From 56f94bab678e8706539a59786db670037610e955 Mon Sep 17 00:00:00 2001 From: Christina Date: Sun, 22 Mar 2020 13:57:35 +0200 Subject: [PATCH] Review fixes --- src/api/controllers/UserController.js | 38 +++++++++++++++------------ src/api/models/ActionModel.js | 7 ++--- src/api/models/TeamModel.js | 2 +- src/api/routes/action.js | 16 +++-------- src/api/routes/contact.js | 2 +- src/api/routes/user.js | 7 +---- 6 files changed, 32 insertions(+), 40 deletions(-) diff --git a/src/api/controllers/UserController.js b/src/api/controllers/UserController.js index 63301f4..ba3a748 100644 --- a/src/api/controllers/UserController.js +++ b/src/api/controllers/UserController.js @@ -35,21 +35,24 @@ module.exports = { changePassword: (req, res) => {}, getProfile: (req, res) => { - User.findOne({ _id: req.params.userId }) - .exec() - .then(user => { - user = sanitizeUser(user); - res.status(200).json({ user }); - }) - .catch(err => { - console.error(`Error during user find():\n${err}`); - res.status(500).send(); - }); + if (req.params.user_id === req.userData.userId) { + User.findOne({ _id: req.params.user_id }) + .exec() + .then(user => { + user = sanitizeUser(user); + res.status(200).json({ user }); + }) + .catch(err => { + console.error(`Error during user find():\n${err}`); + res.status(500).send(); + }); + } else { + res.status(401).send(); + } }, - getSelfProfile: (req, res, next) => { - req.params.userId = req.userData.userId; - next(); + getSelfProfile: (req, res) => { + res.redirect(`/users/${req.userData.userId}/profile`); }, login: (req, res) => { @@ -110,18 +113,19 @@ module.exports = { if (err.name === "ValidationError") { if (err.errors.email) { if (err.errors.email.kind === "regexp") { - res.status(500).json({ error: "Invalid email address" }); + res.status(400).json({ error: "Invalid email address" }); } else if (err.errors.email.kind === "unique") { - res.status(500).json({ error: "Email already exists" }); + res.status(400).json({ error: "Email already exists" }); } } if (err.errors.username) { if (err.errors.username.kind === "unique") { - res.status(500).json({ error: "Username already exists" }); + res.status(400).json({ error: "Username already exists" }); } } - res.status(500).json(err); + console.error(err); + res.status(500).send(); } else { console.error(`Error during user save():\n${err}`); res.status(500).json(err); diff --git a/src/api/models/ActionModel.js b/src/api/models/ActionModel.js index 7a0e481..a115849 100644 --- a/src/api/models/ActionModel.js +++ b/src/api/models/ActionModel.js @@ -3,7 +3,7 @@ const mongo = require("mongoose"); const ActionSchema = new mongo.Schema({ name: { type: String, required: true }, description: { type: String }, - type: { type: [mongo.Schema.Types.ObjectId] }, + categories: { type: [mongo.Schema.Types.ObjectId] }, location: { type: { type: String, @@ -15,10 +15,11 @@ const ActionSchema = new mongo.Schema({ required: true } }, - date: { type: Date }, + date: { type: Date, required: true }, photo: { type: String }, organizer: { - _id: { type: mongo.Schema.Types.ObjectId }, + required: true, + organizerId: { type: mongo.Schema.Types.ObjectId }, isTeam: { type: Boolean } }, attendees: { type: [mongo.Schema.Types.ObjectId] } diff --git a/src/api/models/TeamModel.js b/src/api/models/TeamModel.js index 037b7bf..8a6a6b4 100644 --- a/src/api/models/TeamModel.js +++ b/src/api/models/TeamModel.js @@ -4,7 +4,7 @@ const TeamSchema = new mongo.Schema({ name: { type: String, required: true }, description: { type: String }, logo: { type: String }, - owner: { type: mongo.Schema.Types.ObjectId }, + owner: { type: mongo.Schema.Types.ObjectId, required: true }, members: { type: [mongo.Schema.Types.ObjectId] }, categories: { type: [String] } }); diff --git a/src/api/routes/action.js b/src/api/routes/action.js index 1ad83fc..5ab84f2 100644 --- a/src/api/routes/action.js +++ b/src/api/routes/action.js @@ -45,28 +45,20 @@ router.post( /* Attendants */ -router.post( - "/:action_id/attendees/:user_id", - checkAuth, - ActionUserController.addAttendant -); +router.post("/:action_id/attend", checkAuth, ActionUserController.addAttendant); router.delete( - "/:action_id/attendees/:user_id", + "/:action_id/attend", checkAuth, ActionUserController.removeAttendant ); /* Saved Actions */ -router.post( - "/:action_id/saved/:user_id", - checkAuth, - ActionUserController.addSavedAction -); +router.post("/:action_id/save", checkAuth, ActionUserController.addSavedAction); router.delete( - "/:action_id/saved/:user_id", + "/:action_id/save", checkAuth, ActionUserController.removeSavedAction ); diff --git a/src/api/routes/contact.js b/src/api/routes/contact.js index 93b85d3..1f76bc7 100644 --- a/src/api/routes/contact.js +++ b/src/api/routes/contact.js @@ -3,6 +3,6 @@ const router = express.Router(); const ContactFormController = require("../controllers/ContactFormController"); -router.post("/", ContactFormController.contact); +router.post("/submit", ContactFormController.contact); module.exports = router; diff --git a/src/api/routes/user.js b/src/api/routes/user.js index 9bf87f2..d130fff 100644 --- a/src/api/routes/user.js +++ b/src/api/routes/user.js @@ -7,12 +7,7 @@ const UserController = require("../controllers/UserController"); /* User Profile */ -router.get( - "/me/profile", - checkAuth, - UserController.getSelfProfile, - UserController.getProfile -); +router.get("/me/profile", checkAuth, UserController.getSelfProfile); router.patch("/me/profile", checkAuth, UserController.updateProfile);