summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--CHANGELOG.md5
-rw-r--r--models/boards.js164
-rw-r--r--models/cardComments.js130
-rw-r--r--models/checklists.js122
-rw-r--r--models/integrations.js250
-rw-r--r--models/lists.js114
-rw-r--r--models/users.js194
7 files changed, 611 insertions, 368 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index 1f695d61..5ce8e144 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,7 +3,8 @@
This release adds the following new features:
* [Markdown in card/minicard/checlist titles and checklist items. Next line: Shift+Enter. Submit: Enter.](https://github.com/wekan/wekan/pull/1334);
-* [User Admin to Admin Panel: List users. Change: is user admin, name, fullname, email address, is user active. Not changing password yet.](https://github.com/wekan/wekan/pull/1325).
+* [User Admin to Admin Panel: List users. Change: is user admin, name, fullname, email address, is user active. Not changing password yet.](https://github.com/wekan/wekan/pull/1325);
+* [REST API better error output](https://github.com/wekan/wekan/pull/1323).
and fixes the following bugs:
@@ -12,7 +13,7 @@ and fixes the following bugs:
* [Whitespace trimming breaks Markdown code block indentation](https://github.com/wekan/wekan/issues/1288):
* [Helper to list boards for user](https://github.com/wekan/wekan/pull/1327).
-Thanks to Github users brooksbecton, milesibastos, thuanpq and xet7 for their contributions.
+Thanks to Github users brooksbecton, milesibastos, soohwa, thuanpq and xet7 for their contributions.
# v0.54 2017-11-02 Wekan release
diff --git a/models/boards.js b/models/boards.js
index cd633f56..6ae818c6 100644
--- a/models/boards.js
+++ b/models/boards.js
@@ -566,82 +566,122 @@ if (Meteor.isServer) {
//BOARDS REST API
if (Meteor.isServer) {
JsonRoutes.add('GET', '/api/users/:userId/boards', function (req, res, next) {
- Authentication.checkLoggedIn(req.userId);
- const paramUserId = req.params.userId;
- // A normal user should be able to see their own boards,
- // admins can access boards of any user
- Authentication.checkAdminOrCondition(req.userId, req.userId === paramUserId);
-
- const data = Boards.find({
- archived: false,
- 'members.userId': paramUserId,
- }, {
- sort: ['title'],
- }).map(function(board) {
- return {
- _id: board._id,
- title: board.title,
- };
- });
+ try {
+ Authentication.checkLoggedIn(req.userId);
+ const paramUserId = req.params.userId;
+ // A normal user should be able to see their own boards,
+ // admins can access boards of any user
+ Authentication.checkAdminOrCondition(req.userId, req.userId === paramUserId);
+
+ const data = Boards.find({
+ archived: false,
+ 'members.userId': paramUserId,
+ }, {
+ sort: ['title'],
+ }).map(function(board) {
+ return {
+ _id: board._id,
+ title: board.title,
+ };
+ });
- JsonRoutes.sendResult(res, {code: 200, data});
+ JsonRoutes.sendResult(res, {code: 200, data});
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
JsonRoutes.add('GET', '/api/boards', function (req, res, next) {
- Authentication.checkUserId(req.userId);
- JsonRoutes.sendResult(res, {
- code: 200,
- data: Boards.find({ permission: 'public' }).map(function (doc) {
- return {
- _id: doc._id,
- title: doc.title,
- };
- }),
- });
+ try {
+ Authentication.checkUserId(req.userId);
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: Boards.find({ permission: 'public' }).map(function (doc) {
+ return {
+ _id: doc._id,
+ title: doc.title,
+ };
+ }),
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
JsonRoutes.add('GET', '/api/boards/:id', function (req, res, next) {
- const id = req.params.id;
- Authentication.checkBoardAccess( req.userId, id);
+ try {
+ const id = req.params.id;
+ Authentication.checkBoardAccess(req.userId, id);
- JsonRoutes.sendResult(res, {
- code: 200,
- data: Boards.findOne({ _id: id }),
- });
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: Boards.findOne({ _id: id }),
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
JsonRoutes.add('POST', '/api/boards', function (req, res, next) {
- Authentication.checkUserId( req.userId);
- const id = Boards.insert({
- title: req.body.title,
- members: [
- {
- userId: req.body.owner,
- isAdmin: true,
- isActive: true,
- isCommentOnly: false,
+ try {
+ Authentication.checkUserId(req.userId);
+ const id = Boards.insert({
+ title: req.body.title,
+ members: [
+ {
+ userId: req.body.owner,
+ isAdmin: true,
+ isActive: true,
+ isCommentOnly: false,
+ },
+ ],
+ permission: 'public',
+ color: 'belize',
+ });
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: {
+ _id: id,
},
- ],
- permission: 'public',
- color: 'belize',
- });
- JsonRoutes.sendResult(res, {
- code: 200,
- data: {
- _id: id,
- },
- });
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
JsonRoutes.add('DELETE', '/api/boards/:id', function (req, res, next) {
- Authentication.checkUserId( req.userId);
- const id = req.params.id;
- Boards.remove({ _id: id });
- JsonRoutes.sendResult(res, {
- code: 200,
- data:{
- _id: id,
- },
- });
+ try {
+ Authentication.checkUserId(req.userId);
+ const id = req.params.id;
+ Boards.remove({ _id: id });
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data:{
+ _id: id,
+ },
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
}
diff --git a/models/cardComments.js b/models/cardComments.js
index cc1c55bc..4d802748 100644
--- a/models/cardComments.js
+++ b/models/cardComments.js
@@ -88,65 +88,97 @@ if (Meteor.isServer) {
//CARD COMMENT REST API
if (Meteor.isServer) {
JsonRoutes.add('GET', '/api/boards/:boardId/cards/:cardId/comments', function (req, res, next) {
- Authentication.checkUserId( req.userId);
- const paramBoardId = req.params.boardId;
- const paramCardId = req.params.cardId;
- JsonRoutes.sendResult(res, {
- code: 200,
- data: CardComments.find({ boardId: paramBoardId, cardId: paramCardId}).map(function (doc) {
- return {
- _id: doc._id,
- comment: doc.text,
- authorId: doc.userId,
- };
- }),
- });
+ try {
+ Authentication.checkUserId( req.userId);
+ const paramBoardId = req.params.boardId;
+ const paramCardId = req.params.cardId;
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: CardComments.find({ boardId: paramBoardId, cardId: paramCardId}).map(function (doc) {
+ return {
+ _id: doc._id,
+ comment: doc.text,
+ authorId: doc.userId,
+ };
+ }),
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
JsonRoutes.add('GET', '/api/boards/:boardId/cards/:cardId/comments/:commentId', function (req, res, next) {
- Authentication.checkUserId( req.userId);
- const paramBoardId = req.params.boardId;
- const paramCommentId = req.params.commentId;
- const paramCardId = req.params.cardId;
- JsonRoutes.sendResult(res, {
- code: 200,
- data: CardComments.findOne({ _id: paramCommentId, cardId: paramCardId, boardId: paramBoardId }),
- });
+ try {
+ Authentication.checkUserId( req.userId);
+ const paramBoardId = req.params.boardId;
+ const paramCommentId = req.params.commentId;
+ const paramCardId = req.params.cardId;
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: CardComments.findOne({ _id: paramCommentId, cardId: paramCardId, boardId: paramBoardId }),
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
JsonRoutes.add('POST', '/api/boards/:boardId/cards/:cardId/comments', function (req, res, next) {
- Authentication.checkUserId( req.userId);
- const paramBoardId = req.params.boardId;
- const paramCardId = req.params.cardId;
- const id = CardComments.direct.insert({
- userId: req.body.authorId,
- text: req.body.comment,
- cardId: paramCardId,
- boardId: paramBoardId,
- });
+ try {
+ Authentication.checkUserId( req.userId);
+ const paramBoardId = req.params.boardId;
+ const paramCardId = req.params.cardId;
+ const id = CardComments.direct.insert({
+ userId: req.body.authorId,
+ text: req.body.comment,
+ cardId: paramCardId,
+ boardId: paramBoardId,
+ });
- JsonRoutes.sendResult(res, {
- code: 200,
- data: {
- _id: id,
- },
- });
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: {
+ _id: id,
+ },
+ });
- const cardComment = CardComments.findOne({_id: id, cardId:paramCardId, boardId: paramBoardId });
- commentCreation(req.body.authorId, cardComment);
+ const cardComment = CardComments.findOne({_id: id, cardId:paramCardId, boardId: paramBoardId });
+ commentCreation(req.body.authorId, cardComment);
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
JsonRoutes.add('DELETE', '/api/boards/:boardId/cards/:cardId/comments/:commentId', function (req, res, next) {
- Authentication.checkUserId( req.userId);
- const paramBoardId = req.params.boardId;
- const paramCommentId = req.params.commentId;
- const paramCardId = req.params.cardId;
- CardComments.remove({ _id: paramCommentId, cardId: paramCardId, boardId: paramBoardId });
- JsonRoutes.sendResult(res, {
- code: 200,
- data: {
- _id: paramCardId,
- },
- });
+ try {
+ Authentication.checkUserId( req.userId);
+ const paramBoardId = req.params.boardId;
+ const paramCommentId = req.params.commentId;
+ const paramCardId = req.params.cardId;
+ CardComments.remove({ _id: paramCommentId, cardId: paramCardId, boardId: paramBoardId });
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: {
+ _id: paramCardId,
+ },
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
}
diff --git a/models/checklists.js b/models/checklists.js
index b90656e4..907ad7e8 100644
--- a/models/checklists.js
+++ b/models/checklists.js
@@ -259,62 +259,94 @@ if (Meteor.isServer) {
//CARD COMMENT REST API
if (Meteor.isServer) {
JsonRoutes.add('GET', '/api/boards/:boardId/cards/:cardId/checklists', function (req, res, next) {
- Authentication.checkUserId( req.userId);
- const paramCardId = req.params.cardId;
- JsonRoutes.sendResult(res, {
- code: 200,
- data: Checklists.find({ cardId: paramCardId }).map(function (doc) {
- return {
- _id: doc._id,
- title: doc.title,
- };
- }),
- });
+ try {
+ Authentication.checkUserId( req.userId);
+ const paramCardId = req.params.cardId;
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: Checklists.find({ cardId: paramCardId }).map(function (doc) {
+ return {
+ _id: doc._id,
+ title: doc.title,
+ };
+ }),
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
JsonRoutes.add('GET', '/api/boards/:boardId/cards/:cardId/checklists/:checklistId', function (req, res, next) {
- Authentication.checkUserId( req.userId);
- const paramChecklistId = req.params.checklistId;
- const paramCardId = req.params.cardId;
- JsonRoutes.sendResult(res, {
- code: 200,
- data: Checklists.findOne({ _id: paramChecklistId, cardId: paramCardId }),
- });
+ try {
+ Authentication.checkUserId( req.userId);
+ const paramChecklistId = req.params.checklistId;
+ const paramCardId = req.params.cardId;
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: Checklists.findOne({ _id: paramChecklistId, cardId: paramCardId }),
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
JsonRoutes.add('POST', '/api/boards/:boardId/cards/:cardId/checklists', function (req, res, next) {
- Authentication.checkUserId( req.userId);
- const paramCardId = req.params.cardId;
+ try {
+ Authentication.checkUserId( req.userId);
+ const paramCardId = req.params.cardId;
- const checklistToSend = {};
- checklistToSend.cardId = paramCardId;
- checklistToSend.title = req.body.title;
- checklistToSend.items = [];
- const id = Checklists.insert(checklistToSend);
- const checklist = Checklists.findOne({_id: id});
- req.body.items.forEach(function (item) {
- checklist.addItem(item);
- }, this);
+ const checklistToSend = {};
+ checklistToSend.cardId = paramCardId;
+ checklistToSend.title = req.body.title;
+ checklistToSend.items = [];
+ const id = Checklists.insert(checklistToSend);
+ const checklist = Checklists.findOne({_id: id});
+ req.body.items.forEach(function (item) {
+ checklist.addItem(item);
+ }, this);
- JsonRoutes.sendResult(res, {
- code: 200,
- data: {
- _id: id,
- },
- });
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: {
+ _id: id,
+ },
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
JsonRoutes.add('DELETE', '/api/boards/:boardId/cards/:cardId/checklists/:checklistId', function (req, res, next) {
- Authentication.checkUserId( req.userId);
- const paramCommentId = req.params.commentId;
- const paramCardId = req.params.cardId;
- Checklists.remove({ _id: paramCommentId, cardId: paramCardId });
- JsonRoutes.sendResult(res, {
- code: 200,
- data: {
- _id: paramCardId,
- },
- });
+ try {
+ Authentication.checkUserId( req.userId);
+ const paramCommentId = req.params.commentId;
+ const paramCardId = req.params.cardId;
+ Checklists.remove({ _id: paramCommentId, cardId: paramCardId });
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: {
+ _id: paramCardId,
+ },
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
}
diff --git a/models/integrations.js b/models/integrations.js
index 826873ce..1be6af17 100644
--- a/models/integrations.js
+++ b/models/integrations.js
@@ -60,131 +60,187 @@ Integrations.allow({
if (Meteor.isServer) {
// Get all integrations in board
JsonRoutes.add('GET', '/api/boards/:boardId/integrations', function(req, res, next) {
- const paramBoardId = req.params.boardId;
- Authentication.checkBoardAccess(req.userId, paramBoardId);
+ try {
+ const paramBoardId = req.params.boardId;
+ Authentication.checkBoardAccess(req.userId, paramBoardId);
- const data = Integrations.find({ boardId: paramBoardId }, { fields: { token: 0 } }).map(function(doc) {
- return doc;
- });
+ const data = Integrations.find({ boardId: paramBoardId }, { fields: { token: 0 } }).map(function(doc) {
+ return doc;
+ });
- JsonRoutes.sendResult(res, {code: 200, data});
+ JsonRoutes.sendResult(res, {code: 200, data});
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
// Get a single integration in board
JsonRoutes.add('GET', '/api/boards/:boardId/integrations/:intId', function(req, res, next) {
- const paramBoardId = req.params.boardId;
- const paramIntId = req.params.intId;
- Authentication.checkBoardAccess(req.userId, paramBoardId);
-
- JsonRoutes.sendResult(res, {
- code: 200,
- data: Integrations.findOne({ _id: paramIntId, boardId: paramBoardId }, { fields: { token: 0 } }),
- });
+ try {
+ const paramBoardId = req.params.boardId;
+ const paramIntId = req.params.intId;
+ Authentication.checkBoardAccess(req.userId, paramBoardId);
+
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: Integrations.findOne({ _id: paramIntId, boardId: paramBoardId }, { fields: { token: 0 } }),
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
// Create a new integration
JsonRoutes.add('POST', '/api/boards/:boardId/integrations', function(req, res, next) {
- const paramBoardId = req.params.boardId;
- Authentication.checkBoardAccess(req.userId, paramBoardId);
-
- const id = Integrations.insert({
- userId: req.userId,
- boardId: paramBoardId,
- url: req.body.url,
- });
-
- JsonRoutes.sendResult(res, {
- code: 200,
- data: {
- _id: id,
- },
- });
+ try {
+ const paramBoardId = req.params.boardId;
+ Authentication.checkBoardAccess(req.userId, paramBoardId);
+
+ const id = Integrations.insert({
+ userId: req.userId,
+ boardId: paramBoardId,
+ url: req.body.url,
+ });
+
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: {
+ _id: id,
+ },
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
// Edit integration data
JsonRoutes.add('PUT', '/api/boards/:boardId/integrations/:intId', function (req, res, next) {
- const paramBoardId = req.params.boardId;
- const paramIntId = req.params.intId;
- Authentication.checkBoardAccess(req.userId, paramBoardId);
+ try {
+ const paramBoardId = req.params.boardId;
+ const paramIntId = req.params.intId;
+ Authentication.checkBoardAccess(req.userId, paramBoardId);
+
+ if (req.body.hasOwnProperty('enabled')) {
+ const newEnabled = req.body.enabled;
+ Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
+ {$set: {enabled: newEnabled}});
+ }
+ if (req.body.hasOwnProperty('title')) {
+ const newTitle = req.body.title;
+ Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
+ {$set: {title: newTitle}});
+ }
+ if (req.body.hasOwnProperty('url')) {
+ const newUrl = req.body.url;
+ Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
+ {$set: {url: newUrl}});
+ }
+ if (req.body.hasOwnProperty('token')) {
+ const newToken = req.body.token;
+ Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
+ {$set: {token: newToken}});
+ }
+ if (req.body.hasOwnProperty('activities')) {
+ const newActivities = req.body.activities;
+ Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
+ {$set: {activities: newActivities}});
+ }
- if (req.body.hasOwnProperty('enabled')) {
- const newEnabled = req.body.enabled;
- Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
- {$set: {enabled: newEnabled}});
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: {
+ _id: paramIntId,
+ },
+ });
}
- if (req.body.hasOwnProperty('title')) {
- const newTitle = req.body.title;
- Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
- {$set: {title: newTitle}});
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
}
- if (req.body.hasOwnProperty('url')) {
- const newUrl = req.body.url;
- Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
- {$set: {url: newUrl}});
- }
- if (req.body.hasOwnProperty('token')) {
- const newToken = req.body.token;
- Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
- {$set: {token: newToken}});
- }
- if (req.body.hasOwnProperty('activities')) {
- const newActivities = req.body.activities;
- Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
- {$set: {activities: newActivities}});
- }
-
- JsonRoutes.sendResult(res, {
- code: 200,
- data: {
- _id: paramIntId,
- },
- });
});
// Delete subscribed activities
JsonRoutes.add('DELETE', '/api/boards/:boardId/integrations/:intId/activities', function (req, res, next) {
- const paramBoardId = req.params.boardId;
- const paramIntId = req.params.intId;
- const newActivities = req.body.activities;
- Authentication.checkBoardAccess(req.userId, paramBoardId);
-
- Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
- {$pullAll: {activities: newActivities}});
-
- JsonRoutes.sendResult(res, {
- code: 200,
- data: Integrations.findOne({_id: paramIntId, boardId: paramBoardId}, { fields: {_id: 1, activities: 1}}),
- });
+ try {
+ const paramBoardId = req.params.boardId;
+ const paramIntId = req.params.intId;
+ const newActivities = req.body.activities;
+ Authentication.checkBoardAccess(req.userId, paramBoardId);
+
+ Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
+ {$pullAll: {activities: newActivities}});
+
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: Integrations.findOne({_id: paramIntId, boardId: paramBoardId}, { fields: {_id: 1, activities: 1}}),
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
// Add subscribed activities
JsonRoutes.add('POST', '/api/boards/:boardId/integrations/:intId/activities', function (req, res, next) {
- const paramBoardId = req.params.boardId;
- const paramIntId = req.params.intId;
- const newActivities = req.body.activities;
- Authentication.checkBoardAccess(req.userId, paramBoardId);
-
- Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
- {$addToSet: {activities: { $each: newActivities}}});
-
- JsonRoutes.sendResult(res, {
- code: 200,
- data: Integrations.findOne({_id: paramIntId, boardId: paramBoardId}, { fields: {_id: 1, activities: 1}}),
- });
+ try {
+ const paramBoardId = req.params.boardId;
+ const paramIntId = req.params.intId;
+ const newActivities = req.body.activities;
+ Authentication.checkBoardAccess(req.userId, paramBoardId);
+
+ Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
+ {$addToSet: {activities: { $each: newActivities}}});
+
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: Integrations.findOne({_id: paramIntId, boardId: paramBoardId}, { fields: {_id: 1, activities: 1}}),
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
// Delete integration
JsonRoutes.add('DELETE', '/api/boards/:boardId/integrations/:intId', function (req, res, next) {
- const paramBoardId = req.params.boardId;
- const paramIntId = req.params.intId;
- Authentication.checkBoardAccess(req.userId, paramBoardId);
-
- Integrations.direct.remove({_id: paramIntId, boardId: paramBoardId});
- JsonRoutes.sendResult(res, {
- code: 200,
- data: {
- _id: paramIntId,
- },
- });
+ try {
+ const paramBoardId = req.params.boardId;
+ const paramIntId = req.params.intId;
+ Authentication.checkBoardAccess(req.userId, paramBoardId);
+
+ Integrations.direct.remove({_id: paramIntId, boardId: paramBoardId});
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: {
+ _id: paramIntId,
+ },
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
}
diff --git a/models/lists.js b/models/lists.js
index efda9c3f..a5f4791b 100644
--- a/models/lists.js
+++ b/models/lists.js
@@ -198,56 +198,88 @@ if (Meteor.isServer) {
//LISTS REST API
if (Meteor.isServer) {
JsonRoutes.add('GET', '/api/boards/:boardId/lists', function (req, res, next) {
- const paramBoardId = req.params.boardId;
- Authentication.checkBoardAccess( req.userId, paramBoardId);
-
- JsonRoutes.sendResult(res, {
- code: 200,
- data: Lists.find({ boardId: paramBoardId, archived: false }).map(function (doc) {
- return {
- _id: doc._id,
- title: doc.title,
- };
- }),
- });
+ try {
+ const paramBoardId = req.params.boardId;
+ Authentication.checkBoardAccess( req.userId, paramBoardId);
+
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: Lists.find({ boardId: paramBoardId, archived: false }).map(function (doc) {
+ return {
+ _id: doc._id,
+ title: doc.title,
+ };
+ }),
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
JsonRoutes.add('GET', '/api/boards/:boardId/lists/:listId', function (req, res, next) {
- const paramBoardId = req.params.boardId;
- const paramListId = req.params.listId;
- Authentication.checkBoardAccess( req.userId, paramBoardId);
- JsonRoutes.sendResult(res, {
- code: 200,
- data: Lists.findOne({ _id: paramListId, boardId: paramBoardId, archived: false }),
- });
+ try {
+ const paramBoardId = req.params.boardId;
+ const paramListId = req.params.listId;
+ Authentication.checkBoardAccess( req.userId, paramBoardId);
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: Lists.findOne({ _id: paramListId, boardId: paramBoardId, archived: false }),
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
JsonRoutes.add('POST', '/api/boards/:boardId/lists', function (req, res, next) {
- Authentication.checkUserId( req.userId);
- const paramBoardId = req.params.boardId;
- const id = Lists.insert({
- title: req.body.title,
- boardId: paramBoardId,
- });
- JsonRoutes.sendResult(res, {
- code: 200,
- data: {
- _id: id,
- },
- });
+ try {
+ Authentication.checkUserId( req.userId);
+ const paramBoardId = req.params.boardId;
+ const id = Lists.insert({
+ title: req.body.title,
+ boardId: paramBoardId,
+ });
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: {
+ _id: id,
+ },
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
JsonRoutes.add('DELETE', '/api/boards/:boardId/lists/:listId', function (req, res, next) {
- Authentication.checkUserId( req.userId);
- const paramBoardId = req.params.boardId;
- const paramListId = req.params.listId;
- Lists.remove({ _id: paramListId, boardId: paramBoardId });
- JsonRoutes.sendResult(res, {
- code: 200,
- data: {
- _id: paramListId,
- },
- });
+ try {
+ Authentication.checkUserId( req.userId);
+ const paramBoardId = req.params.boardId;
+ const paramListId = req.params.listId;
+ Lists.remove({ _id: paramListId, boardId: paramBoardId });
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: {
+ _id: paramListId,
+ },
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
}
diff --git a/models/users.js b/models/users.js
index 85f4baf2..11a53ce6 100644
--- a/models/users.js
+++ b/models/users.js
@@ -588,94 +588,144 @@ if (Meteor.isServer) {
// USERS REST API
if (Meteor.isServer) {
- JsonRoutes.add('GET', '/api/user', function (req, res, next) {
- Authentication.checkLoggedIn(req.userId);
- const data = Meteor.users.findOne({_id: req.userId});
- delete data.services;
- JsonRoutes.sendResult(res, {
- code: 200,
- data,
- });
+ JsonRoutes.add('GET', '/api/user', function(req, res, next) {
+ try {
+ Authentication.checkLoggedIn(req.userId);
+ const data = Meteor.users.findOne({ _id: req.userId});
+ delete data.services;
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data,
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
JsonRoutes.add('GET', '/api/users', function (req, res, next) {
- Authentication.checkUserId(req.userId);
- JsonRoutes.sendResult(res, {
- code: 200,
- data: Meteor.users.find({}).map(function (doc) {
- return {_id: doc._id, username: doc.username};
- }),
- });
+ try {
+ Authentication.checkUserId(req.userId);
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: Meteor.users.find({}).map(function (doc) {
+ return { _id: doc._id, username: doc.username };
+ }),
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
+
JsonRoutes.add('GET', '/api/users/:id', function (req, res, next) {
- Authentication.checkUserId(req.userId);
- const id = req.params.id;
- JsonRoutes.sendResult(res, {
- code: 200,
- data: Meteor.users.findOne({_id: id}),
- });
+ try {
+ Authentication.checkUserId(req.userId);
+ const id = req.params.id;
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: Meteor.users.findOne({ _id: id }),
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
+
JsonRoutes.add('PUT', '/api/users/:id', function (req, res, next) {
- Authentication.checkUserId(req.userId);
- const id = req.params.id;
- const action = req.body.action;
- let data = Meteor.users.findOne({_id: id});
- if (data !== undefined) {
- if (action === 'takeOwnership') {
- data = Boards.find({
- 'members.userId': id,
- 'members.isAdmin': true,
- }).map(function (board) {
- if (board.hasMember(req.userId)) {
- board.removeMember(req.userId);
+ try {
+ Authentication.checkUserId(req.userId);
+ const id = req.params.id;
+ const action = req.body.action;
+ let data = Meteor.users.findOne({ _id: id });
+ if (data !== undefined) {
+ if (action === 'takeOwnership') {
+ data = Boards.find({
+ 'members.userId': id,
+ 'members.isAdmin': true,
+ }).map(function(board) {
+ if (board.hasMember(req.userId)) {
+ board.removeMember(req.userId);
+ }
+ board.changeOwnership(id, req.userId);
+ return {
+ _id: board._id,
+ title: board.title,
+ };
+ });
+ } else {
+ if ((action === 'disableLogin') && (id !== req.userId)) {
+ Users.update({ _id: id }, { $set: { loginDisabled: true, 'services.resume.loginTokens': '' } });
+ } else if (action === 'enableLogin') {
+ Users.update({ _id: id }, { $set: { loginDisabled: '' } });
}
- board.changeOwnership(id, req.userId);
- return {
- _id: board._id,
- title: board.title,
- };
- });
- } else {
- if ((action === 'disableLogin') && (id !== req.userId)) {
- Users.update({_id: id}, {$set: {loginDisabled: true, 'services.resume.loginTokens': ''}});
- } else if (action === 'enableLogin') {
- Users.update({_id: id}, {$set: {loginDisabled: ''}});
+ data = Meteor.users.findOne({ _id: id });
}
- data = Meteor.users.findOne({_id: id});
}
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data,
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
}
- JsonRoutes.sendResult(res, {
- code: 200,
- data,
- });
});
- JsonRoutes.add('POST', '/api/users/', function (req, res, next) {
- Authentication.checkUserId(req.userId);
- const id = Accounts.createUser({
- username: req.body.username,
- email: req.body.email,
- password: req.body.password,
- from: 'admin',
- });
- JsonRoutes.sendResult(res, {
- code: 200,
- data: {
- _id: id,
- },
- });
+ JsonRoutes.add('POST', '/api/users/', function (req, res, next) {
+ try {
+ Authentication.checkUserId(req.userId);
+ const id = Accounts.createUser({
+ username: req.body.username,
+ email: req.body.email,
+ password: req.body.password,
+ from: 'admin',
+ });
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: {
+ _id: id,
+ },
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
JsonRoutes.add('DELETE', '/api/users/:id', function (req, res, next) {
- Authentication.checkUserId(req.userId);
- const id = req.params.id;
- Meteor.users.remove({_id: id});
- JsonRoutes.sendResult(res, {
- code: 200,
- data: {
- _id: id,
- },
- });
+ try {
+ Authentication.checkUserId(req.userId);
+ const id = req.params.id;
+ Meteor.users.remove({ _id: id });
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: {
+ _id: id,
+ },
+ });
+ }
+ catch (error) {
+ JsonRoutes.sendResult(res, {
+ code: 200,
+ data: error,
+ });
+ }
});
}