-
Notifications
You must be signed in to change notification settings - Fork 3
/
server.js
executable file
·159 lines (128 loc) · 5.19 KB
/
server.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
(function () {
'use strict';
/**************************************************************************/
// Set this to false for installations, specifically created to allow
// access to UAB SAML authentication mechanism for privileged data
// access and editing.
var addUABAuth = false;
/**************************************************************************/
/*The following is for the external db*/
var restify = require('restify'),
serverObj = {
'1.0.0': require("./src_api/server_library.js"),
'2.0.0': require("./src_api/api_v2.0.0.js")
},
auth,
users,
cookieParser;
if (addUABAuth) {
auth = require("./src_auth/saml_auth2.js");
users = require("./src_auth/acceptedUsers.js");
cookieParser = require('restify-cookies');
} else {
// This will just return a basic use object for use with the v2 API
users = {};
users.permission = require("./src_auth/acceptedUsers.js").permission;
}
//, ObjectId = require('mongodb').ObjectID;
//Needs to impliment aggregate stuff (https://docs.mongodb.com/manual/reference/operator/aggregation/)
//Need to impliment mapreduce stuff
//Need to impliment projection stuff
//Good source for operators:
// https://docs.mongodb.com/manual/reference/operator/
//I am making sure to not allow any operators that can change the documents
// this is to ensure that this remains a query only server
//sets up the server stuff
// var server1 = restify.createServer({
// accept: ['application/json', 'image/tif', 'image/png']
// });
// server1.use(restify.queryParser());
// server1.use(restify.CORS({}));
// server1.get(/\/img\/kinome\/?.*/, restify.serveStatic({
// directory: "/var/www"
// }));
// //http://138.26.31.155:8000/img/kinome/631308613_W1_F1_T200_P154_I1313_A30.tif
// /*the following is for the internal db (accesible as a registered UAB user only)*/
// server1.get("/db/:db_name/:collection_name", grabDbName);
// server1.get("/db/:db_name/:collection_name/:doc_id", grabDocument);
// server1.listen(8000, function () {
// console.log('%s listening at %s', server1.name, server1.url);
// });
/*
This file is for the general external server. Use this to make your own
server.
*/
var server = restify.createServer({
accept: ['application/json']
});
server.use(restify.queryParser());
server.use(restify.bodyParser());
server.use(restify.CORS({credentials: true}));
if (addUABAuth) {
server.use(cookieParser.parse);
}
//static serving of flat files
server.get(/\/img\/kinome\/?.*/, restify.serveStatic({
directory: "/var/www"
}));
server.get(/\/file\/?.*/, restify.serveStatic({
directory: "/var/www/global_files"
}));
/*The following is for the internal db*/
server.get("/1.0.0/:collection_name", serverObj["1.0.0"].grabDbName);
server.get("/1.0.0/:collection_name/:doc_id", serverObj["1.0.0"].grabDocument);
/////////////////
// API v 2.0.0 //
/////////////////
// databse/collection methods
server.get("/2.0.0/:database/:collection", serverObj["2.0.0"].list);
server.post("/2.0.0/:database/:collection", serverObj["2.0.0"].post);
// database/collection/document methods
server.get("/2.0.0/:database/:collection/:doc_id", serverObj["2.0.0"].get);
server.patch("/2.0.0/:database/:collection/:doc_id", serverObj["2.0.0"].patch);
// check permissions (if no auth mechanism is in place, this will return
// default settings in src_auth/acceptedUsers)
server.get('/auth/:database/:collection', function (req, res, next) {
users.permission(req).then(function (perms) {
res.send(perms);
}).catch(function (err) {
var code = "500";
console.log(err);
if (err.message.match(/^(\d{3}):/)) {
code = err.message.replace(/^(\d{3}):[\s\S]+/, "$1");
}
//send it back with the code and the object
res.send(code * 1, {
error: {
code: code,
message: err.message
}
});
});
return next();
});
//lists the permissions (temporary)
server.get("/test", function (req, res, next) {
users.permission(req).then(function (perms) {
if (perms.email) {
res.send({logged_in: true, data: [perms], message: "Based on Cookies this user is logged in."});
} else {
res.send({logged_in: false, resp: perms, message: "Based on Cookies this user is not logged in."});
}
return next();
});
});
/////////////////
// v 2.0.0 END //
/////////////////
// Login parameters
if (addUABAuth) {
server.get("/login", auth.login);
server.post("/login/callback", auth.post_token(users.new_login));
server.get("/metadata", auth.metadata);
}
// Listen
server.listen(8000, function () {
console.log('%s listening at %s', server.name, server.url);
});
}());