spacedeck-open/routes/api/space_memberships.js
2017-04-07 01:29:05 +02:00

176 lines
4.4 KiB
JavaScript

"use strict";
var config = require('config');
require('../../models/schema');
var redis = require('../../helpers/redis');
var mailer = require('../../helpers/mailer');
var uploader = require('../../helpers/uploader');
var space_render = require('../../helpers/space-render');
var phantom = require('../../helpers/phantom');
var async = require('async');
var fs = require('fs');
var _ = require("underscore");
var mongoose = require("mongoose");
var archiver = require('archiver');
var request = require('request');
var url = require("url");
var path = require("path");
var crypto = require('crypto');
var qr = require('qr-image');
var glob = require('glob');
var gm = require('gm');
var express = require('express');
var router = express.Router({mergeParams: true});
// JSON MAPPINGS
var userMapping = {
_id: 1,
nickname: 1,
email: 1,
avatar_thumb_uri: 1
};
var spaceMapping = {
_id: 1,
name: 1,
thumbnail_url: 1
};
var roleMapping = {
"none": 0,
"viewer": 1,
"editor": 2,
"admin": 3
}
router.get('/', function(req, res, next) {
Membership
.find({
space: req.space._id
})
.populate("user")
.exec(function(err, memberships) {
res.status(200).json(memberships);
});
});
router.post('/', function(req, res, next) {
if (req.spaceRole == "admin") {
var attrs = req.body;
attrs['space'] = req.space._id;
attrs['state'] = "pending";
var membership = new Membership(attrs);
var msg = attrs.personal_message;
if (membership.email_invited != req.user.email) {
User.findOne({
"email": membership.email_invited
}, function(err, user) {
if (user) {
membership.user = user;
membership.state = "active";
} else {
membership.code = crypto.randomBytes(64).toString('hex').substring(0, 12);
}
membership.save(function(err) {
if (err) res.sendStatus(400);
else {
var accept_link = config.endpoint + "/accept/" + membership._id + "?code=" + membership.code;
if (user) {
accept_link = config.endpoint + "/" + req.space.space_type + "s/" + req.space._id;
}
var openText = req.i18n.__("space_invite_membership_action");
if (user) {
req.i18n.__("open");
}
const name = req.user.nickname || req.user.email
const subject = (req.space.space_type == "space") ? req.i18n.__("space_invite_membership_subject", name, req.space.name) : req.i18n.__("folder_invite_membership_subject", req.user.nickname, req.space.name)
const body = (req.space.space_type == "space") ? req.i18n.__("space_invite_membership_body", name, req.space.name) : req.i18n.__("folder_invite_membership_body", req.user.nickname, req.space.name)
mailer.sendMail(
membership.email_invited, subject, body, {
messsage: msg,
action: {
link: accept_link,
name: openText
}
});
res.status(201).json(membership);
}
});
});
} else {
res.status(400).json({
"error": "user already in space"
});
}
} else {
res.status(403).json({
"error": "not_permitted"
});
}
});
router.put('/:membership_id', function(req, res, next) {
if (req.user) {
if (req.spaceRole == "admin") {
Membership.findOne({
_id: req.params.membership_id
}, function(err, mem) {
if (err) res.sendStatus(400);
else {
if (mem) {
var attrs = req.body;
mem.role = attrs.role;
mem.save(function(err) {
if (err) res.sendStatus(400);
else {
res.status(201).json(mem);
}
});
}
}
});
} else {
res.sendStatus(403);
}
} else {
res.sendStatus(403);
}
});
router.delete('/:membership_id', function(req, res, next) {
if (req.user) {
Membership.findOne({
_id: req.params.membership_id
}, function(err, mem) {
if (err) res.sendStatus(400);
else {
mem.remove(function(err) {
if (err) {
res.status(400).json(err);
} else {
// FIXME might need to delete the user?
res.sendStatus(204);
}
});
}
});
} else {
res.sendStatus(403);
}
});
module.exports = router;