API tools faq
paste
Advertisement
Guest User

Untitled

a guest
May 23rd, 2016
85
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 15.12 KB | None | 0 0
raw download clone embed print report
  1. var uuid = require('node-uuid');
  2. function ContentHandler(database){
  3. var crypto = require("crypto")
  4. var mongo = require("mongodb")
  5. this.displayMainPage = function(req,res,next){
  6. console.log("page " + req.userName);
  7. return res.render('HomePage');
  8. }
  9. this.displayAdvancedSearchPage = function(req,res,next){
  10. console.log("AdvancedSearchPage");
  11. return res.render('AdvancedSearchPage');
  12. }
  13. this.displayAboutPage = function(req,res,next){
  14. console.log("displayAboutPage");
  15. return res.render('About');
  16. }
  17. this.displayRegisterPage = function(req,res,next){
  18. console.log("displayRegisterPage");
  19. return res. render('CreateUserPage');
  20. }
  21. this.displayLoginPage = function(req,res,next){
  22. console.log("displayLoginPage");
  23. return res. render('LoginPage');
  24. }
  25. this.handleRegisterRequest = function(req,res,next){
  26. console.log(req.body);
  27. var email = req.body.email;
  28. var emailRegex = /[a-zA-Z\-\_0-9]+@[a-zA-Z\-\_0-9]+\.[a-zA-Z\-\_0-9]+/;
  29. var _errors = {};
  30. if (!email || !email.match(emailRegex)){
  31. _errors.email = "Emailul nu este valid"
  32. }
  33. if (!req.body.password || !(6 <= req.body.password.length && req.body.password.length <= 20)){
  34. _errors.password = "Parola trebuie sa aiba intre 6 si 20 caractere"
  35. }
  36. if(!req.body.password || !req.body.password2 || req.body.password != req.body.password2){
  37. _errors.password2 = "Parolele nu coincid"
  38. }
  39. if(!req.body.firstName){
  40. _errors.firstName = "Nume invalid"
  41. }
  42. if(!req.body.lastName){
  43. _errors.lastName = "Prenume invalid"
  44. }
  45. if(Object.keys(_errors).length){
  46. console.log(_errors)
  47. return res.send({"_errors":_errors})
  48. }
  49.  
  50. var passwordHash = crypto.createHash("md5");
  51.  
  52. passwordHash.update(req.body.password)
  53.  
  54. var insertedDocument = {
  55. "_id" : email,
  56. "firstName" : req.body.firstName,
  57. "lastName" : req.body.lastName,
  58. "password" : passwordHash.digest("hex")
  59. }
  60. database.collection("users").insert(insertedDocument,function(err,result){
  61. console.log(err);
  62. console.log(result);
  63. if (err){
  64.  
  65. if (err.code = "11000"){
  66. _errors.email = "Exista deja un utilizator cu acest email"
  67. return res.send({"_errors":_errors})
  68. } else {
  69. return res.sendStatus(500);
  70. }
  71. }
  72. else {
  73. return res.sendStatus(200);
  74. }
  75. })
  76.  
  77. }
  78. this.handleLoginRequest = function(req,res,next){
  79. console.log(req.body);
  80. var email = req.body.email;
  81. var emailRegex = /[a-zA-Z\-\_0-9]+@[a-zA-Z\-\_0-9]+\.[a-zA-Z\-\_0-9]+/;
  82. var _errors = {};
  83. if (!email || !email.match(emailRegex)){
  84. _errors.email = "Emailul nu este valid"
  85. }
  86. if (!req.body.password || !(6 <= req.body.password.length && req.body.password.length <= 20)){
  87. _errors.password = "Parola trebuie sa aiba intre 6 si 20 caractere"
  88. }
  89. if(Object.keys(_errors).length){
  90. console.log(_errors)
  91. return res.send({"_errors":_errors})
  92. }
  93. var passwordHash = crypto.createHash("md5");
  94.  
  95. passwordHash.update(req.body.password)
  96.  
  97. var searchedDocument = {
  98. "_id" : email,
  99. "password" : passwordHash.digest("hex")
  100. }
  101. database.collection("users").findOne(searchedDocument, function(err,result){
  102. if (err){
  103. return res.sendStatus(500);
  104. }
  105. if (result){
  106. console.log("User logat")
  107. var uuid4 = uuid.v4();
  108.  
  109. database.collection("sessions").insert({user:req.body.email,"sessionID":uuid4,"date":new Date()}, function(err1,result1){
  110. if (err1 || !result1){
  111. return res.sendStatus(500);
  112. } else {
  113. res.cookie("sessionID",uuid4);
  114. res.cookie("user",req.body.email);
  115. return res.send();
  116. }
  117. })
  118. } else {
  119. return res.send({"_errors": "User sau parola incorecta"})
  120. }
  121. })
  122.  
  123. }
  124.  
  125. this.handleLogoutRequest = function(req,res,next){
  126. var sessionID = req.cookies.sessionID;
  127. database.collection("sessions").remove({"sessionID":sessionID}, function(err,result){
  128. res.clearCookie("sessionID");
  129. res.clearCookie("user");
  130. return res.send();
  131. })
  132. }
  133.  
  134. this.isLoggedInMiddleware = function(req,res,next){
  135. var userName = req.cookies.user;
  136. var sessionID = req.cookies.sessionID;
  137. if(!userName || !sessionID){
  138. console.log("Userul nu este logat");
  139. return next();
  140. }
  141. database.collection("sessions").findOne({"user":userName,"sessionID":sessionID}, function(err,result){
  142. if(err || !result){
  143. console.log("Userul nu este logat");
  144. return next();
  145. } else {
  146. console.log("Userul este logat");
  147. req.userName = userName;
  148. database.collection("users").findOne({"_id":userName, "isAdmin":true}, function(err1,result1){
  149. if(result1){
  150. req.isAdmin = true;
  151. console.log("Userul logat este admin");
  152. }
  153. return next();
  154. })
  155. }
  156. })
  157.  
  158. }
  159. this.displayUserPage = function(req,res,next){
  160. if(!req.userName){
  161. return res.render('ErrorPage',{"error" : "Va rugam sa va logati pentru a continua"})
  162. } else {
  163. if(req.isAdmin){
  164. console.log("render AdminUserPage");
  165. return res.render("AdminUserPage");
  166. } else return res.render("UserPage");
  167. }
  168. }
  169. this.getMyReviews = function(req,res,next){
  170. if (!req.userName){
  171. return res.sendStatus(204);
  172. }
  173. database.collection("reviews").find({"author":req.userName}).sort({"reviewDate":-1}).toArray(function(err,result){
  174. if(err){
  175. return res.sendStatus(500);
  176. } else {
  177. return res.send(result);
  178. }
  179. })
  180. }
  181. this.displayWriteReviewPage = function(req,res,next){
  182.  
  183. if(!req.userName){
  184. return res.render('ErrorPage',{"error" : "Va rugam sa va logati pentru a continua"})
  185. } else {
  186. return res.render("writeReviewPage");
  187. }
  188. }
  189.  
  190. var normaliseString = function(string){
  191. console.log(string);
  192. string = string.trim();
  193. console.log(string.charAt(0).toUpperCase() + string.slice(1).toLowerCase());
  194. return string.charAt(0).toUpperCase() + string.slice(1).toLowerCase();
  195. }
  196.  
  197. this.sendReview = function(req,res,next){
  198. if(!req.userName){
  199. return res.sendStatus(403);
  200. }
  201. var errors = {}
  202. if(!req.body.reviewTitle){
  203. errors["reviewTitle"] = "Introduceti un titlu";
  204. } else {
  205. if (req.body.reviewTitle.length > 100) {
  206. errors["reviewTitle"] = "Titlul trebuie sa aiba maxim 100 de caractere";
  207. }
  208. }
  209. if(!req.body.reviewText){
  210. errors["reviewText"] = "Introduceti un text";
  211. } else {
  212. if (req.body.reviewText.length > 10000) {
  213. errors["reviewText"] = "Textul trebuie sa aiba maxim 10000 de caractere";
  214. }
  215. }
  216. if(!req.body.plants){
  217. errors["plants"] = "Introduceti cel putin o planta";
  218. } else {
  219. if (req.body.plants.length > 10000) {
  220. errors["plants"] = "Textul trebuie sa aiba maxim 10000 de caractere";
  221. }
  222. }
  223. if(!req.body.producer){
  224. errors["producer"] = "Textul trebuie sa aiba maxim 10000 de caractere";
  225. } else {
  226. if (req.body.plants.length > 10000) {
  227. errors["plants"] = "Textul trebuie sa aiba maxim 10000 de caractere";
  228. }
  229. }
  230. if(req.body.uses && req.body.uses.length > 10000){
  231. errors["uses"] = "Textul trebuie sa aiba maxim 10000 de caractere";
  232. }
  233.  
  234. if(Object.keys(errors).length){
  235. console.log(errors)
  236. return res.send({"_errors":errors})
  237. }
  238. var uses = req.body.uses.match(/(?=\S)[^,]+?(?=\s*(,|$))/g);
  239. for(var i=0;i<uses.length;++i){
  240. uses[i]=normaliseString(uses[i]);
  241. }
  242. var plants = req.body.plants.match(/(?=\S)[^,]+?(?=\s*(,|$))/g);
  243. for(var i=0;i<plants.length;++i){
  244. plants[i]=normaliseString(plants[i]);
  245. }
  246. var insertedDocument = {
  247. "isApprovedByAdmin":false,
  248. "author" : req.userName,
  249. "reviewDate": new Date(),
  250. "reviewTitle":req.body.reviewTitle,
  251. "reviewText":req.body.reviewText,
  252. "uses" : uses,
  253. "plants" : plants,
  254. "producer" : req.body.producer
  255. }
  256. database.collection("reviews").insert(insertedDocument,function(err,result){
  257. if(err){
  258. return res.sendStatus(500);
  259. } else {
  260. return res.sendStatus(200);
  261. }
  262. })
  263. }
  264. this.getUnapprovedReviews = function(req,res,next){
  265. if(!req.isAdmin){
  266. return sendStatus(204);
  267. }
  268. database.collection("reviews").find({"isApprovedByAdmin":false}).sort({reviewDate:-1}).toArray(function(err,array){
  269. if (err){
  270. return res.sendStatus(500);
  271. } else {
  272. return res.send(array);
  273. }
  274. })
  275. }
  276. this.getUserList = function(req,res,next){
  277. if(!req.isAdmin){
  278. return sendStatus(204);
  279. }
  280. database.collection("users").find({_id:{"$ne":req.userName}},{isAdmin:true}).sort({_id:1}).toArray(function(err,array){
  281. if (err){
  282. return res.sendStatus(500);
  283. } else {
  284. return res.send(array);
  285. }
  286. })
  287. }
  288. this.handleReview = function(req,res,next){
  289. if (!req.isAdmin){
  290. return sendStatus(403);
  291. }
  292. var _id = req.body._id;
  293. if(_id && (_id.length==12 || _id.length==24)){
  294. _id = mongo.ObjectID.createFromHexString(_id);
  295. }
  296. var action = req.body.action;
  297. if (action == "delete"){
  298. database.collection("reviews").remove({"_id":_id}, function(err,result){
  299. if (err){
  300. return res.sendStatus(500);
  301. } else {
  302. return res.sendStatus(200);
  303. }
  304. })
  305. }
  306. if (action == "approve"){
  307. database.collection("reviews").update({"_id":_id},{"$set":{"isApprovedByAdmin":true}}, function(err,result){
  308. if (err){
  309. console.log(err);
  310. return res.sendStatus(500);
  311. } else {
  312. return res.sendStatus(200);
  313. }
  314. })
  315. }
  316. if(action!="delete" && action!="approve"){
  317. return res.sendStatus(400);
  318. }
  319.  
  320. }
  321.  
  322. this.changeAdminRights = function(req,res,next){
  323. if (!req.isAdmin){
  324. return sendStatus(403);
  325. }
  326. var _id = req.body._id;
  327. if(_id == req.userName){
  328. return res.sendStatus(200);
  329. }
  330. var action = req.body.action;
  331. if (action == "promote"){
  332. database.collection("users").update({"_id":_id},{"$set":{"isAdmin":true}}, function(err,result){
  333. if (err){
  334. console.log(err);
  335. return res.sendStatus(500);
  336. } else {
  337. return res.sendStatus(200);
  338. }
  339. })
  340. }
  341. if (action == "demote"){
  342. database.collection("users").update({"_id":_id},{"$unset":{"isAdmin":true}}, function(err,result){
  343. if (err){
  344. console.log(err);
  345. return res.sendStatus(500);
  346. } else {
  347. return res.sendStatus(200);
  348. }
  349. })
  350. }
  351.  
  352. }
  353.  
  354. this.getReviews = function(req,res,next){
  355. // /getReviews?hoursAgo=24&sortBy=nrComments&limit=3&skip=3&user=florin92m@yahoo.com&isApproved=1
  356. var queryDoc = {};
  357. var sortDoc = {};
  358. var projectDoc = {};
  359. if (!req.isAdmin){
  360. queryDoc["isApprovedByAdmin"] = true;
  361. }
  362. if(req.query.hoursAgo){
  363. var now = new Date();
  364. var minDate = now.getTime() - parseInt(req.query.hoursAgo) * 3600 * 1000;
  365. minDate = new Date(minDate);
  366. queryDoc["reviewDate"] = {"$gt": minDate}
  367. }
  368. if(req.query.user){
  369. queryDoc["author"] = req.query.user;
  370. }
  371. if(req.query.sortBy){
  372. switch(req.query.sortBy){
  373. case "nrComments": sortDoc["nrComments"] = -1; break;
  374. case "date" : sortDoc["reviewDate"] = -1; break;
  375. }
  376. }
  377. if (req.query.isApproved){
  378. console.log("Am ajuns");
  379. if (parseInt(req.query.isApproved) == 0 && req.isAdmin){
  380. queryDoc["isApprovedByAdmin"] = false;
  381. } else {
  382. queryDoc["isApprovedByAdmin"] = true;
  383. }
  384. }
  385. if(req.query.plants){
  386. var plants = req.query.plants;
  387. if (typeof plants === 'string' || plants instanceof String){
  388. plants = plants.match(/(?=\S)[^,]+?(?=\s*(,|$))/g);
  389. } else {
  390. plants = JSON.parse(req.query.plants);
  391. }
  392. for(var i=0;i<plants.length;++i){
  393. plants[i]=normaliseString(plants[i]);
  394. }
  395. if (req.query.allPlants == "1"){
  396. queryDoc["plants"] = {"$all" : plants};
  397. } else {
  398. queryDoc["plants"] = {"$in" : plants};
  399. }
  400. }
  401. if(req.query.uses){
  402. var uses = req.query.uses;
  403. if (typeof uses === 'string' || uses instanceof String){
  404. uses = uses.match(/(?=\S)[^,]+?(?=\s*(,|$))/g);
  405. } else {
  406. uses = JSON.parse(req.query.uses);
  407. }
  408. for(var i=0;i<uses.length;++i){
  409. uses[i]=normaliseString(uses[i]);
  410. }
  411. if (req.query.allUses == "1"){
  412. queryDoc["uses"] = {"$all" : uses};
  413. } else {
  414. queryDoc["uses"] = {"$in" : uses};
  415. }
  416. }
  417. if(req.query.title){
  418. if (req.query.exactTitle == "1"){
  419. queryDoc["reviewTitle"] = req.query.title;
  420. } else {
  421. var splited = req.query.title.split(' ');
  422. var regex = "";
  423. for(var i=0;i<splited.length;++i){
  424. regex = regex + splited[i] + '\\s*';
  425. }
  426. regex = new RegExp(regex,'i');
  427. queryDoc["reviewTitle"] = regex;
  428. }
  429. }
  430. if(req.query.producer){
  431. if (req.query.exactProducer == "1"){
  432. queryDoc["producer"] = req.query.producer;
  433. } else {
  434. var splited = req.query.producer.split(' ');
  435. var regex = "";
  436. for(var i=0;i<splited.length;++i){
  437. regex = regex + splited[i] + '\\s*';
  438. }
  439. regex = new RegExp(regex,'i');
  440. queryDoc["producer"] = regex;
  441. }
  442. }
  443. if(req.query.text){
  444. queryDoc["$text"] = {"$search":req.query.text};
  445. if (!req.query.sortBy || req.query.sortBy == "relevance"){
  446. projectDoc["score"] = { $meta: "textScore" }
  447. sortDoc["score"] = { $meta: "textScore" }
  448. }
  449. }
  450. var skipNumber = 0;
  451. if(req.query.skip){
  452. skipNumber = parseInt(req.query.skip)
  453. }
  454. var limitNumber = 10;
  455. if(req.query.limit){
  456. limitNumber = parseInt(req.query.limit)
  457. }
  458. console.log(queryDoc);
  459. console.log(sortDoc);
  460. console.log(skipNumber);
  461. console.log(limitNumber);
  462. database.collection("reviews").find(queryDoc,projectDoc).sort(sortDoc).skip(skipNumber).limit(limitNumber).toArray(function(err,array){
  463. if (err) {
  464. return res.sendStatus(500);
  465. } else {
  466. return res.send(array);
  467. }
  468. })
  469. }
  470.  
  471. this.displayAllReviewsPage = function(req,res,next){
  472. return res.render('allReviewsPage');
  473. }
  474.  
  475. this.displayReviewPage = function(req,res,next){
  476. return res.render('reviewPage',{"reviewID":req.params.id,"userName":req.userName})
  477. }
  478.  
  479. this.getReview = function(req,res,next){
  480. var _id = req.query.id;
  481. if(_id && (_id.length==12 || _id.length==24)){
  482. _id = mongo.ObjectID.createFromHexString(_id);
  483. }
  484. var queryDoc = {"_id":_id};
  485. // if (!req.isAdmin){
  486. // queryDoc["isApprovedByAdmin"] = true;
  487. // }
  488. database.collection("reviews").findOne(queryDoc,function(err,result){
  489. if (err){
  490. return res.sendStatus(500);
  491. } else {
  492. if (!result) {
  493. return res.sendStatus(204);
  494. } else {
  495. if (result["isApprovedByAdmin"] == false) {
  496. if (req.isAdmin || result["author"] == req.userName){
  497. return res.send(result);
  498. } else {
  499. return res.sendStatus(204);
  500. }
  501. } else {
  502. return res.send(result);
  503. }
  504. }
  505. }
  506. })
  507. }
  508.  
  509. this.addComment = function(req,res,next){
  510. var comment = {"text":req.body.comment, "author":req.userName, "date":new Date()}
  511. if (!req.userName){
  512. return res.sendStatus(403);
  513. }
  514. if (!(req.body.comment && 0 < req.body.comment.length && req.body.comment.length <= 1000)){
  515. return res.sendStatus(400);
  516. }
  517. var _id = req.body.id;
  518. if(_id && (_id.length==12 || _id.length==24)){
  519. _id = mongo.ObjectID.createFromHexString(_id);
  520. }
  521.  
  522. database.collection("reviews").update({"_id":_id}, {"$push":{"comments":comment},"$inc":{"nrComments":1}}, function(err,result){
  523. if (err) {
  524. return res.sendStatus(500);
  525. } else {
  526. return res.sendStatus(200);
  527. }
  528. })
  529. }
  530.  
  531. }
  532.  
  533. module.exports = ContentHandler;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!