diff options
Diffstat (limited to 'models/boards.js')
-rw-r--r-- | models/boards.js | 164 |
1 files changed, 102 insertions, 62 deletions
diff --git a/models/boards.js b/models/boards.js index cd633f56..6ae818c6 100644 --- a/models/boards.js +++ b/models/boards.js @@ -566,82 +566,122 @@ if (Meteor.isServer) { //BOARDS REST API if (Meteor.isServer) { JsonRoutes.add('GET', '/api/users/:userId/boards', function (req, res, next) { - Authentication.checkLoggedIn(req.userId); - const paramUserId = req.params.userId; - // A normal user should be able to see their own boards, - // admins can access boards of any user - Authentication.checkAdminOrCondition(req.userId, req.userId === paramUserId); - - const data = Boards.find({ - archived: false, - 'members.userId': paramUserId, - }, { - sort: ['title'], - }).map(function(board) { - return { - _id: board._id, - title: board.title, - }; - }); + try { + Authentication.checkLoggedIn(req.userId); + const paramUserId = req.params.userId; + // A normal user should be able to see their own boards, + // admins can access boards of any user + Authentication.checkAdminOrCondition(req.userId, req.userId === paramUserId); + + const data = Boards.find({ + archived: false, + 'members.userId': paramUserId, + }, { + sort: ['title'], + }).map(function(board) { + return { + _id: board._id, + title: board.title, + }; + }); - JsonRoutes.sendResult(res, {code: 200, data}); + JsonRoutes.sendResult(res, {code: 200, data}); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('GET', '/api/boards', function (req, res, next) { - Authentication.checkUserId(req.userId); - JsonRoutes.sendResult(res, { - code: 200, - data: Boards.find({ permission: 'public' }).map(function (doc) { - return { - _id: doc._id, - title: doc.title, - }; - }), - }); + try { + Authentication.checkUserId(req.userId); + JsonRoutes.sendResult(res, { + code: 200, + data: Boards.find({ permission: 'public' }).map(function (doc) { + return { + _id: doc._id, + title: doc.title, + }; + }), + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('GET', '/api/boards/:id', function (req, res, next) { - const id = req.params.id; - Authentication.checkBoardAccess( req.userId, id); + try { + const id = req.params.id; + Authentication.checkBoardAccess(req.userId, id); - JsonRoutes.sendResult(res, { - code: 200, - data: Boards.findOne({ _id: id }), - }); + JsonRoutes.sendResult(res, { + code: 200, + data: Boards.findOne({ _id: id }), + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('POST', '/api/boards', function (req, res, next) { - Authentication.checkUserId( req.userId); - const id = Boards.insert({ - title: req.body.title, - members: [ - { - userId: req.body.owner, - isAdmin: true, - isActive: true, - isCommentOnly: false, + try { + Authentication.checkUserId(req.userId); + const id = Boards.insert({ + title: req.body.title, + members: [ + { + userId: req.body.owner, + isAdmin: true, + isActive: true, + isCommentOnly: false, + }, + ], + permission: 'public', + color: 'belize', + }); + JsonRoutes.sendResult(res, { + code: 200, + data: { + _id: id, }, - ], - permission: 'public', - color: 'belize', - }); - JsonRoutes.sendResult(res, { - code: 200, - data: { - _id: id, - }, - }); + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); JsonRoutes.add('DELETE', '/api/boards/:id', function (req, res, next) { - Authentication.checkUserId( req.userId); - const id = req.params.id; - Boards.remove({ _id: id }); - JsonRoutes.sendResult(res, { - code: 200, - data:{ - _id: id, - }, - }); + try { + Authentication.checkUserId(req.userId); + const id = req.params.id; + Boards.remove({ _id: id }); + JsonRoutes.sendResult(res, { + code: 200, + data:{ + _id: id, + }, + }); + } + catch (error) { + JsonRoutes.sendResult(res, { + code: 200, + data: error, + }); + } }); } |