coop-cloud-chaos-patchs/outline
coop-cloud-chaos-patchs/outline
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2022-08-14. You can view files and clone it, but cannot push or open issues or pull requests.
outline/server/api/documents.js
Jori Lallo 24e02bfdc4 New database with migrations
2016-06-25 22:37:05 -07:00

133 lines
2.8 KiB
JavaScript
Raw Blame History

import Router from 'koa-router';
import httpErrors from 'http-errors';
import auth from './authentication';
import pagination from './middlewares/pagination';
import { presentDocument } from '../presenters';
import { Document, Atlas } from '../models';
const router = new Router();
// FIXME: This really needs specs :/
router.post('documents.info', auth({ require: false }), async (ctx) => {
let { id } = ctx.request.body;
ctx.assertPresent(id, 'id is required');
const document = await Document.findOne({
where: {
id: id,
},
});
// Don't expose private documents outside the team
if (document.private) {
if (!ctx.state.user) throw httpErrors.NotFound();
const user = await ctx.state.user;
if (document.teamId !== user.teamId) {
throw httpErrors.NotFound();
}
ctx.body = {
data: await presentDocument(document, true),
};
} else {
ctx.body = {
data: await presentDocument(document),
};
}
if (!document) throw httpErrors.NotFound();
});
router.post('documents.create', auth(), async (ctx) => {
let {
atlas,
title,
text,
} = ctx.request.body;
ctx.assertPresent(atlas, 'atlas is required');
ctx.assertPresent(title, 'title is required');
ctx.assertPresent(text, 'text is required');
const user = ctx.state.user;
const ownerAtlas = await Atlas.findOne({
where: {
id: atlas,
teamId: user.teamId,
},
});
if (!ownerAtlas) throw httpErrors.BadRequest();
const document = await Document.create({
atlasId: ownerAtlas.id,
teamId: user.teamId,
userId: user.id,
title: title,
text: text,
});
ctx.body = {
data: await presentDocument(document, true),
};
});
router.post('documents.update', auth(), async (ctx) => {
let {
id,
title,
text,
} = ctx.request.body;
ctx.assertPresent(id, 'id is required');
ctx.assertPresent(title, 'title is required');
ctx.assertPresent(text, 'text is required');
const user = ctx.state.user;
let document = await Document.findOne({
where: {
id: id,
teamId: user.teamId,
},
});
if (!document) throw httpErrors.BadRequest();
document.title = title;
document.text = text;
await document.save();
ctx.body = {
data: await presentDocument(document, true),
};
});
router.post('documents.delete', auth(), async (ctx) => {
let {
id,
} = ctx.request.body;
ctx.assertPresent(id, 'id is required');
const user = ctx.state.user;
let document = await Document.findOne({
where: {
id: id,
teamId: user.teamId,
},
});
if (!document) throw httpErrors.BadRequest();
try {
await document.destroy();
} catch (e) {
throw httpErrors.BadRequest('Error while deleting');
};
ctx.body = {
ok: true,
};
});
export default router;
Reference in New Issue View Git Blame Copy Permalink