server/lib/api/collaborator.js


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85

/* jshint node: true */

var _ = require('lodash'),
	util = require('../util'),
	upload = require('../upload'),
	config = require('../../../config.json'),
	Collaborator = require('../schemas/Collaborator'),
	Project = require('../schemas/Project');

var collaborator = {

	join: function(req, res){
	  var nonce = req.query.nonce
	  if (! nonce || ! nonce.length) { return res.json({ error: "invalid invite code" }) }
	  Collaborator.findOne({ nonce: nonce }, function(err, collaborator){
	    if (err || ! collaborator) { return res.json({ error: "can't find collaborator" }) }
	    collaborator.user_id = req.user.user_id
	    collaborator.nonce = ""
			collaborator.save(function(err, collaborator){
        Project.findOne({ _id: collaborator.project_id }, function(err, project){
          if (err || ! project) { return res.json({ error: err }) }
          res.redirect("/project/" + project.slug + "/edit")
        })
      })
	  })
	},

  //

  index: function(req, res){
    if (! req.project) {
      return res.json({ error: "can't find project" })
    }
    if (req.project.user_id !== req.user._id) { return res.json({ error: "insufficient permission" }) }
    Collaborator.find({ project_id: req.project._id }, function(err, collaborators){
      var user_ids = _.pluck(collaborators, "user_id").filter(function(id){ return !! id })
      User.find({ _id: user_ids }, "username displayName photo", function(err, users){
        if (! user_ids) {
          return res.json(collaborators)          
        }
        var userIndex = _.indexBy(users, '_id')
        collaborators = collaborators.map(function(collaborator){
          var obj = collaborator.toObject()
          obj.user = userIndex[ obj.user_id ]
          return obj
        })
        res.json(collaborators)
      })
    })
  },

	create: function(req, res){
    if (! req.project) {
      return res.json({ error: "can't find project" })
    }
		var data = util.cleanQuery(req.body)
		delete data.user_id

		data.project_id = req.project._id

    Collaborator.makeNonce(function(nonce){
      data.nonce = nonce
      new Collaborator(data).save(function(err, collaborator){
        if (err || ! collaborator) { return res.json({ error: err }) }
				auth.mail.forgotPassword(req.project, req.user, collaborator, function(){
					res.json(collaborator)
				})
      })
    })
	},
	
	destroy: function(req, res){
    if (! req.project) {
      return res.json({ error: "can't find project" })
    }
    if (req.project.user_id !== req.user._id) {
      return res.json({ error: "insufficient permission" })
    }
    Collaborator.remove({ _id: _id }, function(err){
      res.json({ status: "OK" })
    })
	}
}

module.exports = collaborator