UNPKG

openhim-core

Version:

The OpenHIM core application that provides logging and routing of http requests

openhim.org

jembi/openhim-core-js

142 lines (113 loc) 5.41 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
'use strict'; Object.defineProperty(exports, "__esModule", { value: true }); exports.getVisualizers = getVisualizers; exports.getVisualizer = getVisualizer; exports.addVisualizer = addVisualizer; exports.updateVisualizer = updateVisualizer; exports.removeVisualizer = removeVisualizer; var _winston = require('winston'); var _winston2 = _interopRequireDefault(_winston); var _visualizer = require('../model/visualizer'); var _authorisation = require('./authorisation'); var authorisation = _interopRequireWildcard(_authorisation); var _utils = require('../utils'); var utils = _interopRequireWildcard(_utils); function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } } function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } // Endpoint that returns all visualizers async function getVisualizers(ctx) { // Must be admin if (!authorisation.inGroup('admin', ctx.authenticated)) { return utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to getVisualizers denied.`, 'info'); } try { ctx.body = await _visualizer.VisualizerModelAPI.find().exec(); } catch (err) { utils.logAndSetResponse(ctx, 500, `Could not fetch visualizers via the API: ${err}`, 'error'); } } // Endpoint that returns specific visualizer by visualizerId async function getVisualizer(ctx, visualizerId) { // Must be admin if (!authorisation.inGroup('admin', ctx.authenticated)) { return utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to getVisualizer denied.`, 'info'); } visualizerId = unescape(visualizerId); try { const result = await _visualizer.VisualizerModelAPI.findById(visualizerId).exec(); if (!result) { ctx.body = `Visualizer with _id ${visualizerId} could not be found.`; ctx.status = 404; } else { ctx.body = result; } } catch (err) { utils.logAndSetResponse(ctx, 500, `Could not fetch visualizer via the API: ${err}`, 'error'); } } // Endpoint to add new visualizer async function addVisualizer(ctx) { // Must be admin user if (!authorisation.inGroup('admin', ctx.authenticated)) { return utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to addVisualizer denied.`, 'info'); } if (!ctx.request.rawBody) { return utils.logAndSetResponse(ctx, 404, 'Cannot Add Visualizer, no request object', 'info'); } try { const visualizer = new _visualizer.VisualizerModelAPI(ctx.request.body); await visualizer.save(); ctx.body = 'Visualizer successfully created'; ctx.status = 201; _winston2.default.info('User %s created visualizer with id %s', ctx.authenticated.email, visualizer.id); } catch (err) { utils.logAndSetResponse(ctx, 500, `Could not add visualizer via the API: ${err}`, 'error'); } } // Endpoint to update specific visualizer by visualizerId async function updateVisualizer(ctx, visualizerId) { // Must be admin if (!authorisation.inGroup('admin', ctx.authenticated)) { return utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to updateVisualizer denied.`, 'info'); } if (!ctx.request.rawBody) { return utils.logAndSetResponse(ctx, 404, `Cannot Update Visualizer with _id ${visualizerId}, no request object`, 'info'); } const visualizerData = ctx.request.body; visualizerId = unescape(visualizerId); // Ignore _id if it exists, a user shouldn't be able to update the internal id if (visualizerData._id) { delete visualizerData._id; } try { const result = await _visualizer.VisualizerModelAPI.findByIdAndUpdate(visualizerId, visualizerData).exec(); if (!result) { return utils.logAndSetResponse(ctx, 404, `Cannot Update Visualizer with _id ${visualizerId}, does not exist`, 'info'); } ctx.body = `Successfully updated visualizer with _id ${visualizerId}`; _winston2.default.info(`User ${ctx.authenticated.email} updated visualizer with _id ${visualizerId}`); } catch (e) { utils.logAndSetResponse(ctx, 500, `Could not update visualizer with _id ${visualizerId} via the API ${e}`, 'error'); } } // Endpoint to remove specific visualizer by visualizerId async function removeVisualizer(ctx, visualizerId) { // Must be admin if (!authorisation.inGroup('admin', ctx.authenticated)) { return utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to removeVisualizer denied.`, 'info'); } visualizerId = unescape(visualizerId); try { const v = await _visualizer.VisualizerModelAPI.findByIdAndRemove(visualizerId).exec(); if (!v) { return utils.logAndSetResponse(ctx, 404, `Could not find visualizer with _id ${visualizerId}`, 'info'); } ctx.body = `Successfully removed visualizer with _id ${visualizerId}`; _winston2.default.info(`User ${ctx.authenticated.email} removed visualizer with _id ${visualizerId}`); } catch (e) { utils.logAndSetResponse(ctx, 500, `Could not remove visualizer with _id ${visualizerId} via the API ${e}`, 'error'); } } //# sourceMappingURL=visualizers.js.map