feat(invitations): add invitation server routes, policy,controller js file.

modules/invitations/server/controllers/invitations.server.controller.js

@@ -0,0 +1,50 @@
+'use strict';
+
+/**
+ * Module dependencies
+ */
+var path = require('path'),
+  config = require(path.resolve('./config/config')),
+  mongoose = require('mongoose'),
+  errorHandler = require(path.resolve('./modules/core/server/controllers/errors.server.controller')),
+  User = mongoose.model('User'),
+  Invitation = mongoose.model('Invitation'),
+  async = require('async');
+
+/**
+ * create a Invitation
+ * @param req
+ * @param res
+ */
+exports.create = function (req, res) {
+  var invitation = new Invitation();
+  invitation.expiresat = Date.now() + config.meanTorrentConfig.invite.expires;
+  invitation.user = req.user;
+
+  invitation.save(function (err) {
+    if (err) {
+      return res.status(422).send({
+        message: errorHandler.getErrorMessage(err)
+      });
+    } else {
+      res.json(invitation);
+    }
+  });
+};
+
+
+/**
+ * List of Invitations
+ */
+exports.list = function (req, res) {
+  Invitation.find().sort('-created').populate('user', 'displayName').exec(function (err, invitations) {
+    if (err) {
+      return res.status(422).send({
+        message: errorHandler.getErrorMessage(err)
+      });
+    } else {
+      res.json(invitations);
+    }
+  });
+};
+

modules/invitations/server/policies/invitations.server.policy.js

@@ -0,0 +1,49 @@
+'use strict';
+
+/**
+ * Module dependencies
+ */
+var acl = require('acl');
+
+// Using the memory backend
+acl = new acl(new acl.memoryBackend());
+
+/**
+ * Invoke Articles Permissions
+ */
+exports.invokeRolesPolicies = function () {
+  acl.allow(
+    [
+      {
+        roles: ['admin', 'oper', 'user'],
+        allows: [
+          {resources: '/api/invitations', permissions: '*'}
+        ]
+      }
+    ]
+  );
+};
+
+/**
+ * Check If Articles Policy Allows
+ */
+exports.isAllowed = function (req, res, next) {
+  var roles = (req.user) ? req.user.roles : ['guest'];
+
+  // Check for user roles
+  acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function (err, isAllowed) {
+    if (err) {
+      // An authorization error occurred
+      return res.status(500).send('Unexpected authorization error');
+    } else {
+      if (isAllowed) {
+        // Access granted! Invoke next middleware
+        return next();
+      } else {
+        return res.status(403).json({
+          message: 'User is not authorized'
+        });
+      }
+    }
+  });
+};

modules/invitations/server/routes/invitations.server.routes.js

@@ -0,0 +1,13 @@
+'use strict';
+
+/**
+ * Module dependencies
+ */
+var invitationsPolicy = require('../policies/invitations.server.policy'),
+  invitations = require('../controllers/invitations.server.controller');
+
+module.exports = function (app) {
+  app.route('/api/invitations').all(invitationsPolicy.isAllowed)
+    .get(invitations.list)
+    .post(invitations.create);
+};