const db = require('../database')const Errors = require('../common/errors')con

1. const db = require('../database')
2. const Errors = require('../common/errors')
3. const crypto = require('../common/crypto')
4. const Mailers = require('../mailers')
5. const Mailing = require('../helpers/mailing')
6. const Status = require('../models/user-status')
7. const ActivitiesService = require('./activities-service')
8. const ResponseBuilder = require('./response-builders/user-response')
9. const UserValidator = require('../validation/model/user')
10.  
11. async function getUserBySlug(slug) {
12. const user = await db.User.findOne({
13. where: {
14. slug,
15. emailConfirmedAt: { $ne: null },
16. status: Status.ACTIVE,
17. },
18. include: [
19. {
20. model: db.Board.scope('active'),
21. as: 'boards',
22. required: false,
23. include: [
24. {
25. model: db.Item,
26. as: 'items',
27. through: { as: 'boardItem' },
28. required: false,
29. include: [
30. { model: db.BoardItem, as: 'boardsItems' },
31. ],
32. },
33. ],
34. },
35. ],
36. order: [
37. [
38. { model: db.Board, as: 'boards' },
39. 'position',
40. 'ASC',
41. ],
42. [
43. { model: db.Board, as: 'boards' },
44. { model: db.Item, as: 'items' },
45. { model: db.BoardItem, as: 'boardsItems' },
46. 'position',
47. 'ASC',
48. ],
49. ],
50. })
51.  
52. if (!user) {
53. throw new Errors.RecordNotFoundError('User does not exist')
54. }
55.  
56. return user
57. }
58.  
59. async function updateBoardPosition(id, userId, position, transaction) {
60. const board = await db.Board.findOne({
61. where: {
62. id,
63. userId,
64. status: Status.ACTIVE,
65. },
66. })
67.  
68. if (!board) {
69. throw new Errors.RecordNotFoundError(`Board with id ${id} does not exist`)
70. }
71.  
72. await board.update({ position }, { transaction })
73. }
74.  
75. module.exports = {
76. async showUser(slug) {
77. const user = await getUserBySlug(slug)
78.  
79. return {
80. user: ResponseBuilder.profile(user),
81. }
82. },
83.  
84. async register(data) {
85. await UserValidator.validateData(data)
86.  
87. const user = await db.User.create(Object.assign(data, {
88. status: Status.PENDING_EMAIL,
89. }))
90. Mailing.send(Mailers.UserMailer.confirmEmail(user))
91.  
92. return ResponseBuilder.signedUser(user)
93. },
94.  
95. async signIn(data) {
96. const user = await db.User.findOne({
97. where: {
98. email: data.email,
99. },
100. })
101.  
102. if (user && await crypto.comparePasswords(data.password, user.password)) {
103. return ResponseBuilder.signedUser(user)
104. }
105.  
106. throw new Errors.BadRequestError('User could not be signed in')
107. },
108.  
109. async confirmEmail(id, data) {
110. const user = await db.User.findOne({
111. where: {
112. id,
113. emailConfirmationToken: data.emailConfirmationToken,
114. emailConfirmedAt: { $eq: null },
115. status: Status.PENDING_EMAIL,
116. },
117. })
118.  
119. if (user) {
120. await user.update({
121. emailConfirmationToken: null,
122. emailConfirmedAt: new Date(),
123. status: Status.PENDING_USERNAME,
124. })
125. return ResponseBuilder.signedUser(user)
126. }
127.  
128. throw new Errors.BadRequestError('Email could not be confirmed')
129. },
130.  
131. async resendEmailConfirmation(data) {
132. const user = await db.User.findOne({
133. where: {
134. email: data.email,
135. status: Status.PENDING_EMAIL,
136. },
137. })
138.  
139. if (!user) {
140. const msg = `User with email ${data.email} and ${Status.PENDING_EMAIL} status does not exist`
141. throw new Errors.RecordNotFoundError(msg)
142. }
143.  
144. Mailing.send(Mailers.UserMailer.confirmEmail(user))
145.  
146. return ResponseBuilder.signedUser(user)
147. },
148.  
149. async requestPasswordReset(data) {
150. const user = await db.User.findOne({ where: { email: data.email } })
151.  
152. if (!user) {
153. throw new Errors.RecordNotFoundError(`User with email ${data.email} does not exist`)
154. }
155.  
156. const passwordResetToken = await crypto.generateCommonToken()
157.  
158. await user.update({
159. passwordResetToken,
160. })
161.  
162. Mailing.send(Mailers.UserMailer.resetPassword(user))
163. },
164.  
165. async setNewPassword(data) {
166. const user = await db.User.findOne({
167. where: {
168. passwordResetToken: data.passwordResetToken,
169. },
170. })
171.  
172. if (user) {
173. const password = await crypto.hashPassword(data.password)
174.  
175. await user.update({
176. password,
177. passwordResetToken: null,
178. })
179.  
180. return ResponseBuilder.signedUser(user)
181. }
182.  
183. throw new Errors.BadRequestError('Password could not be changed')
184. },
185.  
186. async setUsername(id, data) {
187. const user = await db.User.findOne({
188. where: {
189. id,
190. status: Status.PENDING_USERNAME,
191. },
192. })
193.  
194. if (!user) {
195. const msg = `User with id ${id} and status ${Status.PENDING_USERNAME} does not exist`
196.  
197. throw new Errors.RecordNotFoundError(msg)
198. }
199.  
200. await UserValidator.validateData(data, id)
201.  
202. await user.update(Object.assign(data, {
203. status: Status.ACTIVE,
204. }))
205.  
206. ActivitiesService.create(user, user.id)
207.  
208. return ResponseBuilder.signedUser(user)
209. },
210.  
211. async validateUser(data) {
212. const errors = await UserValidator.userErrors(data)
213. const valid = Object.keys(errors).length === 0
214.  
215. return {
216. valid,
217. errors,
218. }
219. },
220.  
221. async updateUser(data, user) {
222. await user.update(data)
223.  
224. return ResponseBuilder.signedUser(user)
225. },
226.  
227. async authFromFacebook(facebookUser) {
228. const facebookIdMatchUser = await db.User.findOne({ where: { facebookId: facebookUser.id } })
229. if (facebookIdMatchUser) {
230. return ResponseBuilder.signedUser(facebookIdMatchUser)
231. }
232.  
233. const emailMatchUser = await db.User.findOne({ where: { email: facebookUser.email } })
234. if (emailMatchUser) {
235. const data = { facebookId: facebookUser.id }
236.  
237. if (emailMatchUser.status === Status.PENDING_EMAIL) {
238. data.status = Status.PENDING_USERNAME
239. data.emailConfirmationToken = null
240. data.emailConfirmedAt = new Date()
241. }
242.  
243. await emailMatchUser.update(data)
244.  
245. return ResponseBuilder.signedUser(emailMatchUser)
246. }
247.  
248. // random password
249. const password = await crypto.generateCommonToken()
250.  
251. const user = await db.User.create({
252. email: facebookUser.email,
253. name: [facebookUser.first_name, facebookUser.last_name].join(' '),
254. password,
255. facebookId: facebookUser.id,
256. status: Status.PENDING_USERNAME,
257. emailConfirmationToken: null,
258. emailConfirmedAt: new Date(),
259. })
260.  
261. return ResponseBuilder.signedUser(user)
262. },
263.  
264. async updateBoardsOrder(slug, data) {
265. let user = await getUserBySlug(slug)
266.  
267. if (user.boards.length !== data.boards.length) {
268. throw new Errors.BadRequestError('Wrong number of Boards')
269. }
270.  
271. const transaction = await db.sequelize.transaction()
272.  
273. try {
274. await Promise.all(data.boards.map(board =>
275. updateBoardPosition(board.id, user.id, board.position, transaction)
276. ))
277.  
278. await transaction.commit()
279. } catch (err) {
280. await transaction.rollback()
281. throw err
282. }
283.  
284. // refetch user again to obtain ordered boards
285. user = await getUserBySlug(slug)
286.  
287. return {
288. user: ResponseBuilder.profile(user),
289. }
290. },
291. }