UNPKG

openhim-core

Version:

The OpenHIM core application that provides logging and routing of http requests

jembi/openhim-core-js

142 lines (115 loc) • 5.06 kB

JavaScript

'use strict'; Object.defineProperty(exports, "__esModule", { value: true }); exports.addContactGroup = addContactGroup; exports.getContactGroup = getContactGroup; exports.updateContactGroup = updateContactGroup; exports.removeContactGroup = removeContactGroup; exports.getContactGroups = getContactGroups; var _winston = require('winston'); var _winston2 = _interopRequireDefault(_winston); var _contactGroups = require('../model/contactGroups'); var _authorisation = require('./authorisation'); var authorisation = _interopRequireWildcard(_authorisation); var _channels = require('../model/channels'); var _utils = require('../utils'); var utils = _interopRequireWildcard(_utils); function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } } function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } async function addContactGroup(ctx) { // Must be admin if (!authorisation.inGroup('admin', ctx.authenticated)) { utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to addContactGroup denied.`, 'info'); return; } const contactGroupData = ctx.request.body; try { const contactGroup = new _contactGroups.ContactGroupModelAPI(contactGroupData); await contactGroup.save(); utils.logAndSetResponse(ctx, 201, 'Contact Group successfully created', 'info'); } catch (err) { utils.logAndSetResponse(ctx, 400, `Could not add a contact group via the API: ${err}`, 'error'); } } async function getContactGroup(ctx, contactGroupId) { // Must be admin if (!authorisation.inGroup('admin', ctx.authenticated)) { utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to getContactGroup denied.`, 'info'); return; } contactGroupId = unescape(contactGroupId); try { const result = await _contactGroups.ContactGroupModelAPI.findById(contactGroupId).exec(); if (result === null) { ctx.body = `Contact Group with id '${contactGroupId}' could not be found.`; ctx.status = 404; } else { ctx.body = result; } } catch (err) { utils.logAndSetResponse(ctx, 500, `Could not find Contact Group by id '${contactGroupId}' via the API: ${err}`, 'error'); } } async function updateContactGroup(ctx, contactGroupId) { // Must be admin if (!authorisation.inGroup('admin', ctx.authenticated)) { utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to updateContactGroup denied.`, 'info'); return; } contactGroupId = unescape(contactGroupId); const contactGroupData = ctx.request.body; // Ignore _id if it exists, a user shouldnt be able to update the internal id if (contactGroupData._id) { delete contactGroupData._id; } try { await _contactGroups.ContactGroupModelAPI.findByIdAndUpdate(contactGroupId, contactGroupData).exec(); ctx.body = 'Successfully updated contact group.'; _winston2.default.info(`User ${ctx.authenticated.email} updated contact group with id ${contactGroupId}`); } catch (err) { utils.logAndSetResponse(ctx, 500, `Could not update Contact Group by id ${contactGroupId} via the API: ${err}`, 'error'); } } async function removeContactGroup(ctx, contactGroupId) { // Must be admin if (!authorisation.inGroup('admin', ctx.authenticated)) { utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to removeContactGroup denied.`, 'info'); return; } contactGroupId = unescape(contactGroupId); try { const linkedAlerts = await _channels.ChannelModelAPI.find({ alerts: { $elemMatch: { groups: { $in: [contactGroupId] } } } }).exec(); if (linkedAlerts.length > 0) { ctx.status = 409; ctx.body = linkedAlerts; } else { await _contactGroups.ContactGroupModelAPI.findByIdAndRemove(contactGroupId).exec(); ctx.body = `Successfully removed contact group with ID '${contactGroupId}'`; _winston2.default.info(`User ${ctx.authenticated.email} removed contact group with id ${contactGroupId}`); } } catch (err) { utils.logAndSetResponse(ctx, 500, `Could not remove Contact Group by id ${contactGroupId} via the API: ${err}`, 'error'); } } async function getContactGroups(ctx) { // Must be admin if (!authorisation.inGroup('admin', ctx.authenticated)) { utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to getContactGroups denied.`, 'info'); return; } try { ctx.body = await _contactGroups.ContactGroupModelAPI.find().exec(); } catch (err) { utils.logAndSetResponse(ctx, 500, `Could not fetch all Contact Group via the API: ${err}`, 'error'); } } //# sourceMappingURL=contactGroups.js.map