const aqp = require('api-query-params'); const errors = require('restify-errors'); const Item = require('../models/item'); const { PUBLIC, STAFF } = require('../strategies/selects/item'); module.exports = function (server, auth) { server.post('/items', auth.manager, (req, res, next) => { const data = req.body || {}; const item = new Item(data); item.save(function(err) { if (err) { console.error(err); return next(new errors.InternalError(err.message)); next(); } res.send(201); next(); }); }); server.get('/items', auth.basic, (req, res, next) => { const select = req.user.isManager ? STAFF : PUBLIC; Item.find(req.params, select, function(err, docs) { if (err) { console.error(err); return next( new errors.InvalidContentError(err), ); } res.send(docs); next(); }); }); server.get('/items/:item_id', auth.basic, (req, res, next) => { const select = req.user.isManager ? STAFF : PUBLIC; Item.findOne({ _id: req.params.item_id }, select, function(err, doc) { if (err) { console.error(err); return next( new errors.InvalidContentError(err), ); } res.send(doc); next(); }); }); server.put('/items/:item_id', auth.manager, (req, res, next) => { let data = req.body || {}; if (!data._id) { data = Object.assign({}, data, { _id: req.params.item_id }); } Item.findOne({ _id: req.params.item_id }, function(err, doc) { if (err) { console.error(err); return next( new errors.InvalidContentError(err), ); } else if (!doc) { return next( new errors.ResourceNotFoundError( 'The resource you requested could not be found.', ), ); } Item.updateOne({ _id: data._id }, data, function(err) { if (err) { console.error(err); return next( new errors.InvalidContentError(err), ); } res.send(200, data); next(); }); }); }); server.del('/items/:item_id', auth.manager, (req, res, next) => { Item.deleteOne({ _id: req.params.item_id }, function(err) { if (err) { console.error(err); return next( new errors.InvalidContentError(err), ); } res.send(204); next(); }); }); };