From ec28e69d560aaef33c7fa92c74aedf5af4911e77 Mon Sep 17 00:00:00 2001 From: OldHawk Date: Fri, 23 Jun 2017 18:28:19 +0800 Subject: [PATCH] feat(log): add traces server routes, policies and controllers --- .../controllers/traces.server.controller.js | 77 +++++++++++++++++++ .../server/policies/traces.server.policy.js | 50 ++++++++++++ .../server/routes/traces.server.routes.js | 17 ++++ 3 files changed, 144 insertions(+) create mode 100644 modules/traces/server/controllers/traces.server.controller.js create mode 100644 modules/traces/server/policies/traces.server.policy.js create mode 100644 modules/traces/server/routes/traces.server.routes.js diff --git a/modules/traces/server/controllers/traces.server.controller.js b/modules/traces/server/controllers/traces.server.controller.js new file mode 100644 index 00000000..c79d4ccf --- /dev/null +++ b/modules/traces/server/controllers/traces.server.controller.js @@ -0,0 +1,77 @@ +'use strict'; + +/** + * Module dependencies + */ +var path = require('path'), + config = require(path.resolve('./config/config')), + mongoose = require('mongoose'), + errorHandler = require(path.resolve('./modules/core/server/controllers/errors.server.controller')), + User = mongoose.model('User'), + Trace = mongoose.model('Trace'), + async = require('async'); + +/** + * list Traces + * @param req + * @param res + */ +exports.list = function (req, res) { + Trace.find({}) + .sort('-createdat') + .populate('user', 'displayName profileImageURL uploaded downloaded') + .exec(function (err, traces) { + if (err) { + return res.status(422).send({ + message: errorHandler.getErrorMessage(err) + }); + } + res.json(traces); + }); +}; + +/** + * delete Trace + * @param req + * @param res + */ +exports.delete = function (req, res) { + var trace = req.trace; + trace.remove(function (err) { + if (err) { + return res.status(422).send({ + message: errorHandler.getErrorMessage(err) + }); + } else { + res.json(trace); + } + }); +}; + + +/** + * Invitation middleware + */ +exports.traceByID = function (req, res, next, id) { + + if (!mongoose.Types.ObjectId.isValid(id)) { + return res.status(400).send({ + message: 'Trace is invalid' + }); + } + + Trace.findById(id) + .populate('user', 'displayName profileImageURL uploaded downloaded') + .exec(function (err, trace) { + if (err) { + return next(err); + } else if (!trace) { + return res.status(404).send({ + message: 'No trace with that identifier has been found' + }); + } + req.trace = trace; + next(); + }); +}; + diff --git a/modules/traces/server/policies/traces.server.policy.js b/modules/traces/server/policies/traces.server.policy.js new file mode 100644 index 00000000..0ad736fc --- /dev/null +++ b/modules/traces/server/policies/traces.server.policy.js @@ -0,0 +1,50 @@ +'use strict'; + +/** + * Module dependencies + */ +var acl = require('acl'); + +// Using the memory backend +acl = new acl(new acl.memoryBackend()); + +/** + * Invoke Invitations Permissions + */ +exports.invokeRolesPolicies = function () { + acl.allow( + [ + { + roles: ['admin', 'oper', 'user'], + allows: [ + {resources: '/api/traces', permissions: '*'}, + {resources: '/api/traces/:traceId', permissions: '*'} + ] + } + ] + ); +}; + +/** + * Check If Invitations Policy Allows + */ +exports.isAllowed = function (req, res, next) { + var roles = (req.user) ? req.user.roles : ['guest']; + + // Check for user roles + acl.areAnyRolesAllowed(roles, req.route.path, req.method.toLowerCase(), function (err, isAllowed) { + if (err) { + // An authorization error occurred + return res.status(500).send('Unexpected authorization error'); + } else { + if (isAllowed) { + // Access granted! Invoke next middleware + return next(); + } else { + return res.status(403).json({ + message: 'User is not authorized' + }); + } + } + }); +}; diff --git a/modules/traces/server/routes/traces.server.routes.js b/modules/traces/server/routes/traces.server.routes.js new file mode 100644 index 00000000..e7d15f50 --- /dev/null +++ b/modules/traces/server/routes/traces.server.routes.js @@ -0,0 +1,17 @@ +'use strict'; + +/** + * Module dependencies + */ +var tracesPolicy = require('../policies/traces.server.policy'), + traces = require('../controllers/traces.server.controller'); + +module.exports = function (app) { + app.route('/api/traces').all(tracesPolicy.isAllowed) + .get(traces.list); + + app.route('/api/traces/:traceId').all(tracesPolicy.isAllowed) + .delete(traces.delete); + + app.param('traceId', traces.traceByID); +};