skyquake/framework/core/modules/routes/navigation.js

   1
   2 /*
   3  *
   4  *   Copyright 2016 RIFT.IO Inc
   5  *
   6  *   Licensed under the Apache License, Version 2.0 (the "License");
   7  *   you may not use this file except in compliance with the License.
   8  *   You may obtain a copy of the License at
   9  *
  10  *       http://www.apache.org/licenses/LICENSE-2.0
  11  *
  12  *   Unless required by applicable law or agreed to in writing, software
  13  *   distributed under the License is distributed on an "AS IS" BASIS,
  14  *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  15  *   See the License for the specific language governing permissions and
  16  *   limitations under the License.
  17  *
  18  */
  19
  20 /**
  21  * navigation routes module. Provides a RESTful API for this
  22  * skyquake instance's navigation state.
  23  * @module framework/core/modules/routes/navigation
  24  * @author Kiran Kashalkar <kiran.kashalkar@riftio.com>
  25  */
  26
  27 var cors = require('cors');
  28 var bodyParser = require('body-parser');
  29 var navAPI = require('../api/navigation');
  30 var Router = require('express').Router();
  31 var utils = require('../../api_utils/utils');
  32 var configurationAPI = require('../api/configuration');
  33 var csrfCheck = require('../../api_utils/csrf').csrfCheck;
  34
  35 Router.use(bodyParser.json());
  36 Router.use(cors());
  37 Router.use(bodyParser.urlencoded({
  38     extended: true
  39 }));
  40
  41 //Should have a way of adding excluded routes to this via plugin registry, instead of hard coding
  42 Router.use(/^(?!.*(login\/idp|session|composer\/upload|composer\/update)).*/, function(req, res, next) {
  43     var api_server = req.query['api_server'] || (req.protocol + '://' + configurationAPI.globalConfiguration.get().api_server);
  44     if (req.session && req.session.loggedIn) {
  45         switch (req.method) {
  46             case 'POST':
  47             case 'PUT':
  48                 csrfCheck(req, res, next);
  49                 break;
  50             default:
  51                 next();
  52                 break;
  53         }
  54     } else {
  55         console.log('Redirect to login.html');
  56         res.redirect(utils.buildRedirectURL(req, configurationAPI.globalConfiguration, 'login', '&referer=' + encodeURIComponent(req.headers.referer)));
  57     }
  58 });
  59
  60
  61 Router.get('/nav', cors(), function(req, res) {
  62     navAPI.get(req).then(function(data) {
  63         utils.sendSuccessResponse(data, res);
  64     }, function(error) {
  65         utils.sendErrorResponse(error, res);
  66     });
  67 });
  68
  69 Router.get('/nav/:plugin_id', cors(), function(req, res) {
  70     navAPI.get(req).then(function(data) {
  71         utils.sendSuccessResponse(data, res);
  72     }, function(error) {
  73         utils.sendErrorResponse(error, res);
  74     });
  75 });
  76
  77 Router.post('/nav/:plugin_id', cors(), function(req, res) {
  78     navAPI.create(req).then(function(data) {
  79         utils.sendSuccessResponse(data, res);
  80     }, function(error) {
  81         utils.sendErrorResponse(error, res);
  82     });
  83 });
  84
  85 Router.put('/nav/:plugin_id/:route_id', cors(), function(req, res) {
  86     navAPI.update(req).then(function(data) {
  87         utils.sendSuccessResponse(data, res);
  88     }, function(error) {
  89         utils.sendErrorResponse(error, res);
  90     });
  91 });
  92
  93 Router.delete('/nav/:plugin_id/:route_id', cors(), function(req, res) {
  94     navAPI.delete(req).then(function(data) {
  95         utils.sendSuccessResponse(data, res);
  96     }, function(error) {
  97         utils.sendErrorResponse(error, res);
  98     });
  99 });
 100
 101
 102 module.exports = Router;