ï»¿
Your IP : 216.73.216.43

Current Path : /home/deltalab/PMS/partner-manager-backend/rest/routes/
Current File : //home/deltalab/PMS/partner-manager-backend/rest/routes/index.js
/* eslint-disable consistent-return */
const express = require('express');
const jwt = require('jsonwebtoken');

const partners = require('./partners');
const channels = require('./channels');
const warehouses = require('./warehouses');
const attributeSets = require('./attribute-sets');
const categories = require('./categories');
const tax = require('./tax');
const media = require('./media');
const buybutton = require('./buybutton');
const orders = require('./orders');
const listings = require('./listings');
const masters = require('./masters');
const charts = require('./charts');
const dataFiller = require('./data-filler');

const { productModel } = require('../../models/mongoose/product');
const { userModel } = require('../../models/mongoose/user');

const router = express.Router();

router.use((req, res, next) => {
  // check header or url parameters or post parameters for token
  const token = req.headers['x-access-token'];
  // decode token
  if (token) {
    // verifies secret and checks exp
    jwt.verify(token, process.env.JWT_SECRET, async (err, decoded) => {
      if (err) {
        // log activity
        return res.status(401).send({ success: false, message: 'Failed to authenticate token.' });
      }
      // if everything is good, save to request for use in other routes
      req.decoded = decoded;

      next();
    });
  } else {
    // if there is no token return an error
    return res.status(401).send({ success: false, message: 'No token provided.' });
  }
});

router.use(async (req, res, next) => {
  const user = await userModel.findById(req.decoded.userId);

  if (!user) {
    return res.status(401).send({ success: false, message: 'No valid user specified.' });
  }

  req.decoded.user = user;

  if (user.userType !== 'ADMIN') {
    // const partner = await partnerModel.findById(user.partnerId);
    if (req.params.partnerId && user.partnerId.toString() !== req.params.partnerId) {
      // if partner is not the same specified in the query, return an error
      return res.status(401).send({ success: false, message: 'Partner is not the same.' });
    }

    if (req.params.partnerId) {
      req.decoded.partnerId = req.params.partnerId;
    }

    if (req.params.productId) {
      const product = await productModel.findById(req.params.productId);
      if (product) {
        if (product.partnerId !== user.partnerId.toString()) {
          return res.status(401).send({ success: false, message: 'Product not available for this partner.' });
        }
      }
    }

    if (req.params.referenceId) {
      const product = await productModel.findById(req.params.referenceId);
      if (product) {
        if (product.partnerId !== user.partnerId.toString()) {
          return res.status(401).send({ success: false, message: 'Product not available for this partner.' });
        }
      }
    }

    // TODO: PER CATEGORIE, ATTRIBUTE SET E TAX
    // TODO: check channelId sulla base del partner dell'utente
    // TODO: valutare check storename (dai channel del partner) --> problema 'all' e di channelId default
  }

  next();
});

router.use('/partners', partners);
router.use('/channels', channels);
router.use('/warehouses', warehouses);
router.use('/attribute-sets', attributeSets);
router.use('/categories', categories);
router.use('/tax', tax);
router.use('/media', media);
router.use('/buybutton', buybutton);
router.use('/orders', orders);
router.use('/listings', listings);
router.use('/masters', masters);
router.use('/charts', charts);
router.use('/data-filler', dataFiller);

module.exports = router;