/**
* Item related CRUD operations
* @module ItemController
* @see Item
*/
const db = require("../models"),
Item = db.items,
{
PUBLIC_API_KEY,
MASTER_API_KEY
} = process.env
/**
* **Create a new Item**
*
* with the name from the request's body
* @function create
* @param {Object} req POST request
* @param {Object} req.body request's body
* @param {string} req.body.name item's name
*
* @param {Object} res response
* @param {Item} res.item created Item
*/
exports.create = (req, res) => {
// Validate authentication and authorization
const apiKey = req.header('x-api-key')
if (!apiKey) {
res
.status(401)
.send({ message: "Missing authentication header" });
return;
}
if (apiKey !== PUBLIC_API_KEY && apiKey !== MASTER_API_KEY) {
res
.status(403)
.send({ message: "You have no authorization to complete this operation" });
return
}
// Validate request parameters
if (!req.body.name) {
res
.status(400)
.send({ message: "Request is missing required parameters" });
return;
}
// Create a Item
const itemName = req.body.name,
item = new Item({
name: itemName
});
// Save Item in the database
item
.save(item)
.then(data => {
res.send(data);
})
.catch(err => {
res
.status(500)
.send({ message: `Error creating Item '${itemName}'` });
});
};
/**
* **Retrieve all Items**
* @function findAll
* @param {Object} req GET request
*
* @param {Object} res response
* @param {Item[]} res.data list of items
*/
exports.findAll = (req, res) => {
// Validate authentication and authorization
const apiKey = req.header('x-api-key')
if (!apiKey) {
res
.status(401)
.send({ message: "Missing authentication header" });
return;
}
if (apiKey !== PUBLIC_API_KEY && apiKey !== MASTER_API_KEY) {
res
.status(403)
.send({ message: "You have no authorization to complete this operation" });
return
}
// Get query string from the Request and consider it as condition for findAll() method.
const title = req.query.title,
condition = title ? { title: { $regex: new RegExp(title), $options: "i" } } : {}
Item.find(condition, { __v: 0 })
.then(data => {
res.send(data);
})
.catch(err => {
res
.status(500)
.send({ message: `Error retrieving all Items` });
});
};
/**
* **Delete all Items**
* @function deleteAll
* @param {Object} req DELETE request
*
* @param {Object} res response
*/
exports.deleteAll = (req, res) => {
// Validate authentication and authorization
const apiKey = req.header('x-api-key')
if (!apiKey) {
res
.status(401)
.send({ message: "Missing authentication header" });
return;
}
if (apiKey !== MASTER_API_KEY) {
res
.status(403)
.send({ message: "You have no authorization to complete this operation" });
return
}
Item.deleteMany({})
.then(data => {
res.send({
message: `${data.deletedCount} Items were deleted successfully!`
});
})
.catch(err => {
res
.status(500)
.send({ message: `Error deleting all Items` });
});
};
/**
* **Find a single Item by name**
*
* with the name in the request's path
* @function findOne
* @param {Object} req GET request
* @param {Object} req.params request's path parameters
* @param {string} req.params.name item's name
*
* @param {Object} res response
* @param {Item} res.data found item
*/
exports.findOne = (req, res) => {
// Validate authentication and authorization
const apiKey = req.header('x-api-key')
if (!apiKey) {
res
.status(401)
.send({ message: "Missing authentication header" });
return;
}
if (apiKey !== PUBLIC_API_KEY && apiKey !== MASTER_API_KEY) {
res
.status(403)
.send({ message: "You have no authorization to complete this operation" });
return
}
const item = req.params.name;
Item.find({ "name": item }, { __v: 0 })
.then(data => {
if (!data)
res.status(404).send({ message: `Item with name '${item}' was not found` });
else res.send(data);
})
.catch(err => {
res
.status(500)
.send({ message: `Error retrieving Item with name '${item}'` });
});
};
/**
* **Update an Item by name**
*
* with the name in the request's path
*
* and the item's details in the request body
* @function update
* @param {Object} req PUT request
* @param {Object} req.params request's path parameters
* @param {string} req.params.name item's name
*
* @param {Object} res response
* @param {string} res.message message
*/
exports.update = (req, res) => {
// Validate authentication and authorization
const apiKey = req.header('x-api-key')
if (!apiKey) {
res
.status(401)
.send({ message: "Missing authentication header" });
return;
}
if (apiKey !== PUBLIC_API_KEY && apiKey !== MASTER_API_KEY) {
res
.status(403)
.send({ message: "You have no authorization to complete this operation" });
return
}
// Validate request parameters
if (!req.body) {
res
.status(400)
.send({ message: "Request is missing required parameters" });
return
}
const item = req.params.name;
Item.findOneAndUpdate({ name: item }, req.body, { useFindAndModify: false }, { __v: 0 })
.then(data => {
if (!data) {
res.status(404).send({
message: `Can't update Item with name '${item}'. Item may not exist`
});
} else res.send({ message: "Item was updated successfully" });
})
.catch(err => {
res
.status(500)
.send({ message: `Error updating Item with name '${item}'` });
});
};
/**
* **Delete an Item by name**
*
* with the name in the request's path
* @function delete
* @param {Object} req DELETE request
* @param {Object} req.params request's path parameters
* @param {string} req.params.name item's name
*
* @param {Object} res response
* @param {string} res.message message
*/
exports.delete = (req, res) => {
// Validate authentication and authorization
const apiKey = req.header('x-api-key')
if (!apiKey) {
res
.status(401)
.send({ message: "Missing authentication header" });
return;
}
if (apiKey !== MASTER_API_KEY) {
res
.status(403)
.send({ message: "You have no authorization to complete this operation" });
return
}
const item = req.params.name;
Item.findOneAndRemove({ name: item })
.then(data => {
if (!data) {
res.status(404).send({
message: `Can't delete Item with name '${item}'. Item may not exist`
});
} else {
res.send({
message: "Item was deleted successfully"
});
}
})
.catch(err => {
res.status(500).send({
message: `Error deleting Item with name '${item}'`
});
});
};
/**
* **Find a single Item by ID**
*
* with the ID in the request's path
* @function findOneById
* @param {Object} req GET request
* @param {Object} req.params request's path parameters
* @param {string} req.params.id item's ID
*
* @param {Object} res response
* @param {Item} res.data found item
*/
exports.findOneById = (req, res) => {
// Validate authentication and authorization
const apiKey = req.header('x-api-key')
if (!apiKey) {
res
.status(401)
.send({ message: "Missing authentication header" });
return;
}
if (apiKey !== PUBLIC_API_KEY && apiKey !== MASTER_API_KEY) {
res
.status(403)
.send({ message: "You have no authorization to complete this operation" });
return
}
const item = req.params.id;
Item.findOne({ "_id": item }, { __v: 0 })
.then(data => {
if (!data)
res
.status(404)
.send({ message: `Item with ID '${item}' was not found` });
else res.send(data);
})
.catch(err => {
res
.status(500)
.send({ message: `Error retrieving Item with ID '${item}'` });
});
};
/**
* **Retrieve all Items by the category**
*
* with the category name in the request's path
* @function findByCategory
* @param {Object} req GET request
* @param {Object} req.params request's path parameters
* @param {string} req.params.category category name
*
* @param {Object} res response
* @param {Item[]} res.data list of items belonging to category
*/
exports.findByCategory = (req, res) => {
// Validate authentication and authorization
const apiKey = req.header('x-api-key')
if (!apiKey) {
res
.status(401)
.send({ message: "Missing authentication header" });
return;
}
if (apiKey !== PUBLIC_API_KEY && apiKey !== MASTER_API_KEY) {
res
.status(403)
.send({ message: "You have no authorization to complete this operation" });
return
}
const category = req.params.category
Item.find({ "category": category }, { __v: 0 })
.then(data => {
res.send(data);
})
.catch(err => {
res.status(500).send({
message: err.message || "Some error occurred while retrieving Items."
});
});
}