From c131f42632544206be49df925f1dec3870aa3a7e Mon Sep 17 00:00:00 2001
From: Mike Fitzpatrick <mike@fitz.guru>
Date: Sun, 4 Mar 2018 18:49:00 -0500
Subject: [PATCH] no message

---
 models/profile.js  | 81 ++++++++++++++++++++++++++++++++++++++++------
 modules/token.js   | 23 ++-----------
 routes/profiles.js | 78 +++++++++++++++++++++++++-------------------
 3 files changed, 119 insertions(+), 63 deletions(-)

diff --git a/models/profile.js b/models/profile.js
index 6f7f73c..864dde4 100644
--- a/models/profile.js
+++ b/models/profile.js
@@ -151,6 +151,42 @@ module.exports = {
 		});
 	},
 
+	deleteMessage: (e, profileId, messageId) => {
+		const promise = new Promise((resolve, reject) => {  
+			ProfileModel.findById(prodileId, (err, profile) => {
+        if (err) {
+          reject(err);
+        }
+
+        if (result) {
+          let message = profile.messages.id(messageId);
+          
+          if (message) {
+            message.remove();
+            profile.save((err, result) => {
+              if (err) {
+                reject(err);
+              }
+              
+              if (result) {
+                resolve(result);
+              }
+            });
+          } else {
+            reject('The specified message does not exist');
+          }
+        }
+      });
+		});
+
+		promise.then((result) => {
+			e.emit('deleteMessage', null, result);
+		})
+		.catch((err) => {
+			e.emit('deleteMessage', err, null);
+		});
+	},
+
 	find: (e, find) => {
 		const promise = new Promise((resolve, reject) => {  
 			var query = ProfileModel
@@ -232,15 +268,19 @@ module.exports = {
 
 	update: (e, id, profile) => {
 		const promise = new Promise((resolve, reject) => {
-			ProfileModel.findByIdAndUpdate(id, { $set: profile }, { new: true }, (err, result) => {
-				if (err) {
-					reject(err);
-				}
+			ProfileModel.findOneAndUpdate(
+			  { _id: profileId }, 
+			  { $set: profile },
+			  { new: true }, 
+			  (err, result) => {
+          if (err) {
+            reject(err);
+          }
 
-				if (result) {
-					resolve(result);
-				}
-			});
+          if (result) {
+            resolve(result);
+          }
+        });
 		});
 
 		promise.then((result) => {
@@ -251,5 +291,28 @@ module.exports = {
 		});
 	},
 	
-	updateMessage: (e, profileId, messageId, data) => {}
+	updateMessage: (e, profileId, messageId, data) => {
+		const promise = new Promise((resolve, reject) => {
+			ProfileModel.findOneAndUpdate(
+			  { _id: profileId, 'messages._id': messageId }, 
+			  { $set: { 'messages.$': data } },
+			  { new: true }, 
+			  (err, result) => {
+          if (err) {
+            reject(err);
+          }
+
+          if (result) {
+            resolve(result);
+          }
+        });
+		});
+
+		promise.then((result) => {
+			e.emit('updateMessage', null, result);
+		})
+		.catch((err) => {
+			e.emit('updateMessage', err, null);
+		});
+	}
 };
diff --git a/modules/token.js b/modules/token.js
index c86ba00..7bfc06b 100644
--- a/modules/token.js
+++ b/modules/token.js
@@ -26,10 +26,6 @@ function createAnonymousToken (e) {
   });
 }
 
-function createHmac (e, options) {
-  
-}
-
 function createAuthenticatedToken (e, user, event = 'token:create') {
   Token.create({ user: user.userName, permission: user.permission._id, uid: user.uid }, (err, token) => {
     if (err) {
@@ -92,21 +88,7 @@ function validateToken (e, token, callback) {
   }
 }
 
-function verifyTokenAndUserThen (token, minimumPermission, callback) {
-  validateToken(null, token, (err, decoded) => {
-    if (err) {
-      callback(err, null);
-    }
-    
-    if (decoded && decoded.valid && decoded.data.permission >= minimumPermission) {
-      callback(null, decoded);
-    } else {
-      callback('User role does not have permission', null);
-    }
-  });
-}
-
-function verifyTokenAndRoleThen (token, action, callback, log = false) {
+function verifyTokenThen (token, action, callback, log = false) {
   logger.debug('verifyTokenAndRoleThen', { token: token, action: action });
   validateToken(null, token, (err, decoded) => {
     logger.debug('verifyTokenAndRoleThen::validateToken', { err: err, decoded: decoded.data });
@@ -141,6 +123,5 @@ module.exports = {
 	create: createAuthenticatedToken,
 	refresh: refreshToken,
 	validate: validateToken,
-	verifyRoleThen: verifyTokenAndRoleThen,
-	verifyThen: verifyTokenAndRoleThen
+	verifyThen: verifyTokenThen
 };
diff --git a/routes/profiles.js b/routes/profiles.js
index 35b2018..34a7326 100644
--- a/routes/profiles.js
+++ b/routes/profiles.js
@@ -68,11 +68,11 @@ function update (req, res, next) {
 }
 
 function updateMessage (req, res, next) {
-  Token.verifyThen(req.get('authorization'), 'edit', (err, decoded) => {
-    if (err) {
-      res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
-      return;
-    } 
+//   Token.verifyThen(req.get('authorization'), 'edit', (err, decoded) => {
+//     if (err) {
+//       res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
+//       return;
+//     } 
     
     var ProfileEvents = new EventEmitter();  
     var profileId = req.params.profileId;
@@ -95,35 +95,9 @@ function updateMessage (req, res, next) {
     });
 
     Profiles.updateMessage(ProfileEvents, profileId, messageId, data);
-  });
+//   });
 }
 
-Router.route('/')
-  .post((req, res) => {
-//     Token.verifyThen(req.get('authorization'), 'add', (err, decoded) => {
-//       if (err) {
-//         res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
-//         return;
-//       } 
-    
-      var ProfileEvents = new EventEmitter();
-      var profile = Array.isArray(req.body) ? req.body : [ req.body ];
-      var multi = profile.length > 1;
-
-      ProfileEvents.once('create', (err, result) => {
-        if (err) {
-          res.status(500).json({ message: 'Could not create profile' + (multi ? 's' : ''), err: err, profile: profile });
-        }
-
-        if (result) {
-          res.status(200).json(result);
-        }
-      });
-
-      Profiles.create(ProfileEvents, profile);
-//     });
-  });
-
 Router.route('/find' + ParamStr)
   .get((req, res) => {
     var ProfileEvents = new EventEmitter();
@@ -182,7 +156,21 @@ Router.route('/list' + ParamStr)
   
 Router.route('/:profileId?/messages/:messageId?')
   .delete((req, res) => {
-  
+    var ProfileEvents = new EventEmitter();
+    var profileId = req.params.profileId || null;
+    var messageId = req.params.messageId || null;
+
+    ProfileEvents.once('deleteMessage', (err, result) => {
+      if (err) {
+        res.status(500).json({ message: 'Could not delete message id: ' + messageId + ' [' + err + ']', err: err });
+      }
+
+      if (result) {
+        res.status(200).json(result);
+      }		
+    });
+
+    Profiles.deleteMessage(ProfileEvents, profileId, messageId);  
   })
   .get((req, res) => {
     var ProfileEvents = new EventEmitter();
@@ -254,6 +242,30 @@ Router.route('/:id?')
 //     });
 	})
 	.patch( update )
+  .post((req, res) => {
+//     Token.verifyThen(req.get('authorization'), 'add', (err, decoded) => {
+//       if (err) {
+//         res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
+//         return;
+//       } 
+    
+      var ProfileEvents = new EventEmitter();
+      var profile = Array.isArray(req.body) ? req.body : [ req.body ];
+      var multi = profile.length > 1;
+
+      ProfileEvents.once('create', (err, result) => {
+        if (err) {
+          res.status(500).json({ message: 'Could not create profile' + (multi ? 's' : ''), err: err, profile: profile });
+        }
+
+        if (result) {
+          res.status(200).json(result);
+        }
+      });
+
+      Profiles.create(ProfileEvents, profile);
+//     });
+  })
 	.put( update );
 
 module.exports = Router;