/** * The main endpoint function * @method main * @param {object} req The request object * @param {object} res The response object * @param {object} self Use self.send to send back data */ function main(req, res, self) { reqlog.info('user.updateAll'); var user = new User(); user.update(req, res, req.params.query, req.params.update) .then(function(result) { self.send(result); }); }
/** * The main endpoint function * @method main * @param {object} req The request object * @param {object} res The response object * @param {object} self Use self.send to send back data */ function main(req, res, self) { reqlog.info('user.all'); var user = new User(); user.find(req, res, {}) .then(function(result) { self.send(result); }); }
/** * The main endpoint function * @method main * @param {object} req The request object * @param {object} res The response object * @param {object} self Use self.send to send back data */ function main(req, res, self) { reqlog.info('user.edit'); var user = new User(); user.findOneAndUpdate(req, res, req.requestData.query, {$set: req.requestData.update}, {new: true}) .then(function(result) { self.send(result); }); }
/** * The main endpoint function * @method main * @param {object} req The request object * @param {object} res The response object * @param {object} self Use self.send to send back data */ function main(req, res, self) { reqlog.info('user.update'); var user = new User(); var update = {}; if (req.requestData.email) { update.email = req.requestData.email; } if (req.requestData.username) { update.username = req.requestData.username; } user.findByIdAndUpdate(req, res, req.params.id, update, {new: true}) .then(function(result) { self.send(result); }); }
return function(req, res, next) { reqlog.info('permissioner', access); // check which case is, array or string if (Array.isArray(access)) { // load the user to validate him against the permissions authenticator.authenticate(req) .then(function() { // access null means the service is public // we do the check here so that the authenticator will find the user that makes the request // even if the permission is null, not all users can see and schema attributes if (access[0] === 'null') { next(); } else { var user = req.activeUser; if (user === 'null') { responseBuilder.error(req, res, 'INVALID_SESSION'); } else { if (user.type === 'admin' || access.indexOf(user.type) !== -1) { next(); } else { responseBuilder.error(req, res, 'NO_PERMISSION'); } } } }); } else { authenticator.authenticate(req) .then(function() { var user = req.activeUser; // if the expression is true or user is admin if (user === 'null') { responseBuilder.error(req, res, 'INVALID_SESSION'); } else { if (user.type === 'admin' || eval(access)) { next(); } else { responseBuilder.error(req, res, 'NO_PERMISSION'); } } }); } };
/** * The main endpoint function * @method main * @param {object} req The request object * @param {object} res The response object * @param {object} self Use self.send to send back data */ function main(req, res, self) { reqlog.info('passwords.search'); var password = new Password(); encrypt(req.requestData.data, req.activeUser.publicKey, req.requestData.privateKey) .then(function(ciphertext) { password.create(req, res, { site: req.requestData.site, value: ciphertext, value2: ciphertext.message.packets.write(), userId: req.activeUser._id }).then(function(result) { self.send(result); }); }); }
var http = require('http'); var reqlog = require('reqlog'); var nconf = require('nconf'); var apier = require('apier'); reqlog.init(false); nconf.argv() .env() .file({file: 'config.json'}); // find the database url // select set db, or local reqlog.info('DB used', process.env.DB || 'production'); var app = apier({ mongoUrl: nconf.get('databases')[process.env.DB || 'production'], access: nconf.get('access'), handleErrors: true }); // authentications require('./v1/authentications/login.js')(app); require('./v1/authentications/register.js')(app); // users require('./v1/users/all.js')(app); require('./v1/users/search.js')(app); require('./v1/users/updateAll.js')(app); require('./v1/users/edit.js')(app); require('./v1/users/update.js')(app); require('./v1/users/delete.js')(app);
database.once('open', function() { reqlog.info('database connected'); resolve(); });