Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- 'use strict';
- // Article authorization helpers
- var hasAuthorization = function(req, res, next) {
- if (!req.user.isAdmin && !req.article.user._id.equals(req.user._id)) {
- return res.status(401).send('User is not authorized');
- }
- next();
- };
- var hasPermissions = function(req, res, next) {
- req.body.permissions = req.body.permissions || ['authenticated'];
- for (var i = 0; i < req.body.permissions.length; i++) {
- var permission = req.body.permissions[i];
- if (req.acl.user.allowed.indexOf(permission) === -1) {
- return res.status(401).send('User not allowed to assign ' + permission + ' permission.');
- };
- };
- next();
- };
- /* jshint -W098 */
- // The Package is past automatically as first parameter
- module.exports = function(Customsystem, app, auth, database) {
- var extra = require('../controllers/extra');
- app.post('/api/sendmandrillmail',extra.sendMandrillTemplate);
- var users = require('../controllers/customuser');
- app.get('/api/custom/users/all', users.all);
- app.get('/api/custom/users/:cuserId', users.me);
- app.post('/api/custom/users', users.create);
- app.put('/api/custom/users/:cuserId', users.update);
- app.delete('/api/custom/users/:cuserId', auth.requiresAdmin, users.destroy);
- app.param('cuserId', users.user);
- var activity = require('../controllers/activity')(Customsystem);
- app.get('/api/activity', activity.all);
- app.post('/api/activity',auth.requiresLogin,hasPermissions, activity.create);
- app.put('/api/activity/:aId', auth.requiresAdmin, activity.update);
- app.delete('/api/activity/:aId', auth.requiresAdmin, activity.destroy);
- app.param('aId', activity.activity);
- var loan = require('../controllers/loan')(Customsystem);
- app.get('/api/loan/all', loan.all);///
- app.get('/api/loan/:lId', loan.loan);
- app.get('/api/loan/client/:clientsId', loan.clientLoan)
- app.post('/api/loan', loan.create);
- app.put('/api/loan/:lId', auth.requiresAdmin, loan.update);
- app.delete('/api/loan/:lId', auth.requiresAdmin, loan.destroy);
- app.param('lId', loan.loan);
- var calllog = require('../controllers/callcontrol')(Customsystem);
- app.get('/api/callLog', calllog.all);
- app.post('/api/callLog', calllog.create);
- app.put('/api/callLog/:clId', calllog.update);
- app.delete('/api/callLog/:clId', calllog.destroy);
- app.param('clId', calllog.callLog);
- var smslog = require('../controllers/smscontrol')(Customsystem);
- app.get('/api/smsLog', smslog.all);
- app.post('/api/smsLog', smslog.create);
- app.put('/api/smsLog/:smId', smslog.update);
- app.delete('/api/smsLog/:smId', smslog.destroy);
- app.param('smId', smslog.smsLog);
- };
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement