/**
* The main endpoint function
* @method main
* @param {object} req The request object
* @param {object} res The response object
* @param {object} self Use self.send to send back data
*/
function main(req, res, self) {
reqlog.info('user.updateAll');
var user = new User();
user.update(req, res, req.params.query, req.params.update)
.then(function(result) {
self.send(result);
});
}
/**
* The main endpoint function
* @method main
* @param {object} req The request object
* @param {object} res The response object
* @param {object} self Use self.send to send back data
*/
function main(req, res, self) {
reqlog.info('user.all');
var user = new User();
user.find(req, res, {})
.then(function(result) {
self.send(result);
});
}
/**
* The main endpoint function
* @method main
* @param {object} req The request object
* @param {object} res The response object
* @param {object} self Use self.send to send back data
*/
function main(req, res, self) {
reqlog.info('user.edit');
var user = new User();
user.findOneAndUpdate(req, res, req.requestData.query,
{$set: req.requestData.update}, {new: true})
.then(function(result) {
self.send(result);
});
}
/**
* The main endpoint function
* @method main
* @param {object} req The request object
* @param {object} res The response object
* @param {object} self Use self.send to send back data
*/
function main(req, res, self) {
reqlog.info('user.update');
var user = new User();
var update = {};
if (req.requestData.email) {
update.email = req.requestData.email;
}
if (req.requestData.username) {
update.username = req.requestData.username;
}
user.findByIdAndUpdate(req, res, req.params.id, update, {new: true})
.then(function(result) {
self.send(result);
});
}
return function(req, res, next) {
reqlog.info('permissioner', access);
// check which case is, array or string
if (Array.isArray(access)) {
// load the user to validate him against the permissions
authenticator.authenticate(req)
.then(function() {
// access null means the service is public
// we do the check here so that the authenticator will find the user that makes the request
// even if the permission is null, not all users can see and schema attributes
if (access[0] === 'null') {
next();
} else {
var user = req.activeUser;
if (user === 'null') {
responseBuilder.error(req, res, 'INVALID_SESSION');
} else {
if (user.type === 'admin' ||
access.indexOf(user.type) !== -1) {
next();
} else {
responseBuilder.error(req, res, 'NO_PERMISSION');
}
}
}
});
} else {
authenticator.authenticate(req)
.then(function() {
var user = req.activeUser;
// if the expression is true or user is admin
if (user === 'null') {
responseBuilder.error(req, res, 'INVALID_SESSION');
} else {
if (user.type === 'admin' || eval(access)) {
next();
} else {
responseBuilder.error(req, res, 'NO_PERMISSION');
}
}
});
}
};
/**
* The main endpoint function
* @method main
* @param {object} req The request object
* @param {object} res The response object
* @param {object} self Use self.send to send back data
*/
function main(req, res, self) {
reqlog.info('passwords.search');
var password = new Password();
encrypt(req.requestData.data, req.activeUser.publicKey,
req.requestData.privateKey)
.then(function(ciphertext) {
password.create(req, res, {
site: req.requestData.site,
value: ciphertext,
value2: ciphertext.message.packets.write(),
userId: req.activeUser._id
}).then(function(result) {
self.send(result);
});
});
}
var http = require('http');
var reqlog = require('reqlog');
var nconf = require('nconf');
var apier = require('apier');
reqlog.init(false);
nconf.argv()
.env()
.file({file: 'config.json'});
// find the database url
// select set db, or local
reqlog.info('DB used', process.env.DB || 'production');
var app = apier({
mongoUrl: nconf.get('databases')[process.env.DB || 'production'],
access: nconf.get('access'),
handleErrors: true
});
// authentications
require('./v1/authentications/login.js')(app);
require('./v1/authentications/register.js')(app);
// users
require('./v1/users/all.js')(app);
require('./v1/users/search.js')(app);
require('./v1/users/updateAll.js')(app);
require('./v1/users/edit.js')(app);
require('./v1/users/update.js')(app);
require('./v1/users/delete.js')(app);
database.once('open', function() {
reqlog.info('database connected');
resolve();
});