All files / src/api clients.coffee

16.67% Statements 11/66
0% Branches 0/8
0% Functions 0/6
16.67% Lines 11/66
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 1391x 1x 1x 1x 1x         1x                                               1x                                                               1x                                       1x                                           1x                                   1x                          
Client = require('../model/clients').Client
Q = require 'q'
logger = require 'winston'
authorisation = require './authorisation'
utils = require '../utils'
 
###
# Adds a client
###
exports.addClient = () ->
 
  # Test if the user is authorised
  if not authorisation.inGroup 'admin', this.authenticated
    utils.logAndSetResponse this, 403, "User #{this.authenticated.email} is not an admin, API access to addClient denied.", 'info'
    return
 
  clientData = this.request.body
 
  try
    client = new Client clientData
    result = yield Q.ninvoke client, 'save'
    
    logger.info "User #{this.authenticated.email} created client with id #{client.id}"
    this.body = 'Client successfully created'
    this.status = 201
  catch e
    logger.error "Could not add a client via the API: #{e.message}"
    this.body = e.message
    this.status = 400
 
###
# Retrieves the details of a specific client
###
exports.getClient = (clientId, property) ->
  projectionRestriction = null
 
  # if property - Setup client projection and bypass authorization
  if typeof property is 'string'
    if property is 'clientName'
      projectionRestriction =
        _id: 0
        name: 1
    else
      utils.logAndSetResponse this, 404, "The property (#{property}) you are trying to retrieve is not found.", 'info'
      return
  else
    # Test if the user is authorised
    if not authorisation.inGroup 'admin', this.authenticated
      utils.logAndSetResponse this, 403, "User #{this.authenticated.email} is not an admin, API access to findClientById denied.", 'info'
      return
 
  clientId = unescape clientId
 
  try
    result = yield Client.findById(clientId, projectionRestriction).exec()
    if result is null
      utils.logAndSetResponse this, 404, "Client with id #{clientId} could not be found.", 'info'
    else
      this.body = result
  catch e
    logger.error "Could not find client by id #{clientId} via the API: #{e.message}"
    this.body = e.message
    this.status = 500
 
 
exports.findClientByDomain = (clientDomain) ->
 
  # Test if the user is authorised
  if not authorisation.inGroup 'admin', this.authenticated
    utils.logAndSetResponse this, 403, "User #{this.authenticated.email} is not an admin, API access to findClientByDomain denied.", 'info'
    return
 
  clientDomain = unescape clientDomain
 
  try
    result = yield Client.findOne(clientDomain: clientDomain).exec()
    if result is null
      utils.logAndSetResponse this, 404, "Could not find client with clientDomain #{clientDomain}", 'info'
    else
      this.body = result
  catch e
    logger.error "Could not find client by client Domain #{clientDomain} via the API: #{e.message}"
    this.body = e.message
    this.status = 500
 
exports.updateClient = (clientId) ->
 
  # Test if the user is authorised
  if not authorisation.inGroup 'admin', this.authenticated
    utils.logAndSetResponse this, 403, "User #{this.authenticated.email} is not an admin, API access to updateClient denied.", 'info'
    return
 
  clientId = unescape clientId
  clientData = this.request.body
 
  # Ignore _id if it exists, a user shouldn't be able to update the internal id
  delete clientData._id if clientData._id
 
  try
    yield Client.findByIdAndUpdate(clientId, clientData).exec()
    logger.info "User #{this.authenticated.email} updated client with id #{clientId}"
    this.body = 'Successfully updated client.'
  catch e
    logger.error "Could not update client by ID #{clientId} via the API: #{e.message}"
    this.body = e.message
    this.status = 500
 
exports.removeClient = (clientId) ->
 
  # Test if the user is authorised
  if not authorisation.inGroup 'admin', this.authenticated
    utils.logAndSetResponse this, 403, "User #{this.authenticated.email} is not an admin, API access to removeClient denied.", 'info'
    return
 
  clientId = unescape clientId
 
  try
    yield Client.findByIdAndRemove(clientId).exec()
    this.body = "Successfully removed client with ID #{clientId}"
    logger.info "User #{this.authenticated.email} removed client with id #{clientId}"
  catch e
    logger.error "Could not remove client by ID #{clientId} via the API: #{e.message}"
    this.body = e.message
    this.status = 500
 
exports.getClients = () ->
 
  # Test if the user is authorised
  if not authorisation.inGroup 'admin', this.authenticated
    utils.logAndSetResponse this, 403, "User #{this.authenticated.email} is not an admin, API access to getClients denied.", 'info'
    return
 
  try
    this.body = yield Client.find().exec()
  catch e
    logger.error "Could not fetch all clients via the API: #{e.message}"
    this.message = e.message
    this.status = 500