checkPassword(data.old_password)) {
- res.json({ error: { errors: { password: { message: "Old password is incorrect" } } } })
- }
-
- var shasum = crypto.createHash('sha1')
- shasum.update(data.new_password)
- password = shasum.digest('hex');
-
- req.user.password = password
- }
- delete data.old_password
- delete data.new_password
- delete data.isStaff
- data.updated_at = new Date ()
-
- if (req.files.avatar) {
- upload.put("avatars", req.files.avatar, {
- unacceptable: function(err){
- res.json({ error: { errors: { avatar: { message: "Problem saving avatar: " + err } } } })
- },
- success: function(url){
- data.photo = url
- done()
- }
- })
- }
- else {
- done()
- }
-
- function done () {
- _.extend( req.user, data )
- req.user.save(function(err, msg) {
- err ? res.json({ status: "FAIL", error: err })
- : res.json({ status: "OK", payload: req.user })
- })
- }
- }
- },
-
-
- docs: {
- show: function(req, res){
- Documentation.findOne({ name: req.query.name }, function(err, doc){
- if (doc) {
- res.json(doc)
- }
- else {
- var name = util.sanitize(req.query.name)
- if (name == "new") {
- name = ""
- }
- res.json({ name: name, isNew: true })
- }
- })
- },
-
- create: function(req, res){
- var data = util.cleanQuery(req.body)
- data.name = util.sanitize(data.new_name)
- data.displayName = util.sanitize(data.displayName)
- delete data.new_name
- new Documentation(data).save(function(err, doc){
- if (err || ! doc) { return res.json({ error: err }) }
- res.json(doc)
- })
- },
-
- update: function(req, res){
- var data = util.cleanQuery(req.body)
- if (data.name == "new") {
- return api.docs.create(req, res)
- }
- Documentation.findOne({ name: data.name }, function(err, doc){
- if (err || ! doc) { return res.json({ error: err }) }
- data.name = data.new_name
- delete data.new_name
- _.extend(doc, data)
- doc.save(function(err, doc){
- if (err || ! doc) { return res.json({ error: err }) }
- res.json(doc)
- })
- })
- },
-
- destroy: function(req, res){
- var name = util.sanitize(req.body.name)
- if (! name || ! name.length) {
- res.json({ error: 404 })
- return
- }
- Documentation.remove({ name: name }, function(err){
- res.json({ status: "OK" })
- })
- }
- },
-
- layouts: {
- index: function(req, res){
- Layout.find({}, function(err, docs){
- res.json(docs)
- })
- },
-
- show: function(req, res){
- Layout.findOne({ slug: req.params.slug }, function(err, doc){
- if (doc) {
- res.json(doc)
- return
- }
- else {
- var name = util.sanitize(req.params.slug)
- if (name == "new") {
- name = ""
- }
- res.json({ _id: "new", name: name, isNew: true })
- }
- })
- },
-
- create: function(req, res){
- var data = util.cleanQuery(req.body)
- data.name = util.sanitize(data.name)
- data.slug = util.slugify(data.name)
- data.user_id = req.user._id
- data.rooms = JSON.parse(data.rooms)
- data.startPosition = JSON.parse(data.startPosition)
-
- upload.put("layouts", req.files.thumbnail, {
- unacceptable: function(err){
- res.json({ error: { errors: { thumbnail: { message: "Problem saving thumbnail: " + err } } } })
- },
- success: function(url){
- data.photo = url
- done()
- }
- })
-
- function done() {
- new Layout(data).save(function(err, doc){
- if (err || ! doc) { return res.json({ error: err }) }
- res.json(doc)
- })
- }
- },
-
- update: function(req, res){
- var _id = req.body._id
- if (_id == "new") {
- return api.docs.create(req, res)
- }
-
- var data = util.cleanQuery(req.body)
- data.name = util.sanitize(data.name)
- data.slug = util.slugify(data.name)
- data.user_id = req.user._id
-
- upload.put("layouts", req.files.thumbnail, {
- unacceptable: function(err){
- res.json({ error: { errors: { thumbnail: { message: "Problem saving thumbnail: " + err } } } })
- },
- success: function(url){
- data.photo = url
- done()
- }
- })
-
- function done() {
- Layout.findOne({ _id: _id }, function(err, doc){
- if (err || ! doc) { return res.json({ error: err }) }
- _.extend(doc, data)
- doc.rooms = JSON.parse(data.rooms)
- doc.startPosition = JSON.parse(data.startPosition)
-
- doc.save(function(err, doc){
- if (err || ! doc) { return res.json({ error: err }) }
- res.json(doc)
- })
- })
- }
- },
-
- destroy: function(req, res){
- var _id = req.body._id
- console.log(_id)
- if (! _id || ! _id.length) {
- res.json({ error: 404 })
- return
- }
- Layout.remove({ _id: _id }, function(err){
- res.json({ status: "OK" })
- })
- },
- },
-
-
- projects: {
- index: function(req, res){
- Project.find({}, function(err, docs){
- res.json(docs)
- })
- },
-
- show: function(req, res){
- Project.findOne({ slug: req.params.slug }, function(err, doc){
- if (doc) {
- res.json(doc)
- return
- }
- else {
- var name = util.sanitize(req.params.slug)
- if (name == "new") {
- name = ""
- }
- res.json({ _id: "new", name: name, isNew: true })
- }
- })
- },
-
- create: function(req, res){
- var data = util.cleanQuery(req.body)
- data.name = util.sanitize(data.name)
- data.slug = util.slugify(data.name)
- data.user_id = req.user._id
- data.rooms = JSON.parse(data.rooms)
- data.startPosition = JSON.parse(data.startPosition)
-
- upload.put("projects", req.files.thumbnail, {
- unacceptable: function(err){
- res.json({ error: { errors: { thumbnail: { message: "Problem saving thumbnail: " + err } } } })
- },
- success: function(url){
- data.photo = url
- done()
- }
- })
-
- function done() {
- new Project(data).save(function(err, doc){
- if (err || ! doc) { return res.json({ error: err }) }
- res.json(doc)
- })
- }
- },
-
- update: function(req, res){
- var _id = req.body._id
- if (_id == "new") {
- return api.docs.create(req, res)
- }
-
- var data = util.cleanQuery(req.body)
- data.name = util.sanitize(data.name)
- data.slug = util.slugify(data.name)
- data.user_id = req.user._id
-
- upload.put("projects", req.files.thumbnail, {
- unacceptable: function(err){
- res.json({ error: { errors: { thumbnail: { message: "Problem saving thumbnail: " + err } } } })
- },
- success: function(url){
- data.photo = url
- done()
- }
- })
-
- function done() {
- Project.findOne({ _id: _id }, function(err, doc){
- if (err || ! doc) { return res.json({ error: err }) }
- _.extend(doc, data)
- doc.rooms = JSON.parse(data.rooms)
- doc.startPosition = JSON.parse(data.startPosition)
-
- doc.save(function(err, doc){
- if (err || ! doc) { return res.json({ error: err }) }
- res.json(doc)
- })
- })
- }
- },
-
- destroy: function(req, res){
- var _id = req.body._id
- if (! id || ! id.length) {
- res.json({ error: 404 })
- return
- }
- Project.remove({ _id: _id }, function(err){
- res.json({ status: "OK" })
- })
- },
- }
-
-}
-
-
-module.exports = api
diff --git a/server/lib/api/docs.js b/server/lib/api/docs.js
new file mode 100644
index 0000000..b008c17
--- /dev/null
+++ b/server/lib/api/docs.js
@@ -0,0 +1,65 @@
+/* jshint node: true */
+
+var _ = require('lodash'),
+ util = require('../util'),
+ upload = require('../upload'),
+ config = require('../../../config.json'),
+ Documentation = require('../schemas/Documentation');
+
+var docs = {
+ show: function(req, res){
+ Documentation.findOne({ name: req.query.name }, function(err, doc){
+ if (doc) {
+ res.json(doc)
+ }
+ else {
+ var name = util.sanitize(req.query.name)
+ if (name == "new") {
+ name = ""
+ }
+ res.json({ name: name, isNew: true })
+ }
+ })
+ },
+
+ create: function(req, res){
+ var data = util.cleanQuery(req.body)
+ data.name = util.sanitize(data.new_name)
+ data.displayName = util.sanitize(data.displayName)
+ delete data.new_name
+ new Documentation(data).save(function(err, doc){
+ if (err || ! doc) { return res.json({ error: err }) }
+ res.json(doc)
+ })
+ },
+
+ update: function(req, res){
+ var data = util.cleanQuery(req.body)
+ if (data.name == "new") {
+ return docs.create(req, res)
+ }
+ Documentation.findOne({ name: data.name }, function(err, doc){
+ if (err || ! doc) { return res.json({ error: err }) }
+ data.name = data.new_name
+ delete data.new_name
+ _.extend(doc, data)
+ doc.save(function(err, doc){
+ if (err || ! doc) { return res.json({ error: err }) }
+ res.json(doc)
+ })
+ })
+ },
+
+ destroy: function(req, res){
+ var name = util.sanitize(req.body.name)
+ if (! name || ! name.length) {
+ res.json({ error: 404 })
+ return
+ }
+ Documentation.remove({ name: name }, function(err){
+ res.json({ status: "OK" })
+ })
+ }
+}
+
+module.exports = docs
diff --git a/server/lib/api/index.js b/server/lib/api/index.js
new file mode 100644
index 0000000..fadfa9c
--- /dev/null
+++ b/server/lib/api/index.js
@@ -0,0 +1,10 @@
+/* jshint node: true */
+
+var api = {
+ profile: require('./profile'),
+ docs: require('./docs'),
+ layouts: require('./layouts'),
+ projects: require('./projects'),
+}
+
+module.exports = api
diff --git a/server/lib/api/layouts.js b/server/lib/api/layouts.js
new file mode 100644
index 0000000..1364426
--- /dev/null
+++ b/server/lib/api/layouts.js
@@ -0,0 +1,107 @@
+/* jshint node: true */
+
+var _ = require('lodash'),
+ util = require('../util'),
+ upload = require('../upload'),
+ config = require('../../../config.json'),
+ Layout = require('../schemas/Layout');
+
+var layouts = {
+ index: function(req, res){
+ Layout.find({}, function(err, docs){
+ res.json(docs)
+ })
+ },
+
+ show: function(req, res){
+ Layout.findOne({ slug: req.params.slug }, function(err, doc){
+ if (doc) {
+ res.json(doc)
+ return
+ }
+ else {
+ var name = util.sanitize(req.params.slug)
+ if (name == "new") {
+ name = ""
+ }
+ res.json({ _id: "new", name: name, isNew: true })
+ }
+ })
+ },
+
+ create: function(req, res){
+ var data = util.cleanQuery(req.body)
+ data.name = util.sanitize(data.name)
+ data.slug = util.slugify(data.name)
+ data.user_id = req.user._id
+ data.rooms = JSON.parse(data.rooms)
+ data.startPosition = JSON.parse(data.startPosition)
+
+ upload.put("layouts", req.files.thumbnail, {
+ unacceptable: function(err){
+ res.json({ error: { errors: { thumbnail: { message: "Problem saving thumbnail: " + err } } } })
+ },
+ success: function(url){
+ data.photo = url
+ done()
+ }
+ })
+
+ function done() {
+ new Layout(data).save(function(err, doc){
+ if (err || ! doc) { return res.json({ error: err }) }
+ res.json(doc)
+ })
+ }
+ },
+
+ update: function(req, res){
+ var _id = req.body._id
+ if (_id == "new") {
+ return docs.create(req, res)
+ }
+
+ var data = util.cleanQuery(req.body)
+ data.name = util.sanitize(data.name)
+ data.slug = util.slugify(data.name)
+ data.user_id = req.user._id
+
+ upload.put("layouts", req.files.thumbnail, {
+ unacceptable: function(err){
+ res.json({ error: { errors: { thumbnail: { message: "Problem saving thumbnail: " + err } } } })
+ },
+ success: function(url){
+ data.photo = url
+ done()
+ }
+ })
+
+ function done() {
+ Layout.findOne({ _id: _id }, function(err, doc){
+ if (err || ! doc) { return res.json({ error: err }) }
+ _.extend(doc, data)
+ doc.rooms = JSON.parse(data.rooms)
+ doc.startPosition = JSON.parse(data.startPosition)
+
+ doc.save(function(err, doc){
+ if (err || ! doc) { return res.json({ error: err }) }
+ res.json(doc)
+ })
+ })
+ }
+ },
+
+ destroy: function(req, res){
+ var _id = req.body._id
+ console.log(_id)
+ if (! _id || ! _id.length) {
+ res.json({ error: 404 })
+ return
+ }
+ Layout.remove({ _id: _id }, function(err){
+ res.json({ status: "OK" })
+ })
+ },
+}
+
+module.exports = layouts
diff --git a/server/lib/api/profile.js b/server/lib/api/profile.js
new file mode 100644
index 0000000..fdd1bde
--- /dev/null
+++ b/server/lib/api/profile.js
@@ -0,0 +1,60 @@
+/* jshint node: true */
+
+var _ = require('lodash'),
+ crypto = require('crypto'),
+ util = require('../util'),
+ upload = require('../upload'),
+ config = require('../../../config.json'),
+ User = require('../schemas/User');
+
+var profile = {
+ show: function(req, res){
+ User.findOne({ _id: req.user._id }, function(err, user){
+ res.json(err || user)
+ })
+ },
+
+ update: function(req, res){
+ var data = util.cleanQuery(req.body)
+ if (data.new_password && data.new_password.length) {
+ if (! data.old_password || ! req.user.checkPassword(data.old_password)) {
+ res.json({ error: { errors: { password: { message: "Old password is incorrect" } } } })
+ }
+
+ var shasum = crypto.createHash('sha1')
+ shasum.update(data.new_password)
+ password = shasum.digest('hex');
+
+ req.user.password = password
+ }
+ delete data.old_password
+ delete data.new_password
+ delete data.isStaff
+ data.updated_at = new Date ()
+
+ if (req.files.avatar) {
+ upload.put("avatars", req.files.avatar, {
+ unacceptable: function(err){
+ res.json({ error: { errors: { avatar: { message: "Problem saving avatar: " + err } } } })
+ },
+ success: function(url){
+ data.photo = url
+ done()
+ }
+ })
+ }
+ else {
+ done()
+ }
+
+ function done () {
+ _.extend( req.user, data )
+ req.user.save(function(err, msg) {
+ err ? res.json({ status: "FAIL", error: err })
+ : res.json({ status: "OK", payload: req.user })
+ })
+ }
+ }
+}
+
+module.exports = profile
diff --git a/server/lib/api/projects.js b/server/lib/api/projects.js
new file mode 100644
index 0000000..99ed9fe
--- /dev/null
+++ b/server/lib/api/projects.js
@@ -0,0 +1,106 @@
+/* jshint node: true */
+
+var _ = require('lodash'),
+ util = require('../util'),
+ upload = require('../upload'),
+ config = require('../../../config.json'),
+ Project = require('../schemas/Project');
+
+var projects = {
+ index: function(req, res){
+ Project.find({}, function(err, docs){
+ res.json(docs)
+ })
+ },
+
+ show: function(req, res){
+ Project.findOne({ slug: req.params.slug }, function(err, doc){
+ if (doc) {
+ res.json(doc)
+ return
+ }
+ else {
+ var name = util.sanitize(req.params.slug)
+ if (name == "new") {
+ name = ""
+ }
+ res.json({ _id: "new", name: name, isNew: true })
+ }
+ })
+ },
+
+ create: function(req, res){
+ var data = util.cleanQuery(req.body)
+ data.name = util.sanitize(data.name)
+ data.slug = util.slugify(data.name)
+ data.user_id = req.user._id
+ data.rooms = JSON.parse(data.rooms)
+ data.startPosition = JSON.parse(data.startPosition)
+
+ upload.put("projects", req.files.thumbnail, {
+ unacceptable: function(err){
+ res.json({ error: { errors: { thumbnail: { message: "Problem saving thumbnail: " + err } } } })
+ },
+ success: function(url){
+ data.photo = url
+ done()
+ }
+ })
+
+ function done() {
+ new Project(data).save(function(err, doc){
+ if (err || ! doc) { return res.json({ error: err }) }
+ res.json(doc)
+ })
+ }
+ },
+
+ update: function(req, res){
+ var _id = req.body._id
+ if (_id == "new") {
+ return docs.create(req, res)
+ }
+
+ var data = util.cleanQuery(req.body)
+ data.name = util.sanitize(data.name)
+ data.slug = util.slugify(data.name)
+ data.user_id = req.user._id
+
+ upload.put("projects", req.files.thumbnail, {
+ unacceptable: function(err){
+ res.json({ error: { errors: { thumbnail: { message: "Problem saving thumbnail: " + err } } } })
+ },
+ success: function(url){
+ data.photo = url
+ done()
+ }
+ })
+
+ function done() {
+ Project.findOne({ _id: _id }, function(err, doc){
+ if (err || ! doc) { return res.json({ error: err }) }
+ _.extend(doc, data)
+ doc.rooms = JSON.parse(data.rooms)
+ doc.startPosition = JSON.parse(data.startPosition)
+
+ doc.save(function(err, doc){
+ if (err || ! doc) { return res.json({ error: err }) }
+ res.json(doc)
+ })
+ })
+ }
+ },
+
+ destroy: function(req, res){
+ var _id = req.body._id
+ if (! id || ! id.length) {
+ res.json({ error: 404 })
+ return
+ }
+ Project.remove({ _id: _id }, function(err){
+ res.json({ status: "OK" })
+ })
+ },
+}
+
+module.exports = projects
diff --git a/server/lib/middleware.js b/server/lib/middleware.js
index dbe0b26..c74c496 100644
--- a/server/lib/middleware.js
+++ b/server/lib/middleware.js
@@ -26,13 +26,10 @@ var middleware = {
},
ensureIsStaff: function (req, res, next) {
- User.findOne({ _id: req.user._id }, function (err, user) {
- if (! user.isStaff) {
- return res.redirect('http://' + config.host + '/');
- }
- req.user = user
- next();
- });
+ if (! req.user.isStaff) {
+ return res.redirect('http://' + config.host + '/');
+ }
+ next();
},
ensureLocals: function (req, res, next) {
generated by cgit v1.2.3-70-g09d2 (git 2.51.0) at 2025-12-10 22:20:25 +0000