Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-09-22 01:50:48 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

REST API better error output. Thanks to soohwa ! Related #1037

Browse source
This commit is contained in:
Lauri Ojansivu 2017-11-19 10:44:37 +02:00
commit c01335ee29
7 changed files with 609 additions and 366 deletions
Download patch file Download diff file Expand all files Collapse all files

5
CHANGELOG.md
View file

@ -3,7 +3,8 @@
This release adds the following new features: This release adds the following new features:
* [Markdown in card/minicard/checlist titles and checklist items. Next line: Shift+Enter. Submit: Enter.](https://github.com/wekan/wekan/pull/1334); * [Markdown in card/minicard/checlist titles and checklist items. Next line: Shift+Enter. Submit: Enter.](https://github.com/wekan/wekan/pull/1334);
* [User Admin to Admin Panel: List users. Change: is user admin, name, fullname, email address, is user active. Not changing password yet.](https://github.com/wekan/wekan/pull/1325). * [User Admin to Admin Panel: List users. Change: is user admin, name, fullname, email address, is user active. Not changing password yet.](https://github.com/wekan/wekan/pull/1325);
* [REST API better error output](https://github.com/wekan/wekan/pull/1323).
and fixes the following bugs: and fixes the following bugs:
@ -12,7 +13,7 @@ and fixes the following bugs:
* [Whitespace trimming breaks Markdown code block indentation](https://github.com/wekan/wekan/issues/1288): * [Whitespace trimming breaks Markdown code block indentation](https://github.com/wekan/wekan/issues/1288):
* [Helper to list boards for user](https://github.com/wekan/wekan/pull/1327). * [Helper to list boards for user](https://github.com/wekan/wekan/pull/1327).
Thanks to Github users brooksbecton, milesibastos, thuanpq and xet7 for their contributions. Thanks to Github users brooksbecton, milesibastos, soohwa, thuanpq and xet7 for their contributions.
# v0.54 2017-11-02 Wekan release # v0.54 2017-11-02 Wekan release

162
models/boards.js
View file

@ -566,82 +566,122 @@ if (Meteor.isServer) {
//BOARDS REST API //BOARDS REST API
if (Meteor.isServer) { if (Meteor.isServer) {
JsonRoutes.add('GET', '/api/users/:userId/boards', function (req, res, next) { JsonRoutes.add('GET', '/api/users/:userId/boards', function (req, res, next) {
Authentication.checkLoggedIn(req.userId); try {
const paramUserId = req.params.userId; Authentication.checkLoggedIn(req.userId);
// A normal user should be able to see their own boards, const paramUserId = req.params.userId;
// admins can access boards of any user // A normal user should be able to see their own boards,
Authentication.checkAdminOrCondition(req.userId, req.userId === paramUserId); // admins can access boards of any user
Authentication.checkAdminOrCondition(req.userId, req.userId === paramUserId);
const data = Boards.find({ const data = Boards.find({
archived: false, archived: false,
'members.userId': paramUserId, 'members.userId': paramUserId,
}, { }, {
sort: ['title'], sort: ['title'],
}).map(function(board) { }).map(function(board) {
return { return {
_id: board._id, _id: board._id,
title: board.title, title: board.title,
}; };
}); });
JsonRoutes.sendResult(res, {code: 200, data}); JsonRoutes.sendResult(res, {code: 200, data});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
JsonRoutes.add('GET', '/api/boards', function (req, res, next) { JsonRoutes.add('GET', '/api/boards', function (req, res, next) {
Authentication.checkUserId(req.userId); try {
JsonRoutes.sendResult(res, { Authentication.checkUserId(req.userId);
code: 200, JsonRoutes.sendResult(res, {
data: Boards.find({ permission: 'public' }).map(function (doc) { code: 200,
return { data: Boards.find({ permission: 'public' }).map(function (doc) {
_id: doc._id, return {
title: doc.title, _id: doc._id,
}; title: doc.title,
}), };
}); }),
});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
JsonRoutes.add('GET', '/api/boards/:id', function (req, res, next) { JsonRoutes.add('GET', '/api/boards/:id', function (req, res, next) {
const id = req.params.id; try {
Authentication.checkBoardAccess( req.userId, id); const id = req.params.id;
Authentication.checkBoardAccess(req.userId, id);
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {
code: 200, code: 200,
data: Boards.findOne({ _id: id }), data: Boards.findOne({ _id: id }),
}); });
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
JsonRoutes.add('POST', '/api/boards', function (req, res, next) { JsonRoutes.add('POST', '/api/boards', function (req, res, next) {
Authentication.checkUserId( req.userId); try {
const id = Boards.insert({ Authentication.checkUserId(req.userId);
title: req.body.title, const id = Boards.insert({
members: [ title: req.body.title,
{ members: [
userId: req.body.owner, {
isAdmin: true, userId: req.body.owner,
isActive: true, isAdmin: true,
isCommentOnly: false, isActive: true,
isCommentOnly: false,
},
],
permission: 'public',
color: 'belize',
});
JsonRoutes.sendResult(res, {
code: 200,
data: {
_id: id,
}, },
], });
permission: 'public', }
color: 'belize', catch (error) {
}); JsonRoutes.sendResult(res, {
JsonRoutes.sendResult(res, { code: 200,
code: 200, data: error,
data: { });
_id: id, }
},
});
}); });
JsonRoutes.add('DELETE', '/api/boards/:id', function (req, res, next) { JsonRoutes.add('DELETE', '/api/boards/:id', function (req, res, next) {
Authentication.checkUserId( req.userId); try {
const id = req.params.id; Authentication.checkUserId(req.userId);
Boards.remove({ _id: id }); const id = req.params.id;
JsonRoutes.sendResult(res, { Boards.remove({ _id: id });
code: 200, JsonRoutes.sendResult(res, {
data:{ code: 200,
_id: id, data:{
}, _id: id,
}); },
});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
} }

130
models/cardComments.js
View file

@ -88,65 +88,97 @@ if (Meteor.isServer) {
//CARD COMMENT REST API //CARD COMMENT REST API
if (Meteor.isServer) { if (Meteor.isServer) {
JsonRoutes.add('GET', '/api/boards/:boardId/cards/:cardId/comments', function (req, res, next) { JsonRoutes.add('GET', '/api/boards/:boardId/cards/:cardId/comments', function (req, res, next) {
Authentication.checkUserId( req.userId); try {
const paramBoardId = req.params.boardId; Authentication.checkUserId( req.userId);
const paramCardId = req.params.cardId; const paramBoardId = req.params.boardId;
JsonRoutes.sendResult(res, { const paramCardId = req.params.cardId;
code: 200, JsonRoutes.sendResult(res, {
data: CardComments.find({ boardId: paramBoardId, cardId: paramCardId}).map(function (doc) { code: 200,
return { data: CardComments.find({ boardId: paramBoardId, cardId: paramCardId}).map(function (doc) {
_id: doc._id, return {
comment: doc.text, _id: doc._id,
authorId: doc.userId, comment: doc.text,
}; authorId: doc.userId,
}), };
}); }),
});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
JsonRoutes.add('GET', '/api/boards/:boardId/cards/:cardId/comments/:commentId', function (req, res, next) { JsonRoutes.add('GET', '/api/boards/:boardId/cards/:cardId/comments/:commentId', function (req, res, next) {
Authentication.checkUserId( req.userId); try {
const paramBoardId = req.params.boardId; Authentication.checkUserId( req.userId);
const paramCommentId = req.params.commentId; const paramBoardId = req.params.boardId;
const paramCardId = req.params.cardId; const paramCommentId = req.params.commentId;
JsonRoutes.sendResult(res, { const paramCardId = req.params.cardId;
code: 200, JsonRoutes.sendResult(res, {
data: CardComments.findOne({ _id: paramCommentId, cardId: paramCardId, boardId: paramBoardId }), code: 200,
}); data: CardComments.findOne({ _id: paramCommentId, cardId: paramCardId, boardId: paramBoardId }),
});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
JsonRoutes.add('POST', '/api/boards/:boardId/cards/:cardId/comments', function (req, res, next) { JsonRoutes.add('POST', '/api/boards/:boardId/cards/:cardId/comments', function (req, res, next) {
Authentication.checkUserId( req.userId); try {
const paramBoardId = req.params.boardId; Authentication.checkUserId( req.userId);
const paramCardId = req.params.cardId; const paramBoardId = req.params.boardId;
const id = CardComments.direct.insert({ const paramCardId = req.params.cardId;
userId: req.body.authorId, const id = CardComments.direct.insert({
text: req.body.comment, userId: req.body.authorId,
cardId: paramCardId, text: req.body.comment,
boardId: paramBoardId, cardId: paramCardId,
}); boardId: paramBoardId,
});
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {
code: 200, code: 200,
data: { data: {
_id: id, _id: id,
}, },
}); });
const cardComment = CardComments.findOne({_id: id, cardId:paramCardId, boardId: paramBoardId }); const cardComment = CardComments.findOne({_id: id, cardId:paramCardId, boardId: paramBoardId });
commentCreation(req.body.authorId, cardComment); commentCreation(req.body.authorId, cardComment);
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
JsonRoutes.add('DELETE', '/api/boards/:boardId/cards/:cardId/comments/:commentId', function (req, res, next) { JsonRoutes.add('DELETE', '/api/boards/:boardId/cards/:cardId/comments/:commentId', function (req, res, next) {
Authentication.checkUserId( req.userId); try {
const paramBoardId = req.params.boardId; Authentication.checkUserId( req.userId);
const paramCommentId = req.params.commentId; const paramBoardId = req.params.boardId;
const paramCardId = req.params.cardId; const paramCommentId = req.params.commentId;
CardComments.remove({ _id: paramCommentId, cardId: paramCardId, boardId: paramBoardId }); const paramCardId = req.params.cardId;
JsonRoutes.sendResult(res, { CardComments.remove({ _id: paramCommentId, cardId: paramCardId, boardId: paramBoardId });
code: 200, JsonRoutes.sendResult(res, {
data: { code: 200,
_id: paramCardId, data: {
}, _id: paramCardId,
}); },
});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
} }

122
models/checklists.js
View file

@ -259,62 +259,94 @@ if (Meteor.isServer) {
//CARD COMMENT REST API //CARD COMMENT REST API
if (Meteor.isServer) { if (Meteor.isServer) {
JsonRoutes.add('GET', '/api/boards/:boardId/cards/:cardId/checklists', function (req, res, next) { JsonRoutes.add('GET', '/api/boards/:boardId/cards/:cardId/checklists', function (req, res, next) {
Authentication.checkUserId( req.userId); try {
const paramCardId = req.params.cardId; Authentication.checkUserId( req.userId);
JsonRoutes.sendResult(res, { const paramCardId = req.params.cardId;
code: 200, JsonRoutes.sendResult(res, {
data: Checklists.find({ cardId: paramCardId }).map(function (doc) { code: 200,
return { data: Checklists.find({ cardId: paramCardId }).map(function (doc) {
_id: doc._id, return {
title: doc.title, _id: doc._id,
}; title: doc.title,
}), };
}); }),
});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
JsonRoutes.add('GET', '/api/boards/:boardId/cards/:cardId/checklists/:checklistId', function (req, res, next) { JsonRoutes.add('GET', '/api/boards/:boardId/cards/:cardId/checklists/:checklistId', function (req, res, next) {
Authentication.checkUserId( req.userId); try {
const paramChecklistId = req.params.checklistId; Authentication.checkUserId( req.userId);
const paramCardId = req.params.cardId; const paramChecklistId = req.params.checklistId;
JsonRoutes.sendResult(res, { const paramCardId = req.params.cardId;
code: 200, JsonRoutes.sendResult(res, {
data: Checklists.findOne({ _id: paramChecklistId, cardId: paramCardId }), code: 200,
}); data: Checklists.findOne({ _id: paramChecklistId, cardId: paramCardId }),
});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
JsonRoutes.add('POST', '/api/boards/:boardId/cards/:cardId/checklists', function (req, res, next) { JsonRoutes.add('POST', '/api/boards/:boardId/cards/:cardId/checklists', function (req, res, next) {
Authentication.checkUserId( req.userId); try {
const paramCardId = req.params.cardId; Authentication.checkUserId( req.userId);
const paramCardId = req.params.cardId;
const checklistToSend = {}; const checklistToSend = {};
checklistToSend.cardId = paramCardId; checklistToSend.cardId = paramCardId;
checklistToSend.title = req.body.title; checklistToSend.title = req.body.title;
checklistToSend.items = []; checklistToSend.items = [];
const id = Checklists.insert(checklistToSend); const id = Checklists.insert(checklistToSend);
const checklist = Checklists.findOne({_id: id}); const checklist = Checklists.findOne({_id: id});
req.body.items.forEach(function (item) { req.body.items.forEach(function (item) {
checklist.addItem(item); checklist.addItem(item);
}, this); }, this);
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {
code: 200, code: 200,
data: { data: {
_id: id, _id: id,
}, },
}); });
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
JsonRoutes.add('DELETE', '/api/boards/:boardId/cards/:cardId/checklists/:checklistId', function (req, res, next) { JsonRoutes.add('DELETE', '/api/boards/:boardId/cards/:cardId/checklists/:checklistId', function (req, res, next) {
Authentication.checkUserId( req.userId); try {
const paramCommentId = req.params.commentId; Authentication.checkUserId( req.userId);
const paramCardId = req.params.cardId; const paramCommentId = req.params.commentId;
Checklists.remove({ _id: paramCommentId, cardId: paramCardId }); const paramCardId = req.params.cardId;
JsonRoutes.sendResult(res, { Checklists.remove({ _id: paramCommentId, cardId: paramCardId });
code: 200, JsonRoutes.sendResult(res, {
data: { code: 200,
_id: paramCardId, data: {
}, _id: paramCardId,
}); },
});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
} }

236
models/integrations.js
View file

@ -60,131 +60,187 @@ Integrations.allow({
if (Meteor.isServer) { if (Meteor.isServer) {
// Get all integrations in board // Get all integrations in board
JsonRoutes.add('GET', '/api/boards/:boardId/integrations', function(req, res, next) { JsonRoutes.add('GET', '/api/boards/:boardId/integrations', function(req, res, next) {
const paramBoardId = req.params.boardId; try {
Authentication.checkBoardAccess(req.userId, paramBoardId); const paramBoardId = req.params.boardId;
Authentication.checkBoardAccess(req.userId, paramBoardId);
const data = Integrations.find({ boardId: paramBoardId }, { fields: { token: 0 } }).map(function(doc) { const data = Integrations.find({ boardId: paramBoardId }, { fields: { token: 0 } }).map(function(doc) {
return doc; return doc;
}); });
JsonRoutes.sendResult(res, {code: 200, data}); JsonRoutes.sendResult(res, {code: 200, data});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
// Get a single integration in board // Get a single integration in board
JsonRoutes.add('GET', '/api/boards/:boardId/integrations/:intId', function(req, res, next) { JsonRoutes.add('GET', '/api/boards/:boardId/integrations/:intId', function(req, res, next) {
const paramBoardId = req.params.boardId; try {
const paramIntId = req.params.intId; const paramBoardId = req.params.boardId;
Authentication.checkBoardAccess(req.userId, paramBoardId); const paramIntId = req.params.intId;
Authentication.checkBoardAccess(req.userId, paramBoardId);
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {
code: 200, code: 200,
data: Integrations.findOne({ _id: paramIntId, boardId: paramBoardId }, { fields: { token: 0 } }), data: Integrations.findOne({ _id: paramIntId, boardId: paramBoardId }, { fields: { token: 0 } }),
}); });
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
// Create a new integration // Create a new integration
JsonRoutes.add('POST', '/api/boards/:boardId/integrations', function(req, res, next) { JsonRoutes.add('POST', '/api/boards/:boardId/integrations', function(req, res, next) {
const paramBoardId = req.params.boardId; try {
Authentication.checkBoardAccess(req.userId, paramBoardId); const paramBoardId = req.params.boardId;
Authentication.checkBoardAccess(req.userId, paramBoardId);
const id = Integrations.insert({ const id = Integrations.insert({
userId: req.userId, userId: req.userId,
boardId: paramBoardId, boardId: paramBoardId,
url: req.body.url, url: req.body.url,
}); });
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {
code: 200, code: 200,
data: { data: {
_id: id, _id: id,
}, },
}); });
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
// Edit integration data // Edit integration data
JsonRoutes.add('PUT', '/api/boards/:boardId/integrations/:intId', function (req, res, next) { JsonRoutes.add('PUT', '/api/boards/:boardId/integrations/:intId', function (req, res, next) {
const paramBoardId = req.params.boardId; try {
const paramIntId = req.params.intId; const paramBoardId = req.params.boardId;
Authentication.checkBoardAccess(req.userId, paramBoardId); const paramIntId = req.params.intId;
Authentication.checkBoardAccess(req.userId, paramBoardId);
if (req.body.hasOwnProperty('enabled')) { if (req.body.hasOwnProperty('enabled')) {
const newEnabled = req.body.enabled; const newEnabled = req.body.enabled;
Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
{$set: {enabled: newEnabled}}); {$set: {enabled: newEnabled}});
} }
if (req.body.hasOwnProperty('title')) { if (req.body.hasOwnProperty('title')) {
const newTitle = req.body.title; const newTitle = req.body.title;
Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
{$set: {title: newTitle}}); {$set: {title: newTitle}});
} }
if (req.body.hasOwnProperty('url')) { if (req.body.hasOwnProperty('url')) {
const newUrl = req.body.url; const newUrl = req.body.url;
Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
{$set: {url: newUrl}}); {$set: {url: newUrl}});
} }
if (req.body.hasOwnProperty('token')) { if (req.body.hasOwnProperty('token')) {
const newToken = req.body.token; const newToken = req.body.token;
Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
{$set: {token: newToken}}); {$set: {token: newToken}});
} }
if (req.body.hasOwnProperty('activities')) { if (req.body.hasOwnProperty('activities')) {
const newActivities = req.body.activities; const newActivities = req.body.activities;
Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
{$set: {activities: newActivities}}); {$set: {activities: newActivities}});
} }
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {
code: 200, code: 200,
data: { data: {
_id: paramIntId, _id: paramIntId,
}, },
}); });
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
// Delete subscribed activities // Delete subscribed activities
JsonRoutes.add('DELETE', '/api/boards/:boardId/integrations/:intId/activities', function (req, res, next) { JsonRoutes.add('DELETE', '/api/boards/:boardId/integrations/:intId/activities', function (req, res, next) {
const paramBoardId = req.params.boardId; try {
const paramIntId = req.params.intId; const paramBoardId = req.params.boardId;
const newActivities = req.body.activities; const paramIntId = req.params.intId;
Authentication.checkBoardAccess(req.userId, paramBoardId); const newActivities = req.body.activities;
Authentication.checkBoardAccess(req.userId, paramBoardId);
Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
{$pullAll: {activities: newActivities}}); {$pullAll: {activities: newActivities}});
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {
code: 200, code: 200,
data: Integrations.findOne({_id: paramIntId, boardId: paramBoardId}, { fields: {_id: 1, activities: 1}}), data: Integrations.findOne({_id: paramIntId, boardId: paramBoardId}, { fields: {_id: 1, activities: 1}}),
}); });
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
// Add subscribed activities // Add subscribed activities
JsonRoutes.add('POST', '/api/boards/:boardId/integrations/:intId/activities', function (req, res, next) { JsonRoutes.add('POST', '/api/boards/:boardId/integrations/:intId/activities', function (req, res, next) {
const paramBoardId = req.params.boardId; try {
const paramIntId = req.params.intId; const paramBoardId = req.params.boardId;
const newActivities = req.body.activities; const paramIntId = req.params.intId;
Authentication.checkBoardAccess(req.userId, paramBoardId); const newActivities = req.body.activities;
Authentication.checkBoardAccess(req.userId, paramBoardId);
Integrations.direct.update({_id: paramIntId, boardId: paramBoardId}, Integrations.direct.update({_id: paramIntId, boardId: paramBoardId},
{$addToSet: {activities: { $each: newActivities}}}); {$addToSet: {activities: { $each: newActivities}}});
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {
code: 200, code: 200,
data: Integrations.findOne({_id: paramIntId, boardId: paramBoardId}, { fields: {_id: 1, activities: 1}}), data: Integrations.findOne({_id: paramIntId, boardId: paramBoardId}, { fields: {_id: 1, activities: 1}}),
}); });
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
// Delete integration // Delete integration
JsonRoutes.add('DELETE', '/api/boards/:boardId/integrations/:intId', function (req, res, next) { JsonRoutes.add('DELETE', '/api/boards/:boardId/integrations/:intId', function (req, res, next) {
const paramBoardId = req.params.boardId; try {
const paramIntId = req.params.intId; const paramBoardId = req.params.boardId;
Authentication.checkBoardAccess(req.userId, paramBoardId); const paramIntId = req.params.intId;
Authentication.checkBoardAccess(req.userId, paramBoardId);
Integrations.direct.remove({_id: paramIntId, boardId: paramBoardId}); Integrations.direct.remove({_id: paramIntId, boardId: paramBoardId});
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {
code: 200, code: 200,
data: { data: {
_id: paramIntId, _id: paramIntId,
}, },
}); });
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
} }

112
models/lists.js
View file

@ -198,56 +198,88 @@ if (Meteor.isServer) {
//LISTS REST API //LISTS REST API
if (Meteor.isServer) { if (Meteor.isServer) {
JsonRoutes.add('GET', '/api/boards/:boardId/lists', function (req, res, next) { JsonRoutes.add('GET', '/api/boards/:boardId/lists', function (req, res, next) {
const paramBoardId = req.params.boardId; try {
Authentication.checkBoardAccess( req.userId, paramBoardId); const paramBoardId = req.params.boardId;
Authentication.checkBoardAccess( req.userId, paramBoardId);
JsonRoutes.sendResult(res, { JsonRoutes.sendResult(res, {
code: 200, code: 200,
data: Lists.find({ boardId: paramBoardId, archived: false }).map(function (doc) { data: Lists.find({ boardId: paramBoardId, archived: false }).map(function (doc) {
return { return {
_id: doc._id, _id: doc._id,
title: doc.title, title: doc.title,
}; };
}), }),
}); });
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
JsonRoutes.add('GET', '/api/boards/:boardId/lists/:listId', function (req, res, next) { JsonRoutes.add('GET', '/api/boards/:boardId/lists/:listId', function (req, res, next) {
const paramBoardId = req.params.boardId; try {
const paramListId = req.params.listId; const paramBoardId = req.params.boardId;
Authentication.checkBoardAccess( req.userId, paramBoardId); const paramListId = req.params.listId;
JsonRoutes.sendResult(res, { Authentication.checkBoardAccess( req.userId, paramBoardId);
code: 200, JsonRoutes.sendResult(res, {
data: Lists.findOne({ _id: paramListId, boardId: paramBoardId, archived: false }), code: 200,
}); data: Lists.findOne({ _id: paramListId, boardId: paramBoardId, archived: false }),
});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
JsonRoutes.add('POST', '/api/boards/:boardId/lists', function (req, res, next) { JsonRoutes.add('POST', '/api/boards/:boardId/lists', function (req, res, next) {
Authentication.checkUserId( req.userId); try {
const paramBoardId = req.params.boardId; Authentication.checkUserId( req.userId);
const id = Lists.insert({ const paramBoardId = req.params.boardId;
title: req.body.title, const id = Lists.insert({
boardId: paramBoardId, title: req.body.title,
}); boardId: paramBoardId,
JsonRoutes.sendResult(res, { });
code: 200, JsonRoutes.sendResult(res, {
data: { code: 200,
_id: id, data: {
}, _id: id,
}); },
});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
JsonRoutes.add('DELETE', '/api/boards/:boardId/lists/:listId', function (req, res, next) { JsonRoutes.add('DELETE', '/api/boards/:boardId/lists/:listId', function (req, res, next) {
Authentication.checkUserId( req.userId); try {
const paramBoardId = req.params.boardId; Authentication.checkUserId( req.userId);
const paramListId = req.params.listId; const paramBoardId = req.params.boardId;
Lists.remove({ _id: paramListId, boardId: paramBoardId }); const paramListId = req.params.listId;
JsonRoutes.sendResult(res, { Lists.remove({ _id: paramListId, boardId: paramBoardId });
code: 200, JsonRoutes.sendResult(res, {
data: { code: 200,
_id: paramListId, data: {
}, _id: paramListId,
}); },
});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
} }

208
models/users.js
View file

@ -588,94 +588,144 @@ if (Meteor.isServer) {
// USERS REST API // USERS REST API
if (Meteor.isServer) { if (Meteor.isServer) {
JsonRoutes.add('GET', '/api/user', function (req, res, next) { JsonRoutes.add('GET', '/api/user', function(req, res, next) {
Authentication.checkLoggedIn(req.userId); try {
const data = Meteor.users.findOne({_id: req.userId}); Authentication.checkLoggedIn(req.userId);
delete data.services; const data = Meteor.users.findOne({ _id: req.userId});
JsonRoutes.sendResult(res, { delete data.services;
code: 200, JsonRoutes.sendResult(res, {
data, code: 200,
}); data,
});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
JsonRoutes.add('GET', '/api/users', function (req, res, next) { JsonRoutes.add('GET', '/api/users', function (req, res, next) {
Authentication.checkUserId(req.userId); try {
JsonRoutes.sendResult(res, { Authentication.checkUserId(req.userId);
code: 200, JsonRoutes.sendResult(res, {
data: Meteor.users.find({}).map(function (doc) { code: 200,
return {_id: doc._id, username: doc.username}; data: Meteor.users.find({}).map(function (doc) {
}), return { _id: doc._id, username: doc.username };
}); }),
}); });
JsonRoutes.add('GET', '/api/users/:id', function (req, res, next) { }
Authentication.checkUserId(req.userId); catch (error) {
const id = req.params.id; JsonRoutes.sendResult(res, {
JsonRoutes.sendResult(res, { code: 200,
code: 200, data: error,
data: Meteor.users.findOne({_id: id}), });
});
});
JsonRoutes.add('PUT', '/api/users/:id', function (req, res, next) {
Authentication.checkUserId(req.userId);
const id = req.params.id;
const action = req.body.action;
let data = Meteor.users.findOne({_id: id});
if (data !== undefined) {
if (action === 'takeOwnership') {
data = Boards.find({
'members.userId': id,
'members.isAdmin': true,
}).map(function (board) {
if (board.hasMember(req.userId)) {
board.removeMember(req.userId);
}
board.changeOwnership(id, req.userId);
return {
_id: board._id,
title: board.title,
};
});
} else {
if ((action === 'disableLogin') && (id !== req.userId)) {
Users.update({_id: id}, {$set: {loginDisabled: true, 'services.resume.loginTokens': ''}});
} else if (action === 'enableLogin') {
Users.update({_id: id}, {$set: {loginDisabled: ''}});
}
data = Meteor.users.findOne({_id: id});
}
} }
JsonRoutes.sendResult(res, {
code: 200,
data,
});
}); });
JsonRoutes.add('POST', '/api/users/', function (req, res, next) {
Authentication.checkUserId(req.userId);
const id = Accounts.createUser({
username: req.body.username,
email: req.body.email,
password: req.body.password,
from: 'admin',
});
JsonRoutes.sendResult(res, { JsonRoutes.add('GET', '/api/users/:id', function (req, res, next) {
code: 200, try {
data: { Authentication.checkUserId(req.userId);
_id: id, const id = req.params.id;
}, JsonRoutes.sendResult(res, {
}); code: 200,
data: Meteor.users.findOne({ _id: id }),
});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
});
JsonRoutes.add('PUT', '/api/users/:id', function (req, res, next) {
try {
Authentication.checkUserId(req.userId);
const id = req.params.id;
const action = req.body.action;
let data = Meteor.users.findOne({ _id: id });
if (data !== undefined) {
if (action === 'takeOwnership') {
data = Boards.find({
'members.userId': id,
'members.isAdmin': true,
}).map(function(board) {
if (board.hasMember(req.userId)) {
board.removeMember(req.userId);
}
board.changeOwnership(id, req.userId);
return {
_id: board._id,
title: board.title,
};
});
} else {
if ((action === 'disableLogin') && (id !== req.userId)) {
Users.update({ _id: id }, { $set: { loginDisabled: true, 'services.resume.loginTokens': '' } });
} else if (action === 'enableLogin') {
Users.update({ _id: id }, { $set: { loginDisabled: '' } });
}
data = Meteor.users.findOne({ _id: id });
}
}
JsonRoutes.sendResult(res, {
code: 200,
data,
});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
});
JsonRoutes.add('POST', '/api/users/', function (req, res, next) {
try {
Authentication.checkUserId(req.userId);
const id = Accounts.createUser({
username: req.body.username,
email: req.body.email,
password: req.body.password,
from: 'admin',
});
JsonRoutes.sendResult(res, {
code: 200,
data: {
_id: id,
},
});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
JsonRoutes.add('DELETE', '/api/users/:id', function (req, res, next) { JsonRoutes.add('DELETE', '/api/users/:id', function (req, res, next) {
Authentication.checkUserId(req.userId); try {
const id = req.params.id; Authentication.checkUserId(req.userId);
Meteor.users.remove({_id: id}); const id = req.params.id;
JsonRoutes.sendResult(res, { Meteor.users.remove({ _id: id });
code: 200, JsonRoutes.sendResult(res, {
data: { code: 200,
_id: id, data: {
}, _id: id,
}); },
});
}
catch (error) {
JsonRoutes.sendResult(res, {
code: 200,
data: error,
});
}
}); });
} }