2021-03-04 21:28:02 +02:00
|
|
|
const User = require("../../models/User");
|
2021-03-26 22:50:21 +02:00
|
|
|
const Channel = require("../../models/Channel");
|
2021-10-02 22:50:12 +03:00
|
|
|
const Message = require("../../models/Message");
|
2021-03-04 21:28:02 +02:00
|
|
|
const config = require("../../config");
|
2021-03-14 20:14:32 +02:00
|
|
|
const { authenticateEndpoint } = require("./../../common/auth/authfunctions");
|
2021-03-04 21:28:02 +02:00
|
|
|
|
|
|
|
const mongoose = require("mongoose");
|
|
|
|
const { body, param, validationResult } = require("express-validator");
|
|
|
|
const express = require("express");
|
|
|
|
const rateLimit = require("express-rate-limit");
|
|
|
|
|
2021-03-14 20:14:32 +02:00
|
|
|
const app = express.Router();
|
2021-03-04 21:28:02 +02:00
|
|
|
const createLimiter = rateLimit({
|
|
|
|
windowMs: 2 * 60 * 1000,
|
|
|
|
max: 10,
|
|
|
|
});
|
|
|
|
|
2021-03-14 20:14:32 +02:00
|
|
|
mongoose.connect(config.mongoUrl, {useNewUrlParser: true, useUnifiedTopology: true});
|
|
|
|
|
2021-03-26 22:50:21 +02:00
|
|
|
app.post("/channel/create", [
|
2021-03-04 21:28:02 +02:00
|
|
|
createLimiter,
|
|
|
|
body("title").not().isEmpty().trim().isLength({ min: 3, max: 32 }).escape()
|
|
|
|
], authenticateEndpoint(async (req, res, user) => {
|
2021-08-21 21:30:02 +03:00
|
|
|
if (!config.policies.allowChannelCreation) return res.status(403).json({ error: true, message: "ERROR_FORBIDDEN_BY_POLICY" });
|
|
|
|
|
2021-03-04 21:28:02 +02:00
|
|
|
const errors = validationResult(req);
|
|
|
|
if (!errors.isEmpty()) {
|
|
|
|
res.status(400).json({ error: true, message: "ERROR_REQUEST_INVALID_DATA", errors: errors.array() });
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
const title = req.body.title;
|
2021-03-26 22:50:21 +02:00
|
|
|
const channel = await Channel.create({
|
2021-03-04 21:28:02 +02:00
|
|
|
title: title,
|
2021-10-22 01:21:03 +03:00
|
|
|
creator: user._id
|
2021-03-04 21:28:02 +02:00
|
|
|
});
|
|
|
|
|
|
|
|
res.status(200).json({
|
|
|
|
error: false,
|
2021-10-02 22:50:12 +03:00
|
|
|
message: "SUCCESS_CHANNEL_CREATED",
|
2021-03-26 22:50:21 +02:00
|
|
|
channel: channel.getPublicObject()
|
2021-03-04 21:28:02 +02:00
|
|
|
});
|
|
|
|
}, undefined, config.roleMap.USER));
|
|
|
|
|
2021-10-02 22:50:12 +03:00
|
|
|
app.get("/channel/:channel/messages", [
|
|
|
|
param("channel").not().isEmpty().trim().escape().isLength({ min: 24, max: 24 })
|
|
|
|
], authenticateEndpoint(async (req, res) => {
|
2021-10-03 21:05:54 +03:00
|
|
|
if (!config.policies.allowSavingMessages) {
|
|
|
|
// TODO: hack
|
|
|
|
res.status(200).json({
|
|
|
|
error: false,
|
|
|
|
message: "SUCCESS_CHANNEL_MESSAGES_FETCHED",
|
|
|
|
channelMessages: []
|
|
|
|
});
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2021-10-02 22:50:12 +03:00
|
|
|
const errors = validationResult(req);
|
|
|
|
if (!errors.isEmpty()) {
|
|
|
|
res.status(400).json({ error: true, message: "ERROR_REQUEST_INVALID_DATA", errors: errors.array() });
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
let idSearch = {};
|
|
|
|
if (req.query.before) {
|
|
|
|
idSearch = { _id: { $lt: req.query.before } };
|
|
|
|
}
|
|
|
|
|
|
|
|
const messages = await Message.find({ channel: req.params.channel, ...idSearch })
|
|
|
|
.sort({ _id: -1 })
|
|
|
|
.limit(50)
|
|
|
|
.select("-__v -channel")
|
|
|
|
.populate("author", "_id username");
|
|
|
|
|
|
|
|
res.status(200).json({
|
|
|
|
error: false,
|
|
|
|
message: "SUCCESS_CHANNEL_MESSAGES_FETCHED",
|
|
|
|
channelMessages: messages
|
|
|
|
});
|
|
|
|
}, undefined, config.roleMap.USER));
|
|
|
|
|
2021-03-26 22:50:21 +02:00
|
|
|
app.get("/channel/:channel/info", [
|
|
|
|
param("channel").not().isEmpty().trim().escape().isLength({ min: 24, max: 24 })
|
2021-03-04 21:28:02 +02:00
|
|
|
], authenticateEndpoint(async (req, res) => {
|
|
|
|
const errors = validationResult(req);
|
|
|
|
if (!errors.isEmpty()) {
|
|
|
|
res.status(400).json({ error: true, message: "ERROR_REQUEST_INVALID_DATA", errors: errors.array() });
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
2021-10-22 01:21:03 +03:00
|
|
|
const channel = await Channel.findById(req.params.channel);
|
2021-03-04 21:28:02 +02:00
|
|
|
const users = await User.find().sort({ _id: -1 }).limit(50).select(User.getPulicFields());
|
|
|
|
|
2021-03-26 22:50:21 +02:00
|
|
|
if (!channel) {
|
2021-03-04 21:28:02 +02:00
|
|
|
res.status(404).json({
|
|
|
|
error: true,
|
2021-10-02 22:50:12 +03:00
|
|
|
message: "ERROR_CHANNEL_NOT_FOUND"
|
2021-03-04 21:28:02 +02:00
|
|
|
});
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
res.status(200).json({
|
|
|
|
error: false,
|
2021-10-02 22:50:12 +03:00
|
|
|
message: "SUCCESS_CHANNEL_DATA_FETCHED",
|
2021-03-26 22:50:21 +02:00
|
|
|
channel: channel.getPublicObject(),
|
2021-03-04 21:28:02 +02:00
|
|
|
userInfo: {
|
|
|
|
userListLimit: 50,
|
|
|
|
users: users
|
|
|
|
}
|
|
|
|
});
|
|
|
|
}, undefined, config.roleMap.USER));
|
|
|
|
|
2021-03-26 22:50:21 +02:00
|
|
|
app.get("/channel/list", authenticateEndpoint(async (req, res) => {
|
2021-03-04 21:28:02 +02:00
|
|
|
let count = parseInt(req.query.count);
|
|
|
|
if (!Number.isInteger(count)) {
|
|
|
|
count = 10;
|
|
|
|
}
|
|
|
|
|
|
|
|
// TODO: This is probably not efficient
|
2021-10-22 01:21:03 +03:00
|
|
|
const channels = await Channel.find().lean().sort({ _id: -1 }).limit(count).select("-__v").populate("creator", User.getPulicFields());
|
2021-03-04 21:28:02 +02:00
|
|
|
|
|
|
|
res.status(200).json({
|
|
|
|
error: false,
|
2021-10-02 22:50:12 +03:00
|
|
|
message: "SUCCESS_CHANNEL_LIST_FETCHED",
|
2021-03-26 22:50:21 +02:00
|
|
|
channels
|
2021-03-04 21:28:02 +02:00
|
|
|
});
|
|
|
|
}, undefined, config.roleMap.USER));
|
|
|
|
|
2021-03-17 03:01:11 +02:00
|
|
|
module.exports = app;
|