return userModel.findOne({'confirmationToken': request.payload.token}).then(user => {
if(user !== null) {
return Promise.reject(Boom.notAcceptable('Your e-mail is already confirmed.'));
} else {
return Promise.reject(Boom.notAcceptable('Can\'t find user with given token. Your token is invalid..'));
}
})
return userModel.findOne({email: request.payload.email }).then(user => {
if(user !== null) {
return Promise.reject(Boom.notAcceptable('Your e-mail is already in used. Please choose another one or retrieve password to your account.'))
} else {
return Promise.resolve();
}
}).then(() => {
var caseDeleted = caso.find({_id: request.params._id}, function(err){
var tableDeleted = table.find({case: caseDeleted._id}, function(err){
if(!err){
console.log('Deleting table');
tableDeleted.remove().exec();
console.log('Table was deleted');
// return reply('Deleted')
}else{
console.log('Table not Found')
// return reply(boom.notAcceptable('not_found'));
}
})
if(!err){
console.log('Deleting case');
caseDeleted.remove().exec();
//deleting table
console.log('Case was deleted, searching for table...');
var tableDeleted = table.find({case: request.params._id}, function(err){
if(!err){
console.log('Deleting table');
tableDeleted.remove().exec();
console.log('Table was deleted');
return reply('Deleted')
}else{
console.log('Table not Found')
return reply(boom.notAcceptable('Error inesperado en el servidor'));
}
});
}else{
console.log('Case not Found')
return reply(boom.notAcceptable('Error inesperado'));
}
});
router.post('/products', checkAdmin, ev(val.post), (req, res, next) => {
const productInfo = req.body;
let images = productInfo.images;
let product;
if (images.length === 0) {
return next(boom.notAcceptable('Product must contain at least 1 image'));
}
delete productInfo.images;
knex('products')
.insert(decamelizeKeys(productInfo), '*')
.then((products) => {
product = camelizeKeys(products[0]);
images = images.map((img) => {
img.productId = product.id;
return img;
});
return knex('product_images')
.insert(decamelizeKeys(images), '*');
})
.then((newImages) => {
product.images = newImages;
res.send(product);
})
.catch((err) => {
next(err);
});
});
newUser.save(function (err) {
console.log(err);
if(err){
return reply(boom.notAcceptable('Ya existe una cuenta con este correo'));
}else{
return reply('ok');
};
});
newProperty.save(function (err) {
console.log(err);
if(err){
return reply(boom.notAcceptable('error' + err));
}else{
return reply('ok');
};
});
newUser.save(function (err) {
console.log(err);
if(err){
return reply(boom.notAcceptable('Username must be unique: ' + err));
}else{
return reply('ok');
};
});
var Caso = caso.find({_id: request.params._id}, function(err, game){
if(!err){
console.log('The case was found');
return reply(Caso);
}
console.log('The Case was not Found');
return reply(boom.notAcceptable('Case not Found'));
});
}).catch(error => {
if(error.isBoom) {
return error;
}
request.server.app.di.container.logger.error('Error in \'signUp\' action, in ' + __filename, error);
return Boom.notAcceptable('Unexpected error occurred. Please try again or contact with admin.');
}).then(response => {
newCase.save(function(err){
if(!err){
console.log('New Case on DB');
return reply('Caso Guardado');
}else{
console.log('An error was encountered whilst saving case');
return reply(boom.notAcceptable('Error'));
}
});
}, function(err){
if(err){
console.log(err);
return reply(boom.notAcceptable('Error al intentar modificar'));
}else{
console.log('Caso con ID: ' + request.params._id + ' Ha sido modificado');
reply('Modificado satisfactoriamente');
}
});
var tableDeleted = table.find({case: request.params._id}, function(err){
if(!err){
console.log('Deleting table');
tableDeleted.remove().exec();
console.log('Table was deleted');
return reply('Deleted')
}else{
console.log('Table not Found')
return reply(boom.notAcceptable('Error inesperado en el servidor'));
}
});
user.find({username: request.payload.username, password: password}, function(err, user){
console.log(user);
console.log(err)
if(!err){
if(user.length > 0){
request.auth.session.set(user[0]);
return reply({username: user[0].username, scope: user[0].scope});
}
return reply(boom.unauthorized('Wrong email or password'));
}
return reply(boom.notAcceptable('Error Executing Query'));
});
user.find({correo: request.payload.correo, password: password}, function(err, user){
console.log(user);
console.log("AQUI");
if(!err){
if(user.length > 0){
request.auth.session.set(user[0]);
return reply(user[0]);
//return reply({correo: user[0].correo, scope: user[0].scope});
}
return reply(boom.unauthorized('Wrong correo or password'));
}
return reply(boom.notAcceptable('Error Executing Query'));
});
newEstudiante.save(function (err) {
if(err){
return reply(boom.notAcceptable('Username must be unique: ' + err));
}else{
control_id.findById('56d7308a3e79d4780263b696',function(err,ctrl){
ctrl.Id_estudiante= request.payload.control_id.Id_estudiante + 1;
ctrl.save(function(err){
if(err) throw err;
return reply('ok');
})
})
}//fin else
});
newDocente.save(function (err) {
if(err){
return reply(boom.notAcceptable('error'));
}else{
control_id.findById('56d7308a3e79d4780263b696',function(err,ctrl){
ctrl.Id_docente = request.payload.control_id.Id_docente + 1;
ctrl.save(function(err){
if(err) throw err;
return reply('ok');
})
})
}//fin else
});
export function getSearchDsl(mappings, options = {}) {
const {
type,
search,
searchFields,
sortField,
sortOrder
} = options;
if (!type && sortField) {
throw Boom.notAcceptable('Cannot sort without filtering by type');
}
if (sortOrder && !sortField) {
throw Boom.notAcceptable('sortOrder requires a sortField');
}
return {
...getQueryParams(mappings, type, search, searchFields),
...getSortingParams(mappings, type, sortField, sortOrder),
};
}
async (req, res, next) => {
validateReq('headers', Joi.object({
'x-github-delivery': Joi.string(),
'x-github-event': Joi.string().valid('pull_request', 'issue_comment'),
'x-hub-signature': Joi.string(),
}))
const [algo, signature] = req.headers['x-hub-signature'].split('=')
if (algo !== 'sha1') {
throw Boom.notAcceptable(`expected signature to be computed with sha1, got ${algo}`)
}
const hmac = createHmac(algo, GITHUB_WEBHOOK_SECRET)
const hash = hmac.update(req.rawBody).digest('hex')
if (hash !== signature) throw Boom.notAcceptable('signature mismatch')
req.ghEvent = new GithubEvent({
id: req.headers['x-github-delivery'],
type: req.headers['x-github-event'],
})
next()
},
newUniversidad.save(function(err){
if (err) {
return reply(boom.notAcceptable('error'));
}else{
control_id.findById('56d7308a3e79d4780263b696',function(error,ctrl){
ctrl.Id_universidad = request.payload.control_id.Id_universidad + 1;
ctrl.save(function(error){
if(error) throw error;
})
})
return reply('ok');
}
})
export function getSearchDsl(mappings, schema, options = {}) {
const {
type,
search,
searchFields,
sortField,
sortOrder,
namespace,
} = options;
if (!type) {
throw Boom.notAcceptable('type must be specified');
}
if (sortOrder && !sortField) {
throw Boom.notAcceptable('sortOrder requires a sortField');
}
return {
...getQueryParams(mappings, schema, namespace, type, search, searchFields),
...getSortingParams(mappings, type, sortField, sortOrder),
};
}
router.patch('/products/:id', checkAdmin, ev(val.patch), (req, res, next) => {
const updatedProduct = req.body;
let images = updatedProduct.images;
let newProduct;
delete updatedProduct.images;
const id = req.params.id;
if (images.length === 0) {
return next(boom.notAcceptable('Product must contain at least 1 image'));
}
knex('products')
.where('id', id)
.first()
.then((exists) => {
if (!exists) {
throw boom.notFound('Invalid Product');
}
return knex('products')
.where('id', id)
.update(decamelizeKeys(updatedProduct), '*');
})
.then((products) => {
newProduct = camelizeKeys(products[0]);
images = images.map((image) => {
image.productId = newProduct.id;
return image;
});
return knex('product_images')
.where('product_id', newProduct.id)
.del();
})
.then(() => {
return knex('product_images')
.insert(decamelizeKeys(images), '*');
})
.then((newImages) => {
newProduct.images = newImages;
res.send(newProduct);
})
.catch((err) => {
next(err);
});
});
return userModel.findOne({'email': request.payload.email}).then(user => {
if(user !== null) {
if(bcrypt.compareSync(request.payload.password, user.password) === true) {
const moment = require('moment');
const tokenValidateDate = moment().add(tokenConfig.expirationTime, 'seconds'),
tokenData = {
userId: user.id,
exp: tokenValidateDate.unix()
},
freshAuthToken = jwt.sign(tokenData, tokenConfig.key)
;
return request.server.app.di.container.tokenModel.then(tokenModel => {
let tokenDocument = {
token: freshAuthToken,
userId: user._id,
validTo: tokenValidateDate.toDate(),
request: {
userAgent: request.headers['user-agent'],
ip: request.info.remoteAddress,
}
};
tokenDocument = new tokenModel(tokenDocument);
return tokenDocument.save().then(createdTokenDocument => {
return Promise.resolve({token: freshAuthToken});
});
});
} else {
return Boom.notAcceptable('Password for given e-mail is incorrect.');
}
} else {
return Boom.notAcceptable('There is no account with given e-mail.');
}
})
function upload (request, reply) {
if (request.payload.size > 30000000) {
return reply(Boom.notAcceptable());
}
// the account of the replay owner
const account = request.auth.credentials.id;
let s3 = new aws.S3({
region: Settings.AWS_REGION
});
// format the object key
let key = `${account}/${Date.now()}/${request.payload.name}`;
// prepare the signature payload, remember
// this means the client must provide the
// same content-type when using PUT
let params = {
Key: key,
ACL: "public-read",
Bucket: Settings.AWS_S3_BUCKET,
Expires: 60,
ContentType: "binary/octet-stream",
ContentDisposition: "attachment",
Metadata: {
user: account.toString(),
filename: request.payload.name
}
};
// request a signed url from S3
s3.getSignedUrl('putObject', params, (err, data) => {
if (err) {
return reply(Boom.badImplementation());
}
let signature = {
url: data
};
return reply(signature);
});
};
const finish = (err, buffer) => {
clearTimeout(clientTimeoutId);
reader.removeListener('error', onReaderError);
reader.removeListener('finish', onReaderFinish);
res.removeListener('error', onResError);
res.removeListener('close', onResAborted);
res.removeListener('aborted', onResAborted);
res.on('error', Hoek.ignore);
if (err) {
return callback(err);
}
if (!options.json) {
return callback(null, buffer);
}
// Parse JSON
if (buffer.length === 0) {
return callback(null, null);
}
if (options.json === 'force') {
return internals.tryParseBuffer(buffer, callback);
}
// mode is "smart", "strict" or true
const contentType = (res.headers && internals.findHeader('content-type', res.headers)) || '';
const mime = contentType.split(';')[0].trim().toLowerCase();
if (!internals.jsonRegex.test(mime)) {
if (options.json === 'strict') {
return callback(Boom.notAcceptable('The content-type is not JSON compatible'));
}
return callback(null, buffer);
}
return internals.tryParseBuffer(buffer, callback);
};
deleteProvider: (req, res) => {
if (!isProviderSupported(util.parseAPIParameter(req.params.provider)))
return res(boom.notAcceptable('Provider is not supported'));
const findQuery = {
_id: req.auth.credentials.userid
};
const updateQuery = {
$pull: {
providers: {
provider: util.parseAPIParameter(req.params.provider)
}
}
};
const params = {
multi: true
};
return userCtrl.partlyUpdate(findQuery, updateQuery, params)
.then((result) => {
console.log('handler: deleteProvider:', result.result);
if (result.result.ok !== 1)
return res(boom.badImplementation());
if (result.result.n === 1) {
//success
return res();
}
else {
//not found
return res(boom.notFound('Provider data not found'));
}
})
.catch((error) => {
console.log('Error while deleting provider with userid '+req.auth.credentials.userid+':', error, 'used updateQuery:', updateQuery);
res(boom.notFound('Deleting provider failed', error));
});
},
export default async function errorHandler(err) {
if (!err) return;
// check if we have a boom error that specified
// a status code already for us (and then use it)
if (_.isObject(err.output) && _.isNumber(err.output.statusCode))
err.status = err.output.statusCode;
this.status = err.status = err.status || 500;
this.body = Boom.create(err.status, err.message).output.payload;
this.app.emit('error', err, this);
// nothing we can do here other
// than delegate to the app-level
// handler and log.
if (this.headerSent || !this.writable) {
err.headerSent = true;
return;
}
const type = this.accepts(['text', 'json', 'html']);
if (!type) {
this.status = 406;
this.body = Boom.notAcceptable().output.payload;
}
switch (type) {
case 'html':
this.type = 'html';
if (this.status === 404) {
// fix page title and desc for 404 page
this.state = _.merge(this.state, config.meta['/404']);
// https://github.com/koajs/koa/issues/646
await this.render('404');
} else if (this.get('Referrer') === '' || this.status === 500) {
// prevent redirect loop
// fix page title and desc for 500 page
this.state = _.merge(this.state, config.meta['/500']);
this.state.flash.error.push(err.message);
await this.render('500');
} else {
this.flash('error', err.message);
this.redirect('back');
}
break;
case 'json':
this.type = 'json';
this.body = JSON.stringify(this.body);
break;
default:
this.type = 'text';
this.body = JSON.stringify(this.body, null, 2);
break;
}
this.length = Buffer.byteLength(this.body);
this.res.end(this.body);
};
exports.authenticate = (request, reply) => {
var ipaddr = (request.headers['x-forwarded-for'] || request.info.remoteAddress).split(',')[0].trim()
if ((authorizedAddrs) &&
(authorizedAddrs.indexOf(ipaddr) === -1) &&
(!underscore.find(authorizedBlocks, (block) => { block.contains(ipaddr) }))) return reply(boom.notAcceptable())
reply.continue({ credentials: { ipaddr: ipaddr } })
}
}).catch(function(err){
l.error(err.toString());
reply(Boom.notAcceptable(err.toString()));
});
addProvider: (req, res) => {
if (!isProviderSupported(util.parseAPIParameter(req.payload.provider)))
return res(boom.notAcceptable('Provider is not supported'));
let provider = {
provider: util.parseAPIParameter(req.payload.provider),
token: util.parseAPIParameter(req.payload.token),
token_creation: util.parseAPIParameter(req.payload.token_creation),
identifier: util.parseAPIParameter(req.payload.identifier),
email: util.parseAPIParameter(req.payload.email)
};
return providerCtrl.getIfValid(provider)
.then((document) => {
if (document === false)
return res(boom.unauthorized('Wrong OAuth data'));
//check if provider already used by someone (use attributes: provider, email)
return isProviderAlreadyUsedBySomeone(document)
.then((data) => {
if (data.inUse) {
return res(boom.conflict('The social provider is already used by someone else.'));
}
//delete old provider data
let findQuery = {
_id: req.auth.credentials.userid
};
let updateQuery = {
$pull: {
providers: {
provider: provider.provider
}
}
};
const params = {
multi: true
};
return userCtrl.partlyUpdate(findQuery, updateQuery, params)
.then((result) => {
console.log('handler: addProvider: cleared', result.result);
if (result.result.ok !== 1)
return res(boom.badImplementation());
provider.expires = document.expires;
provider.extra_token = document.extra_token;
provider.scope = document.scope;
findQuery = {
_id: req.auth.credentials.userid
};
updateQuery = {
$push: {
providers: provider
}
};
return userCtrl.partlyUpdate(findQuery, updateQuery)
.then((result) => {
console.log('handler: addProvider:', result.result);
if (result.result.ok !== 1)
return res(boom.badImplementation());
if (result.result.n === 1) {
//success
return res();
}
else {
//not found
return res(boom.notFound('User not found - check JWT'));
}
})
.catch((error) => {
res(boom.notFound('Adding provider failed', error));
});
})
.catch((error) => {
res(boom.notFound('Precondition clearing providers failed', error));
});
});
})
.catch((error) => {
console.log('Error', error);
res(boom.badImplementation(error));
});
},
loginWithOAuth: (req, res) => {
if (!isProviderSupported(util.parseAPIParameter(req.payload.provider)))
return res(boom.notAcceptable('Provider is not supported'));
let provider = {
provider: util.parseAPIParameter(req.payload.provider),
token: util.parseAPIParameter(req.payload.token),
token_creation: util.parseAPIParameter(req.payload.token_creation),
identifier: util.parseAPIParameter(req.payload.identifier),
email: util.parseAPIParameter(req.payload.email)
};
return providerCtrl.getIfValid(provider)
.then((document) => {
if (document === false)
return res(boom.unauthorized('Wrong OAuth data'));
//get user with similar provider data
const query = {
'providers.identifier': document.identifier,
'providers.provider': document.provider,
// 'providers.id': decodeURI(req.payload.id) //using github the id could be changed
};
return userCtrl.find(query)
.then((cursor) => cursor.toArray())
.then((result) => {
//console.log('login: result: ', result);
switch (result.length) {
case 0:
res(boom.unauthorized('The credentials are wrong', 'OAuth', { reason: 'No such userdata' }));
break;
case 1:
//TODO: call authorization service for OAuth2 token
if (result[0].deactivated === true) {
res(boom.unauthorized('This user is deactivated.'));
break;
}
if (result[0].suspended === true) {
res(boom.forbidden('The user is marked as SPAM.'));
break;
}
return res({
userid: result[0]._id,
username: result[0].username,
access_token: 'dummy',
expires_in: 0,
displayName: result[0].displayName
})
.header(config.JWT.HEADER, jwt.createToken(result[0]));
default:
res(boom.badImplementation('Found multiple users'));
break;
}
})
.catch((error) => {
console.log('Error', error);
res(boom.badImplementation(error));
});
})
.catch((error) => {
console.log('Error', error);
res(boom.badImplementation(error));
});
},