diff --git a/core/middleware.coffee b/core/middleware.coffee index 43af295..0171d7f 100644 --- a/core/middleware.coffee +++ b/core/middleware.coffee @@ -171,13 +171,10 @@ exports.requireAuthenticate = (req, res, next) -> res.error 403, 'auth_failed' exports.requireAdminAuthenticate = (req, res, next) -> - unless 'root' in req.account?.groups - if req.method == 'GET' - return res.status(403).end() - else - return res.error 'forbidden' - - next() + if 'root' in req.account?.groups + next() + else + res.error 403, 'forbidden' exports.requireInService = (service_name) -> return (req, res, next) -> diff --git a/core/router/admin.coffee b/core/router/admin.coffee index 23da85c..2073b8d 100644 --- a/core/router/admin.coffee +++ b/core/router/admin.coffee @@ -1,4 +1,7 @@ -{express, async, _} = app.libs +_ = require 'underscore' +Q = require 'q' + +{express} = app.libs {requireAdminAuthenticate} = app.middleware {Account, Ticket, Financials, CouponCode} = app.models {config} = app @@ -8,94 +11,86 @@ module.exports = exports = express.Router() exports.use requireAdminAuthenticate exports.get '/', (req, res) -> - Account.find {}, (err, accounts) -> - async.map app.applyHooks('view.admin.sidebars'), (hook, callback) -> - hook.generator req, (html) -> - callback null, html + Q.all([ + Account.find() + rp.applyHooks 'view.admin.sidebars', req.account, req: req, execute: 'generator' + ]).done ([accounts, sidebars_html]) -> + res.render 'admin', + accounts: accounts + sidebars_html: sidebars_html + , res.error - , (err, sidebars_html) -> - res.render 'admin', - accounts: accounts - sidebars_html: sidebars_html - coupon_code_types: _.keys config.coupons_meta +exports.get '/tickets', (req, res) -> + Ticket.getTicketsGroupByStatus( + opening: + limit: 10 + finished: + limit: 10 + closed: + limit: 10 + ).done (tickets) -> + res.render 'ticket/list', tickets + , res.error -exports.get '/account_details', (req, res) -> - Account.findById req.query.account_id, (err, account) -> - res.json _.omit account.toObject(), 'password', 'password_salt', 'tokens', '__v' +exports.post '/coupons/generate', (req, res) -> + CouponCode.createCodes(req.body, req.body.count).done (coupons) -> + res.json coupons + , res.error -exports.get '/ticket', (req, res) -> - LIMIT = 10 +exports.use '/user', do -> + router = express.Router() - async.parallel - pending: (callback) -> - Ticket.find - status: 'pending' - , null, - sort: - updated_at: -1 - , callback + router.param 'id', (req, res, next, user_id) -> + Account.findById(user_id).then (user) -> + _.extend req, + user: user - open: (callback) -> - Ticket.find - status: 'open' - , null, - sort: - updated_at: -1 - limit: LIMIT - , callback + unless user + return res.error 404, 'user_not_found' - finish: (callback) -> - Ticket.find - status: 'finish' - , null, - sort: - updated_at: -1 - limit: LIMIT - , callback + next() - closed: (callback) -> - Ticket.find - status: 'closed' - , null, - sort: - updated_at: -1 - limit: LIMIT - , callback + .catch res.error - , (err, result) -> - res.render 'ticket/list', result + router.param 'plan', (req, res, next, plan_name) -> + req.plan = plan = app.plans.byName plan_name -exports.post '/confirm_payment', (req, res) -> - Account.findById req.body.account_id, (err, account) -> - unless account - return res.error 'account_not_exist' + if plan + next() + else + res.error 'plan_not_found' - unless _.isFinite req.body.amount - return res.error 'invalid_amount' + router.get '/:id', (req, res) -> + res.json req.user.pick() - account.incBalance req.body.amount, 'deposit', - type: req.body.type + router.post '/:id/plan/:plan/join', (req, res) -> + req.plan.addMember(req.account).done -> + res.sendStatus 204 + , res.erro + + router.post '/:id/plan/:plan/leave', (req, res) -> + req.plan.removeMember(req.account).done -> + res.sendStatus 204 + , res.error + + router.post '/:id/deposits/create', (req, res) -> + Financials.createDepositRequest(req.user, req.body.amount, + provider: req.body.provider order_id: req.body.order_id - , (err) -> - return res.error err if err - res.json {} + ).then (financial) -> + if req.body.status + financial.updateStatus req.body.status + .done -> + res.sendStatus 204 + , res.error -exports.post '/delete_account', (req, res) -> - Account.findById req.body.account_id, (err, account) -> - unless account - return res.error 'account_not_exist' - - unless _.isEmpty account.billing.plans + router.delete '/:id', (req, res) -> + unless _.isEmpty account.plans return res.error 'already_in_plan' - unless account.billing.balance <= 0 + unless account.balance <= 0 return res.error 'balance_not_empty' - Account.findByIdAndRemove account._id, -> - res.json {} - -exports.post '/generate_coupon_code', (req, res) -> - coupon_code = _.pick req.body, 'expired', 'available_times', 'type', 'meta' - - CouponCode.createCodes coupon_code, req.body.count, (err, coupon_codes...) -> - res.json coupon_codes + req.user.remove().done -> + res.sendStatus 204 + , res.error diff --git a/core/router/component.coffee b/core/router/component.coffee index 7a9d7b0..a51304c 100644 --- a/core/router/component.coffee +++ b/core/router/component.coffee @@ -1,4 +1,4 @@ -{_, express} = app.libs +{express} = app.libs {logger} = app {requireAuthenticate} = app.middleware {Component} = app.models @@ -7,32 +7,27 @@ module.exports = exports = express.Router() exports.use requireAuthenticate -componentParam = (req, res, next, id) -> - Component.findById id, (err, component) -> - logger.error err if err +exports.use '/rest', do -> + rest.param 'id', (req, res, next, component_id) -> + Component.findById(component_id).then (component) -> + _.extend req, + component: component - unless component - return res.error 404, 'component_not_found' + unless component + return res.error 404, 'component_not_found' - unless component.hasMember req.account - unless req.account.isAdmin() - return res.error 403, 'component_forbidden' + unless component.hasMember req.account + unless req.account.isAdmin() + return res.error 403, 'component_forbidden' - _.extend req, - component: component + next() - next() - -exports.use '/resource', do -> - rest = new express.Router mergeParams: true - rest.param 'id', componentParam + .catch res.error rest.get '/', (req, res) -> - Component.getComponents req.account, (err, components) -> - if err - res.error err - else - res.json components + Component.getComponents(req.account).done (components) -> + res.json components + , res.error rest.post '/', (req, res) -> diff --git a/core/router/panel.coffee b/core/router/panel.coffee index e1e083c..016f2aa 100644 --- a/core/router/panel.coffee +++ b/core/router/panel.coffee @@ -1,110 +1,61 @@ -{express, async, _} = app.libs +_ = require 'underscore' + +{express} = app.libs {requireAuthenticate} = app.middleware {Account, Financials} = app.models -{billing, config} = app +{config} = app module.exports = exports = express.Router() exports.use requireAuthenticate -exports.post '/join_plan', (req, res) -> - {plan} = req.body +exports.use '/plan' do -> + router = express.Router() - unless billing.plans[plan] - return res.error 'invalid_plan' + router.param 'plan', (req, res, next, plan_name) -> + req.plan = plan = app.plans.byName plan_name - if req.account.inPlan plan - return res.error 'already_in_plan' - - if req.account.balance <= when_balance_below - return res.error 'insufficient_balance' - - billing.joinPlan req.account, plan, (err) -> - console.log err - if err - res.error err + if plan + next() else - res.status(204).json {} + res.error 'plan_not_found' -exports.post '/leave_plan', (req, res) -> - {plan} = req.body + router.post '/:plan/join', (req, res) -> + if req.account.balance <= config.billing.force_freeze.when_balance_below + return res.error 'insufficient_balance' - unless req.account.inPlan plan - return res.error 'not_in_plan' + unless req.plan.join_freely + return res.error 'cant_join_plan' - billing.leavePlan req.account, plan, (err) -> - if err - res.error err - else - res.status(204).json {} + req.plan.addMember(req.account).done -> + res.sendStatus 204 + , res.error + + router.post '/:plan/leave', (req, res) -> + req.plan.removeMember(req.account).done -> + res.sendStatus 204 + , res.error exports.get '/financials', (req, res) -> - LIMIT = 10 - - async.parallel - payment_methods: (callback) -> - async.map app.applyHooks('billing.payment_methods'), (hook, callback) -> - hook.widgetGenerator req, (html) -> - callback null, html - , callback - - deposit_log: (callback) -> - Financials.find - account_id: req.account._id - type: 'deposit' - , null, - sort: - created_at: -1 - limit: LIMIT - , (err, deposit_logs) -> - async.map deposit_logs, (deposit_log, callback) -> - deposit_log = deposit_log.toObject() - - matched_hook = _.find app.applyHooks('billing.payment_methods'), (hook) -> - return hook.type == deposit_log.payload.type - - unless matched_hook - return callback null, deposit_log - - matched_hook.detailsMessage req, deposit_log, (payment_details) -> - deposit_log.payment_details = payment_details - callback null, deposit_log - - , callback - - billing_log: (callback) -> - Financials.find - account_id: req.account._id - type: 'billing' - , null, - sort: - created_at: -1 - limit: LIMIT - , callback - - , (err, result) -> - res.render 'panel/financials', result + Q.all([ + rp.extends.payments.generateWidgets req + Financials.getDepositLogs req.account, req: req, limit: 10 + Financials.getBillingLogs req.account, limit: 10 + ]).done ([payment_providers, deposit_logs, billing_logs]) -> + res.render 'panel/financials', + payment_providers: payment_providers + deposit_logs: deposit_logs + billing_logs: billing_logs + , res.error exports.get '/components', (req, res) -> - templates = _.compact _.map req.account.availableComponentsTemplates(), (template_name) -> - return app.components[template_name] - res.render 'panel/components', - templates: templates + component_providers: rp.extend.components.all() exports.get '/', (req, res) -> - billing.triggerBilling req.account, (err, account) -> - return res.error err if err - - async.auto - widgets_html: (callback) -> - app.applyHooks('view.panel.widgets', account, - execute: 'generator' - req: req - ) callback - - , (err, result) -> - res.render 'panel', _.extend result, - account: account - plans: _.filter billing.plans, (plan) -> - return plan.join_freely + app.applyHooks('view.panel.widgets', req.account, + execute: 'generator' + ).done (widgets_html) -> + res.render 'panel', + widgets_html: widgets_html + , res.error diff --git a/core/router/ticket.coffee b/core/router/ticket.coffee index 647b2c1..543cd94 100644 --- a/core/router/ticket.coffee +++ b/core/router/ticket.coffee @@ -19,7 +19,9 @@ loadTicket = (req, res, next, ticket_id) -> unless req.account.isAdmin() return res.error 403, 'ticket_forbidden' - .done next, res.error + next() + + .catch res.error exports.param 'id', loadTicket diff --git a/core/view/panel.jade b/core/view/panel.jade index a7f84e3..947053f 100644 --- a/core/view/panel.jade +++ b/core/view/panel.jade @@ -5,8 +5,8 @@ prepend header append header link(rel='stylesheet', href='/style/panel.css') - for hook in applyHooks('view.panel.styles') - link(rel='stylesheet', href=hook.path) + for path in getHooks('view.panel.styles', {pluck: 'path'}) + link(rel='stylesheet', href=path) block main .row @@ -19,7 +19,7 @@ block main header= t('plan.') table.table.table-hover.plan-list tbody - for plan in plans + for plan in app.plans tr(data-name='#{plan.name}') td strong= t(plan.t_name) @@ -44,5 +44,5 @@ prepend sidebar append footer script(src='/script/panel.js') - for hook in applyHooks('view.panel.scripts') - script(src=hook.path) + for path in getHooks('view.panel.scripts', {pluck: 'path'}) + script(src=path)