From 97a23011dabe9727f9395794e2f3f6f213ffe21a Mon Sep 17 00:00:00 2001 From: soohwa Date: Sun, 15 Oct 2017 07:39:48 +0200 Subject: Add REST API better error output --- models/boards.js | 164 ++++++++++++++++++++------------ models/cardComments.js | 130 +++++++++++++++---------- models/checklists.js | 122 +++++++++++++++--------- models/integrations.js | 250 ++++++++++++++++++++++++++++++------------------- models/lists.js | 114 ++++++++++++++-------- models/users.js | 192 +++++++++++++++++++++++-------------- 6 files changed, 607 insertions(+), 365 deletions(-) diff --git a/models/boards.js b/models/boards.js index cd633f56..6ae818c6 100644 --- a/models/boards.js +++ b/models/boards.js @@ -566,82 +566,122 @@ if (Meteor.isServer) { //BOARDS REST API if (Meteor.isServer) { JsonRoutes.add('GET', '/api/users/:userId/boards', function (req, res, next) { - Authentication.checkLoggedIn(req.userId); - const paramUserId = req.params.userId; - // A normal user should be able to see their own boards, - // admins can access boards of any user - Authentication.checkAdminOrCondition(req.userId, req.userId === paramUserId); - - const data = Boards.find({ - archived: false, - 'members.userId': paramUserId, - }, { - sort: ['title'], - }).map(function(board) { - return { - _id: board._id, - title: board.title, - }; - }); + try { + Authentication.checkLoggedIn(req.userId); + const paramUserId = req.params.userId; + // A normal user should be able to see their own boards, + // admins can access boards of any user + Authentication.checkAdminOrCondition(req.userId, req.userId === paramUserId); + + const data = Boards.find({ + archived: false, + 'members.userId': paramUserId, + }, { + sort: ['title'], + }).map(function(board) { + return { + _id: board._id, + title: board.title, + }; + }); - JsonRoutes.sendResult(res, {code: 200, data}); + JsonRoutes.sendResult(res, {code: 200, data}); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('GET', '/api/boards', function (req, res, next) { - Authentication.checkUserId(req.userId); - JsonRoutes.sendResult(res, { - code: 200, - data: Boards.find({ permission: 'public' }).map(function (doc) { - return { - _id: doc._id, - title: doc.title, - }; - }), - }); + try { + Authentication.checkUserId(req.userId); + JsonRoutes.sendResult(res, { + code: 200, + data: Boards.find({ permission: 'public' }).map(function (doc) { + return { + _id: doc._id, + title: doc.title, + }; + }), + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('GET', '/api/boards/:id', function (req, res, next) { - const id = req.params.id; - Authentication.checkBoardAccess( req.userId, id); + try { + const id = req.params.id; + Authentication.checkBoardAccess(req.userId, id); - JsonRoutes.sendResult(res, { - code: 200, - data: Boards.findOne({ _id: id }), - }); + JsonRoutes.sendResult(res, { + code: 200, + data: Boards.findOne({ _id: id }), + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('POST', '/api/boards', function (req, res, next) { - Authentication.checkUserId( req.userId); - const id = Boards.insert({ - title: req.body.title, - members: [ - { - userId: req.body.owner, - isAdmin: true, - isActive: true, - isCommentOnly: false, + try { + Authentication.checkUserId(req.userId); + const id = Boards.insert({ + title: req.body.title, + members: [ + { + userId: req.body.owner, + isAdmin: true, + isActive: true, + isCommentOnly: false, + }, + ], + permission: 'public', + color: 'belize', + }); + JsonRoutes.sendResult(res, { + code: 200, + data: { + _id: id, }, - ], - permission: 'public', - color: 'belize', - }); - JsonRoutes.sendResult(res, { - code: 200, - data: { - _id: id, - }, - }); + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('DELETE', '/api/boards/:id', function (req, res, next) { - Authentication.checkUserId( req.userId); - const id = req.params.id; - Boards.remove({ _id: id }); - JsonRoutes.sendResult(res, { - code: 200, - data:{ - _id: id, - }, - }); + try { + Authentication.checkUserId(req.userId); + const id = req.params.id; + Boards.remove({ _id: id }); + JsonRoutes.sendResult(res, { + code: 200, + data:{ + _id: id, + }, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); } diff --git a/models/cardComments.js b/models/cardComments.js index cc1c55bc..4d802748 100644 --- a/models/cardComments.js +++ b/models/cardComments.js @@ -88,65 +88,97 @@ if (Meteor.isServer) { //CARD COMMENT REST API if (Meteor.isServer) { JsonRoutes.add('GET', '/api/boards/:boardId/cards/:cardId/comments', function (req, res, next) { - Authentication.checkUserId( req.userId); - const paramBoardId = req.params.boardId; - const paramCardId = req.params.cardId; - JsonRoutes.sendResult(res, { - code: 200, - data: CardComments.find({ boardId: paramBoardId, cardId: paramCardId}).map(function (doc) { - return { - _id: doc._id, - comment: doc.text, - authorId: doc.userId, - }; - }), - }); + try { + Authentication.checkUserId( req.userId); + const paramBoardId = req.params.boardId; + const paramCardId = req.params.cardId; + JsonRoutes.sendResult(res, { + code: 200, + data: CardComments.find({ boardId: paramBoardId, cardId: paramCardId}).map(function (doc) { + return { + _id: doc._id, + comment: doc.text, + authorId: doc.userId, + }; + }), + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('GET', '/api/boards/:boardId/cards/:cardId/comments/:commentId', function (req, res, next) { - Authentication.checkUserId( req.userId); - const paramBoardId = req.params.boardId; - const paramCommentId = req.params.commentId; - const paramCardId = req.params.cardId; - JsonRoutes.sendResult(res, { - code: 200, - data: CardComments.findOne({ _id: paramCommentId, cardId: paramCardId, boardId: paramBoardId }), - }); + try { + Authentication.checkUserId( req.userId); + const paramBoardId = req.params.boardId; + const paramCommentId = req.params.commentId; + const paramCardId = req.params.cardId; + JsonRoutes.sendResult(res, { + code: 200, + data: CardComments.findOne({ _id: paramCommentId, cardId: paramCardId, boardId: paramBoardId }), + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('POST', '/api/boards/:boardId/cards/:cardId/comments', function (req, res, next) { - Authentication.checkUserId( req.userId); - const paramBoardId = req.params.boardId; - const paramCardId = req.params.cardId; - const id = CardComments.direct.insert({ - userId: req.body.authorId, - text: req.body.comment, - cardId: paramCardId, - boardId: paramBoardId, - }); + try { + Authentication.checkUserId( req.userId); + const paramBoardId = req.params.boardId; + const paramCardId = req.params.cardId; + const id = CardComments.direct.insert({ + userId: req.body.authorId, + text: req.body.comment, + cardId: paramCardId, + boardId: paramBoardId, + }); - JsonRoutes.sendResult(res, { - code: 200, - data: { - _id: id, - }, - }); + JsonRoutes.sendResult(res, { + code: 200, + data: { + _id: id, + }, + }); - const cardComment = CardComments.findOne({_id: id, cardId:paramCardId, boardId: paramBoardId }); - commentCreation(req.body.authorId, cardComment); + const cardComment = CardComments.findOne({_id: id, cardId:paramCardId, boardId: paramBoardId }); + commentCreation(req.body.authorId, cardComment); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('DELETE', '/api/boards/:boardId/cards/:cardId/comments/:commentId', function (req, res, next) { - Authentication.checkUserId( req.userId); - const paramBoardId = req.params.boardId; - const paramCommentId = req.params.commentId; - const paramCardId = req.params.cardId; - CardComments.remove({ _id: paramCommentId, cardId: paramCardId, boardId: paramBoardId }); - JsonRoutes.sendResult(res, { - code: 200, - data: { - _id: paramCardId, - }, - }); + try { + Authentication.checkUserId( req.userId); + const paramBoardId = req.params.boardId; + const paramCommentId = req.params.commentId; + const paramCardId = req.params.cardId; + CardComments.remove({ _id: paramCommentId, cardId: paramCardId, boardId: paramBoardId }); + JsonRoutes.sendResult(res, { + code: 200, + data: { + _id: paramCardId, + }, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); } diff --git a/models/checklists.js b/models/checklists.js index b90656e4..907ad7e8 100644 --- a/models/checklists.js +++ b/models/checklists.js @@ -259,62 +259,94 @@ if (Meteor.isServer) { //CARD COMMENT REST API if (Meteor.isServer) { JsonRoutes.add('GET', '/api/boards/:boardId/cards/:cardId/checklists', function (req, res, next) { - Authentication.checkUserId( req.userId); - const paramCardId = req.params.cardId; - JsonRoutes.sendResult(res, { - code: 200, - data: Checklists.find({ cardId: paramCardId }).map(function (doc) { - return { - _id: doc._id, - title: doc.title, - }; - }), - }); + try { + Authentication.checkUserId( req.userId); + const paramCardId = req.params.cardId; + JsonRoutes.sendResult(res, { + code: 200, + data: Checklists.find({ cardId: paramCardId }).map(function (doc) { + return { + _id: doc._id, + title: doc.title, + }; + }), + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('GET', '/api/boards/:boardId/cards/:cardId/checklists/:checklistId', function (req, res, next) { - Authentication.checkUserId( req.userId); - const paramChecklistId = req.params.checklistId; - const paramCardId = req.params.cardId; - JsonRoutes.sendResult(res, { - code: 200, - data: Checklists.findOne({ _id: paramChecklistId, cardId: paramCardId }), - }); + try { + Authentication.checkUserId( req.userId); + const paramChecklistId = req.params.checklistId; + const paramCardId = req.params.cardId; + JsonRoutes.sendResult(res, { + code: 200, + data: Checklists.findOne({ _id: paramChecklistId, cardId: paramCardId }), + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('POST', '/api/boards/:boardId/cards/:cardId/checklists', function (req, res, next) { - Authentication.checkUserId( req.userId); - const paramCardId = req.params.cardId; + try { + Authentication.checkUserId( req.userId); + const paramCardId = req.params.cardId; - const checklistToSend = {}; - checklistToSend.cardId = paramCardId; - checklistToSend.title = req.body.title; - checklistToSend.items = []; - const id = Checklists.insert(checklistToSend); - const checklist = Checklists.findOne({_id: id}); - req.body.items.forEach(function (item) { - checklist.addItem(item); - }, this); + const checklistToSend = {}; + checklistToSend.cardId = paramCardId; + checklistToSend.title = req.body.title; + checklistToSend.items = []; + const id = Checklists.insert(checklistToSend); + const checklist = Checklists.findOne({_id: id}); + req.body.items.forEach(function (item) { + checklist.addItem(item); + }, this); - JsonRoutes.sendResult(res, { - code: 200, - data: { - _id: id, - }, - }); + JsonRoutes.sendResult(res, { + code: 200, + data: { + _id: id, + }, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('DELETE', '/api/boards/:boardId/cards/:cardId/checklists/:checklistId', function (req, res, next) { - Authentication.checkUserId( req.userId); - const paramCommentId = req.params.commentId; - const paramCardId = req.params.cardId; - Checklists.remove({ _id: paramCommentId, cardId: paramCardId }); - JsonRoutes.sendResult(res, { - code: 200, - data: { - _id: paramCardId, - }, - }); + try { + Authentication.checkUserId( req.userId); + const paramCommentId = req.params.commentId; + const paramCardId = req.params.cardId; + Checklists.remove({ _id: paramCommentId, cardId: paramCardId }); + JsonRoutes.sendResult(res, { + code: 200, + data: { + _id: paramCardId, + }, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); } diff --git a/models/integrations.js b/models/integrations.js index 826873ce..1be6af17 100644 --- a/models/integrations.js +++ b/models/integrations.js @@ -60,131 +60,187 @@ Integrations.allow({ if (Meteor.isServer) { // Get all integrations in board JsonRoutes.add('GET', '/api/boards/:boardId/integrations', function(req, res, next) { - const paramBoardId = req.params.boardId; - Authentication.checkBoardAccess(req.userId, paramBoardId); + try { + const paramBoardId = req.params.boardId; + Authentication.checkBoardAccess(req.userId, paramBoardId); - const data = Integrations.find({ boardId: paramBoardId }, { fields: { token: 0 } }).map(function(doc) { - return doc; - }); + const data = Integrations.find({ boardId: paramBoardId }, { fields: { token: 0 } }).map(function(doc) { + return doc; + }); - JsonRoutes.sendResult(res, {code: 200, data}); + JsonRoutes.sendResult(res, {code: 200, data}); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); // Get a single integration in board JsonRoutes.add('GET', '/api/boards/:boardId/integrations/:intId', function(req, res, next) { - const paramBoardId = req.params.boardId; - const paramIntId = req.params.intId; - Authentication.checkBoardAccess(req.userId, paramBoardId); - - JsonRoutes.sendResult(res, { - code: 200, - data: Integrations.findOne({ _id: paramIntId, boardId: paramBoardId }, { fields: { token: 0 } }), - }); + try { + const paramBoardId = req.params.boardId; + const paramIntId = req.params.intId; + Authentication.checkBoardAccess(req.userId, paramBoardId); + + JsonRoutes.sendResult(res, { + code: 200, + data: Integrations.findOne({ _id: paramIntId, boardId: paramBoardId }, { fields: { token: 0 } }), + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); // Create a new integration JsonRoutes.add('POST', '/api/boards/:boardId/integrations', function(req, res, next) { - const paramBoardId = req.params.boardId; - Authentication.checkBoardAccess(req.userId, paramBoardId); - - const id = Integrations.insert({ - userId: req.userId, - boardId: paramBoardId, - url: req.body.url, - }); - - JsonRoutes.sendResult(res, { - code: 200, - data: { - _id: id, - }, - }); + try { + const paramBoardId = req.params.boardId; + Authentication.checkBoardAccess(req.userId, paramBoardId); + + const id = Integrations.insert({ + userId: req.userId, + boardId: paramBoardId, + url: req.body.url, + }); + + JsonRoutes.sendResult(res, { + code: 200, + data: { + _id: id, + }, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); // Edit integration data JsonRoutes.add('PUT', '/api/boards/:boardId/integrations/:intId', function (req, res, next) { - const paramBoardId = req.params.boardId; - const paramIntId = req.params.intId; - Authentication.checkBoardAccess(req.userId, paramBoardId); + try { + const paramBoardId = req.params.boardId; + const paramIntId = req.params.intId; + Authentication.checkBoardAccess(req.userId, paramBoardId); + + if (req.body.hasOwnProperty('enabled')) { + const newEnabled = req.body.enabled; + Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, + {$set: {enabled: newEnabled}}); + } + if (req.body.hasOwnProperty('title')) { + const newTitle = req.body.title; + Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, + {$set: {title: newTitle}}); + } + if (req.body.hasOwnProperty('url')) { + const newUrl = req.body.url; + Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, + {$set: {url: newUrl}}); + } + if (req.body.hasOwnProperty('token')) { + const newToken = req.body.token; + Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, + {$set: {token: newToken}}); + } + if (req.body.hasOwnProperty('activities')) { + const newActivities = req.body.activities; + Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, + {$set: {activities: newActivities}}); + } - if (req.body.hasOwnProperty('enabled')) { - const newEnabled = req.body.enabled; - Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, - {$set: {enabled: newEnabled}}); + JsonRoutes.sendResult(res, { + code: 200, + data: { + _id: paramIntId, + }, + }); } - if (req.body.hasOwnProperty('title')) { - const newTitle = req.body.title; - Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, - {$set: {title: newTitle}}); + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); } - if (req.body.hasOwnProperty('url')) { - const newUrl = req.body.url; - Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, - {$set: {url: newUrl}}); - } - if (req.body.hasOwnProperty('token')) { - const newToken = req.body.token; - Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, - {$set: {token: newToken}}); - } - if (req.body.hasOwnProperty('activities')) { - const newActivities = req.body.activities; - Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, - {$set: {activities: newActivities}}); - } - - JsonRoutes.sendResult(res, { - code: 200, - data: { - _id: paramIntId, - }, - }); }); // Delete subscribed activities JsonRoutes.add('DELETE', '/api/boards/:boardId/integrations/:intId/activities', function (req, res, next) { - const paramBoardId = req.params.boardId; - const paramIntId = req.params.intId; - const newActivities = req.body.activities; - Authentication.checkBoardAccess(req.userId, paramBoardId); - - Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, - {$pullAll: {activities: newActivities}}); - - JsonRoutes.sendResult(res, { - code: 200, - data: Integrations.findOne({_id: paramIntId, boardId: paramBoardId}, { fields: {_id: 1, activities: 1}}), - }); + try { + const paramBoardId = req.params.boardId; + const paramIntId = req.params.intId; + const newActivities = req.body.activities; + Authentication.checkBoardAccess(req.userId, paramBoardId); + + Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, + {$pullAll: {activities: newActivities}}); + + JsonRoutes.sendResult(res, { + code: 200, + data: Integrations.findOne({_id: paramIntId, boardId: paramBoardId}, { fields: {_id: 1, activities: 1}}), + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); // Add subscribed activities JsonRoutes.add('POST', '/api/boards/:boardId/integrations/:intId/activities', function (req, res, next) { - const paramBoardId = req.params.boardId; - const paramIntId = req.params.intId; - const newActivities = req.body.activities; - Authentication.checkBoardAccess(req.userId, paramBoardId); - - Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, - {$addToSet: {activities: { $each: newActivities}}}); - - JsonRoutes.sendResult(res, { - code: 200, - data: Integrations.findOne({_id: paramIntId, boardId: paramBoardId}, { fields: {_id: 1, activities: 1}}), - }); + try { + const paramBoardId = req.params.boardId; + const paramIntId = req.params.intId; + const newActivities = req.body.activities; + Authentication.checkBoardAccess(req.userId, paramBoardId); + + Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, + {$addToSet: {activities: { $each: newActivities}}}); + + JsonRoutes.sendResult(res, { + code: 200, + data: Integrations.findOne({_id: paramIntId, boardId: paramBoardId}, { fields: {_id: 1, activities: 1}}), + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); // Delete integration JsonRoutes.add('DELETE', '/api/boards/:boardId/integrations/:intId', function (req, res, next) { - const paramBoardId = req.params.boardId; - const paramIntId = req.params.intId; - Authentication.checkBoardAccess(req.userId, paramBoardId); - - Integrations.direct.remove({_id: paramIntId, boardId: paramBoardId}); - JsonRoutes.sendResult(res, { - code: 200, - data: { - _id: paramIntId, - }, - }); + try { + const paramBoardId = req.params.boardId; + const paramIntId = req.params.intId; + Authentication.checkBoardAccess(req.userId, paramBoardId); + + Integrations.direct.remove({_id: paramIntId, boardId: paramBoardId}); + JsonRoutes.sendResult(res, { + code: 200, + data: { + _id: paramIntId, + }, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); } diff --git a/models/lists.js b/models/lists.js index 1b999b07..75c39d2a 100644 --- a/models/lists.js +++ b/models/lists.js @@ -194,56 +194,88 @@ if (Meteor.isServer) { //LISTS REST API if (Meteor.isServer) { JsonRoutes.add('GET', '/api/boards/:boardId/lists', function (req, res, next) { - const paramBoardId = req.params.boardId; - Authentication.checkBoardAccess( req.userId, paramBoardId); - - JsonRoutes.sendResult(res, { - code: 200, - data: Lists.find({ boardId: paramBoardId, archived: false }).map(function (doc) { - return { - _id: doc._id, - title: doc.title, - }; - }), - }); + try { + const paramBoardId = req.params.boardId; + Authentication.checkBoardAccess( req.userId, paramBoardId); + + JsonRoutes.sendResult(res, { + code: 200, + data: Lists.find({ boardId: paramBoardId, archived: false }).map(function (doc) { + return { + _id: doc._id, + title: doc.title, + }; + }), + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('GET', '/api/boards/:boardId/lists/:listId', function (req, res, next) { - const paramBoardId = req.params.boardId; - const paramListId = req.params.listId; - Authentication.checkBoardAccess( req.userId, paramBoardId); - JsonRoutes.sendResult(res, { - code: 200, - data: Lists.findOne({ _id: paramListId, boardId: paramBoardId, archived: false }), - }); + try { + const paramBoardId = req.params.boardId; + const paramListId = req.params.listId; + Authentication.checkBoardAccess( req.userId, paramBoardId); + JsonRoutes.sendResult(res, { + code: 200, + data: Lists.findOne({ _id: paramListId, boardId: paramBoardId, archived: false }), + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('POST', '/api/boards/:boardId/lists', function (req, res, next) { - Authentication.checkUserId( req.userId); - const paramBoardId = req.params.boardId; - const id = Lists.insert({ - title: req.body.title, - boardId: paramBoardId, - }); - JsonRoutes.sendResult(res, { - code: 200, - data: { - _id: id, - }, - }); + try { + Authentication.checkUserId( req.userId); + const paramBoardId = req.params.boardId; + const id = Lists.insert({ + title: req.body.title, + boardId: paramBoardId, + }); + JsonRoutes.sendResult(res, { + code: 200, + data: { + _id: id, + }, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('DELETE', '/api/boards/:boardId/lists/:listId', function (req, res, next) { - Authentication.checkUserId( req.userId); - const paramBoardId = req.params.boardId; - const paramListId = req.params.listId; - Lists.remove({ _id: paramListId, boardId: paramBoardId }); - JsonRoutes.sendResult(res, { - code: 200, - data: { - _id: paramListId, - }, - }); + try { + Authentication.checkUserId( req.userId); + const paramBoardId = req.params.boardId; + const paramListId = req.params.listId; + Lists.remove({ _id: paramListId, boardId: paramBoardId }); + JsonRoutes.sendResult(res, { + code: 200, + data: { + _id: paramListId, + }, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); } diff --git a/models/users.js b/models/users.js index abc0f82d..5ba0131f 100644 --- a/models/users.js +++ b/models/users.js @@ -575,93 +575,143 @@ if (Meteor.isServer) { // USERS REST API if (Meteor.isServer) { JsonRoutes.add('GET', '/api/user', function(req, res, next) { - Authentication.checkLoggedIn(req.userId); - const data = Meteor.users.findOne({ _id: req.userId}); - delete data.services; - JsonRoutes.sendResult(res, { - code: 200, - data, - }); + try { + Authentication.checkLoggedIn(req.userId); + const data = Meteor.users.findOne({ _id: req.userId}); + delete data.services; + JsonRoutes.sendResult(res, { + code: 200, + data, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('GET', '/api/users', function (req, res, next) { - Authentication.checkUserId( req.userId); - JsonRoutes.sendResult(res, { - code: 200, - data: Meteor.users.find({}).map(function (doc) { - return { _id: doc._id, username: doc.username }; - }), - }); + try { + Authentication.checkUserId(req.userId); + JsonRoutes.sendResult(res, { + code: 200, + data: Meteor.users.find({}).map(function (doc) { + return { _id: doc._id, username: doc.username }; + }), + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); + JsonRoutes.add('GET', '/api/users/:id', function (req, res, next) { - Authentication.checkUserId( req.userId); - const id = req.params.id; - JsonRoutes.sendResult(res, { - code: 200, - data: Meteor.users.findOne({ _id: id }), - }); + try { + Authentication.checkUserId(req.userId); + const id = req.params.id; + JsonRoutes.sendResult(res, { + code: 200, + data: Meteor.users.findOne({ _id: id }), + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); + JsonRoutes.add('PUT', '/api/users/:id', function (req, res, next) { - Authentication.checkUserId( req.userId); - const id = req.params.id; - const action = req.body.action; - let data = Meteor.users.findOne({ _id: id }); - if (data !== undefined) { - if (action === 'takeOwnership') { - data = Boards.find({ - 'members.userId': id, - 'members.isAdmin': true, - }).map(function(board) { - if (board.hasMember(req.userId)) { - board.removeMember(req.userId); + try { + Authentication.checkUserId(req.userId); + const id = req.params.id; + const action = req.body.action; + let data = Meteor.users.findOne({ _id: id }); + if (data !== undefined) { + if (action === 'takeOwnership') { + data = Boards.find({ + 'members.userId': id, + 'members.isAdmin': true, + }).map(function(board) { + if (board.hasMember(req.userId)) { + board.removeMember(req.userId); + } + board.changeOwnership(id, req.userId); + return { + _id: board._id, + title: board.title, + }; + }); + } else { + if ((action === 'disableLogin') && (id !== req.userId)) { + Users.update({ _id: id }, { $set: { loginDisabled: true, 'services.resume.loginTokens': '' } }); + } else if (action === 'enableLogin') { + Users.update({ _id: id }, { $set: { loginDisabled: '' } }); } - board.changeOwnership(id, req.userId); - return { - _id: board._id, - title: board.title, - }; - }); - } else { - if ((action === 'disableLogin') && (id !== req.userId)) { - Users.update({ _id: id }, { $set: { loginDisabled: true, 'services.resume.loginTokens': '' } }); - } else if (action === 'enableLogin') { - Users.update({ _id: id }, { $set: { loginDisabled: '' } }); + data = Meteor.users.findOne({ _id: id }); } - data = Meteor.users.findOne({ _id: id }); } + JsonRoutes.sendResult(res, { + code: 200, + data, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); } - JsonRoutes.sendResult(res, { - code: 200, - data, - }); }); - JsonRoutes.add('POST', '/api/users/', function (req, res, next) { - Authentication.checkUserId( req.userId); - const id = Accounts.createUser({ - username: req.body.username, - email: req.body.email, - password: req.body.password, - from: 'admin', - }); - JsonRoutes.sendResult(res, { - code: 200, - data: { - _id: id, - }, - }); + JsonRoutes.add('POST', '/api/users/', function (req, res, next) { + try { + Authentication.checkUserId(req.userId); + const id = Accounts.createUser({ + username: req.body.username, + email: req.body.email, + password: req.body.password, + from: 'admin', + }); + JsonRoutes.sendResult(res, { + code: 200, + data: { + _id: id, + }, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('DELETE', '/api/users/:id', function (req, res, next) { - Authentication.checkUserId( req.userId); - const id = req.params.id; - Meteor.users.remove({ _id: id }); - JsonRoutes.sendResult(res, { - code: 200, - data: { - _id: id, - }, - }); + try { + Authentication.checkUserId(req.userId); + const id = req.params.id; + Meteor.users.remove({ _id: id }); + JsonRoutes.sendResult(res, { + code: 200, + data: { + _id: id, + }, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); } -- cgit v1.2.3-1-g7c22